wklejto.pl

Dodane przez: ~pruuum (2019-05-24 19:49) -> text
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.
61.
62.
63.
64.
65.
66.
67.
68.
69.
70.
71.
72.
73.
74.
75.
76.
77.
78.
79.
80.
81.
82.
83.
84.
85.
86.
87.
88.
89.
90.
91.
92.
93.
94.
95.
96.
97.
98.
99.
100.
101.
102.
103.
104.
105.
106.
107.
108.
109.
110.
111.
112.
113.
114.
115.
116.
117.
118.
119.
120.
121.
122.
123.
124.
125.
126.
127.
128.
129.
130.
131.
132.
133.
134.
135.
136.
137.
138.
139.
140.
141.
142.
143.
144.
145.
146.
147.
148.
149.
150.
151.
152.
153.
154.
155.
156.
157.
158.
159.
160.
161.
162.
163.
164.
165.
166.
167.
168.
169.
170.
171.
172.
173.
174.
175.
176.
177.
178.
179.
180.
181.
182.
183.
184.
185.
186.
187.
188.
189.
190.
191.
192.
193.
194.
195.
196.
197.
198.
199.
200.
201.
202.
203.
204.
205.
206.
207.
208.
209.
210.
211.
212.
213.
214.
215.
216.
217.
218.
219.
220.
221.
222.
223.
224.
225.
226.
227.
228.
229.
230.
231.
232.
233.
234.
235.
236.
237.
238.
239.
240.
241.
242.
243.
244.
245.
OTL logfile created on: 2019-05-23 17:57:48 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\MAC\Documents
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17843)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
1,99 Gb Total Physical Memory | 1,20 Gb Available Physical Memory | 60,13% Memory free
3,98 Gb Paging File | 3,18 Gb Available in Paging File | 79,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 72,54 Gb Total Space | 44,23 Gb Free Space | 60,98% Space Free | Partition Type: NTFS
 
Computer Name: MAC-KOMPUTER | User Name: MAC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2019-05-23 17:57:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MAC\Documents\OTL.exe
PRC - [2019-05-20 17:07:47 | 009,656,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2019-05-20 16:51:56 | 000,317,280 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2019-05-20 16:51:09 | 005,398,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswidsagent.exe
PRC - [2018-01-06 21:37:30 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-11-20 05:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 05:16:56 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2007-02-06 12:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2019-05-20 16:52:56 | 000,578,440 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\streamback.dll
MOD - [2018-05-27 19:19:52 | 067,126,928 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2019-05-20 16:51:56 | 000,317,280 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2019-05-20 16:51:09 | 005,398,416 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\aswidsagent.exe -- (aswbIDSAgent)
SRV - [2019-05-14 00:45:20 | 001,055,728 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Program Files\Google\Chrome\Application\74.0.3729.157\elevation_service.exe -- (GoogleChromeElevationService)
SRV - [2018-12-16 20:29:48 | 000,083,984 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2018-01-06 21:38:39 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2009-07-14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-02-06 12:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2019-05-20 17:07:44 | 000,312,464 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2019-05-20 17:07:39 | 000,403,408 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2019-05-20 16:53:58 | 000,165,464 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2019-05-20 16:53:54 | 000,138,480 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2019-05-20 16:53:54 | 000,101,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2019-05-20 16:53:54 | 000,073,008 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2019-05-20 16:53:50 | 000,040,904 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2019-05-20 16:53:49 | 000,194,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswHdsKe.sys -- (aswHdsKe)
DRV - [2019-05-20 16:51:49 | 000,172,424 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswArPot.sys -- (aswArPot)
DRV - [2019-05-20 16:51:47 | 000,034,720 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswArDisk.sys -- (aswArDisk)
DRV - [2019-05-20 16:51:42 | 000,783,232 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2019-05-20 16:50:35 | 000,051,264 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\System32\drivers\aswbuniv.sys -- (aswbuniv)
DRV - [2019-05-20 16:50:34 | 000,255,360 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\System32\drivers\aswblog.sys -- (aswblog)
DRV - [2019-05-20 16:50:33 | 000,220,128 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswbidsdriver.sys -- (aswbidsdriver)
DRV - [2019-05-20 16:50:33 | 000,158,240 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\System32\drivers\aswbidsh.sys -- (aswbidsh)
DRV - [2017-09-19 16:46:28 | 000,105,200 | ---- | M] (Future Technology Devices International Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2017-09-19 16:46:28 | 000,075,896 | ---- | M] (Future Technology Devices International Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2010-11-20 05:30:16 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 05:30:16 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 05:30:16 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 03:24:42 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 02:14:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 02:14:42 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009-07-14 01:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009-07-14 00:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009-07-14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.pl/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0A B2 F7 1F 20 87 D3 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {41A18E5E-D769-4FE1-9B04-14C824FC1995}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{41A18E5E-D769-4FE1-9B04-14C824FC1995}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.201.2: C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.201.2: C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll (Google LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll (Google LLC)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - Extension: No name found = C:\Users\MAC\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.1.0_0\
CHR - Extension: No name found = C:\Users\MAC\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\19.1.1344_0\
CHR - Extension: No name found = C:\Users\MAC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\19.1.212_0\
CHR - Extension: No name found = C:\Users\MAC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\
CHR - Extension: No name found = C:\Users\MAC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7419.311.0.0_0\
 
O1 HOSTS File: ([2019-05-08 17:34:25 | 000,000,922 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 genuine.microsoft.com
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1 sls.microsoft.com
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.8.0_201\bin\jusched.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinstall-1_8_0_201-windows-i586.cab (Java Plug-in 11.201.2)
O16 - DPF: {CAFEEFAC-0018-0000-00201-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_201-windows-i586.cab (Java Plug-in 1.8.0_201)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_201-windows-i586.cab (Java Plug-in 11.201.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96F52E36-00BF-4632-9532-96E850DD865E}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0175E41-42FC-40A4-BC42-89FE6580079D}: DhcpNameServer = 192.168.100.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2019-05-23 17:57:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\MAC\Documents\OTL.exe
[2019-05-20 17:46:11 | 000,000,000 | ---D | C] -- C:\Users\MAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartupDisabled
[2019-05-20 17:20:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odkurzacz
[2019-05-20 17:20:29 | 000,000,000 | ---D | C] -- C:\Program Files\Odkurzacz
[2019-05-20 17:19:51 | 000,000,000 | ---D | C] -- C:\Users\MAC\AppData\Local\Programs
[2019-05-20 17:00:35 | 000,040,904 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2019-05-20 17:00:29 | 000,034,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswArDisk.sys
[2019-05-20 17:00:26 | 000,051,264 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswbuniv.sys
[2019-05-20 17:00:23 | 000,255,360 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswblog.sys
[2019-05-20 17:00:21 | 000,158,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswbidsh.sys
[2019-05-20 17:00:17 | 000,220,128 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswbidsdriver.sys
[2019-05-20 16:58:01 | 000,311,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2019-05-23 17:57:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MAC\Documents\OTL.exe
[2019-05-23 17:44:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2019-05-23 17:44:21 | 1603,870,720 | -HS- | M] () -- C:\hiberfil.sys
[2019-05-23 17:40:03 | 000,010,128 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2019-05-23 17:40:02 | 000,010,128 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2019-05-23 17:24:54 | 160,251,971 | ---- | M] () -- C:\Users\MAC\Documents\Windows 7 x64 Recovery Disc.7z
[2019-05-22 17:22:35 | 000,284,256 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2019-05-20 17:20:36 | 000,002,009 | ---- | M] () -- C:\Users\MAC\Desktop\Pomocna Myszka - Pogotowie komputerowe.lnk
[2019-05-20 17:20:36 | 000,001,045 | ---- | M] () -- C:\Users\MAC\Desktop\Odkurzacz.lnk
[2019-05-20 17:07:44 | 000,312,464 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswVmm.sys
[2019-05-20 17:07:39 | 000,403,408 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2019-05-20 17:07:39 | 000,000,077 | ---- | M] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2019-05-20 17:07:26 | 000,000,342 | -H-- | M] () -- C:\Windows\tasks\Avast Emergency Update.job
[2019-05-20 16:53:58 | 000,165,464 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2019-05-20 16:53:54 | 000,138,480 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2019-05-20 16:53:54 | 000,101,200 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2019-05-20 16:53:54 | 000,073,008 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRvrt.sys
[2019-05-20 16:53:50 | 000,040,904 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2019-05-20 16:53:49 | 000,194,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswHdsKe.sys
[2019-05-20 16:53:03 | 000,311,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2019-05-20 16:51:49 | 000,172,424 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswArPot.sys
[2019-05-20 16:51:47 | 000,034,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswArDisk.sys
[2019-05-20 16:51:42 | 000,783,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2019-05-20 16:50:35 | 000,051,264 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswbuniv.sys
[2019-05-20 16:50:34 | 000,255,360 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswblog.sys
[2019-05-20 16:50:33 | 000,220,128 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswbidsdriver.sys
[2019-05-20 16:50:33 | 000,158,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswbidsh.sys
[2019-05-19 17:38:30 | 000,002,135 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2019-05-19 15:47:17 | 000,687,828 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2019-05-19 15:47:17 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2019-05-19 15:47:17 | 000,131,382 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2019-05-19 15:47:17 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2019-05-23 17:23:44 | 160,251,971 | ---- | C] () -- C:\Users\MAC\Documents\Windows 7 x64 Recovery Disc.7z
[2019-05-20 17:20:36 | 000,002,009 | ---- | C] () -- C:\Users\MAC\Desktop\Pomocna Myszka - Pogotowie komputerowe.lnk
[2019-05-20 17:20:36 | 000,001,045 | ---- | C] () -- C:\Users\MAC\Desktop\Odkurzacz.lnk
[2019-05-20 17:07:39 | 000,000,077 | ---- | C] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2019-05-20 17:07:26 | 000,000,342 | -H-- | C] () -- C:\Windows\tasks\Avast Emergency Update.job
[2018-11-23 19:31:49 | 000,033,193 | ---- | C] () -- C:\Users\MAC\AppData\Roaming\UserTile.png
[2018-06-03 15:01:13 | 000,007,610 | ---- | C] () -- C:\Users\MAC\AppData\Local\Resmon.ResmonCfg
[2018-05-27 19:49:53 | 000,029,574 | ---- | C] () -- C:\Windows\SETUP1.EXE
[2018-01-06 21:57:49 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2018-01-06 16:31:25 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010-11-20 05:21:20 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 05:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 60 bytes -> C:\Windows\System32:1464242f5a
@Alternate Data Stream - 590 bytes -> C:\Users\MAC\AppData\Local\Temp:1206f44048
@Alternate Data Stream - 3613 bytes -> C:\ProgramData:3f80b7866a646e
@Alternate Data Stream - 3501 bytes -> C:\ProgramData:fe93a19e34e9a
@Alternate Data Stream - 3483 bytes -> C:\Program Files\AcGasSynchro II:60609da9
@Alternate Data Stream - 1278 bytes -> C:\Windows:ecde8b8c58b22
@Alternate Data Stream - 1013 bytes -> C:\Program Files\Common Files:51059ffaeb890
 
< End of report >
 
Wygenerowano w 0.030s, przy pomocy GeSHi 1.0.8
'
Podziel się na Facebook Podziel się na BLIP Podziel się na Twitter Podziel się na Buzz Podziel się na Flaker Dodaj zakładkę Google Podziel się na Delicious Wykop to!

Nowy Komentarz:

Komentarze:

Brak Komentarzy!