Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:25-12-2015 Uruchomiony przez cicilia (administrator) CICI (14-01-2016 19:50:30) Uruchomiony z C:\Users\cicilia\Desktop Załadowane profile: cicilia (Dostępne profile: cicilia) Platform: Windows 8.1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Taiwan Shui Mu Chih Ching Technology Limited) C:\Program Files (x86)\WinZipper\winzipersvc.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\ProgramData\MobileBrServ\mbbService.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\ns.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\ns.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [915160 2014-05-12] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [217088 2014-06-06] (Realtek Semiconductor Corporation) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] () HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.) HKU\S-1-5-21-217704860-3642134-2051443247-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd) HKU\S-1-5-21-217704860-3642134-2051443247-1001\...\MountPoints2: {3be94c54-9077-11e5-827b-40e2307a574c} - "F:\autorun.exe" HKU\S-1-5-21-217704860-3642134-2051443247-1001\...\MountPoints2: {b0f5f92d-e759-11e4-8263-40e2307a574c} - "G:\autorun.exe" HKU\S-1-5-21-217704860-3642134-2051443247-1001\...\MountPoints2: {b0f61050-e759-11e4-8263-40e2307a574c} - "F:\AutoRun.exe" ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{6668A158-54D6-4B90-A1C5-4AE97871A332}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{BD25DB18-787B-410A-81C7-E1CA480E2BC1}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{E528FA17-2EBC-4C75-ACF4-4A0153CE9194}: [DhcpNameServer] 192.168.8.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1450776804&z=d0bba9a8275e377ab3f8c2ag4zfwcebmem3qfb6e9o&from=wpm07173&uid=ST1000LM024XHN-M101MBB_S32XJ9AFC02001 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1450776804&z=d0bba9a8275e377ab3f8c2ag4zfwcebmem3qfb6e9o&from=wpm07173&uid=ST1000LM024XHN-M101MBB_S32XJ9AFC02001 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartpageing.com/web/?type=ds&ts=1448364722&z=6182b763b6d3aa10aa6baf2g9zcz5bec4q1zem4o3o&from=cornl&uid=st1000lm024xhn-m101mbb_s32xj9afc02001&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartpageing.com/web/?type=ds&ts=1448364722&z=6182b763b6d3aa10aa6baf2g9zcz5bec4q1zem4o3o&from=cornl&uid=st1000lm024xhn-m101mbb_s32xj9afc02001&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1450776804&z=d0bba9a8275e377ab3f8c2ag4zfwcebmem3qfb6e9o&from=wpm07173&uid=ST1000LM024XHN-M101MBB_S32XJ9AFC02001 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1450776804&z=d0bba9a8275e377ab3f8c2ag4zfwcebmem3qfb6e9o&from=wpm07173&uid=ST1000LM024XHN-M101MBB_S32XJ9AFC02001 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartpageing.com/web/?type=ds&ts=1448364722&z=6182b763b6d3aa10aa6baf2g9zcz5bec4q1zem4o3o&from=cornl&uid=st1000lm024xhn-m101mbb_s32xj9afc02001&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartpageing.com/web/?type=ds&ts=1448364722&z=6182b763b6d3aa10aa6baf2g9zcz5bec4q1zem4o3o&from=cornl&uid=st1000lm024xhn-m101mbb_s32xj9afc02001&q={searchTerms} HKU\S-1-5-21-217704860-3642134-2051443247-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.yoursites123.com/web/?type=ds&ts=1449657586&z=76c14a860f57e0c33eb912eg9z1z9tfq5w6mcw6b3w&from=ient07021&uid=ST1000LM024XHN-M101MBB_S32XJ9AFC02001&q={searchTerms} HKU\S-1-5-21-217704860-3642134-2051443247-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1450776804&z=d0bba9a8275e377ab3f8c2ag4zfwcebmem3qfb6e9o&from=wpm07173&uid=ST1000LM024XHN-M101MBB_S32XJ9AFC02001 HKU\S-1-5-21-217704860-3642134-2051443247-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1450776804&z=d0bba9a8275e377ab3f8c2ag4zfwcebmem3qfb6e9o&from=wpm07173&uid=ST1000LM024XHN-M101MBB_S32XJ9AFC02001 HKU\S-1-5-21-217704860-3642134-2051443247-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.yoursites123.com/web/?type=ds&ts=1449657586&z=76c14a860f57e0c33eb912eg9z1z9tfq5w6mcw6b3w&from=ient07021&uid=ST1000LM024XHN-M101MBB_S32XJ9AFC02001&q={searchTerms} SearchScopes: HKLM -> DefaultScope - brak wartości SearchScopes: HKLM-x32 -> DefaultScope - brak wartości BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-12-17] (Microsoft Corporation) BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-12-17] (Microsoft Corporation) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) FireFox: ======== FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-12-17] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFAddon FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFAddon [2016-01-14] FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.4.24\coFFAddon Chrome: ======= CHR HomePage: Default -> hxxp://www.google.pl/ CHR StartupUrls: Default -> "hxxp://www.google.pl/" CHR Profile: C:\Users\cicilia\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Dokumenty Google) - C:\Users\cicilia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-24] CHR Extension: (Dysk Google) - C:\Users\cicilia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-24] CHR Extension: (YouTube) - C:\Users\cicilia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-24] CHR Extension: (Google Search) - C:\Users\cicilia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-24] CHR Extension: (Dokumenty Google offline) - C:\Users\cicilia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-24] CHR Extension: (Skype) - C:\Users\cicilia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-24] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\cicilia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-24] CHR Extension: (Gmail) - C:\Users\cicilia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-24] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\Exts\Chrome.crx [2015-12-27] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\Exts\Chrome.crx [2015-12-27] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Brak podpisu cyfrowego] R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [43224 2014-07-03] (Realtek Semiconductor Corporation) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [94720 2014-04-29] () [Brak podpisu cyfrowego] R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2748600 2015-12-04] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-05-31] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-05-31] (Dropbox, Inc.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-18] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation) R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [237424 2014-03-31] () [Brak podpisu cyfrowego] R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\NS.exe [282016 2015-11-20] (Symantec Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [711344 2015-12-14] (Taiwan Shui Mu Chih Ching Technology Limited) <==== UWAGA S2 McAfee SiteAdvisor Service; "c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe" [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-09-19] (ASUS Corporation) R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.4.24\Definitions\BASHDefs\20160104.001\BHDrvx64.sys [1665608 2015-12-18] (Symantec Corporation) R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605050.00F\ccSetx64.sys [173808 2015-09-23] (Symantec Corporation) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-24] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47160 2015-11-24] (Disc Soft Ltd) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-04-20] (DT Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-12] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-12] (Symantec Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.4.24\Definitions\IPSDefs\20160113.001\IDSvia64.sys [767224 2015-12-25] (Symantec Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( ) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation) R3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160113.067\ENG64.SYS [138488 2015-10-16] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.4.24\Definitions\VirusDefs\20160113.067\EX64.SYS [2148080 2015-10-16] (Symantec Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation) R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows (R) Win 7 DDK provider) S3 RtkA2dp; C:\Windows\system32\drivers\RtkA2dp.sys [178392 2014-09-24] (Realtek Semiconductor Corporation) S3 RtkAvrcp; C:\Windows\System32\drivers\RtkAvrcp.sys [59608 2014-05-22] (Realtek Semiconductor Corporation) S3 RtkAvrcpCtrlr; C:\Windows\System32\drivers\RtkAvrcpCtrlr.sys [69848 2013-06-20] (Realtek Semiconductor Corporation) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [580824 2014-10-14] (Realtek Semiconductor Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-18] (Realsil Semiconductor Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3593432 2014-10-07] (Realtek Semiconductor Corporation ) R1 SRTSP; C:\Windows\System32\Drivers\NSx64\1605050.00F\SRTSP64.SYS [928496 2015-11-12] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605050.00F\SRTSPX64.SYS [50936 2015-09-23] (Symantec Corporation) R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-12] (Symantec Corporation) S0 SymELAM; C:\Windows\System32\drivers\NSx64\1605050.00F\SymELAM.sys [24192 2015-09-23] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-12-27] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NSx64\1605050.00F\Ironx64.SYS [297720 2015-09-23] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605050.00F\SYMNETS.SYS [577768 2015-11-12] (Symantec Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) U0 msahci; system32\drivers\msahci.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-01-14 19:50 - 2016-01-14 19:51 - 00029256 _____ C:\Users\cicilia\Desktop\FRST.txt 2016-01-09 16:26 - 2016-01-09 16:27 - 00000000 ____D C:\Users\cicilia\Desktop\Sylwester Holandia 15-16 2016-01-07 14:06 - 2016-01-07 14:19 - 651407666 _____ C:\Users\cicilia\Downloads\00 Sukces 2015 - Ewa Chodakowska cały trening.avi 2016-01-06 19:39 - 2016-01-14 17:24 - 00000000 ____D C:\Windows\System32\Tasks\Remediation 2015-12-28 21:45 - 2015-12-28 21:45 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security 2015-12-28 21:43 - 2015-12-28 21:43 - 00003216 _____ C:\Windows\System32\Tasks\Norton WSC Integration 2015-12-27 14:47 - 2015-12-28 19:59 - 00002326 _____ C:\Users\Public\Desktop\Norton Security.LNK 2015-12-27 14:47 - 2015-12-27 14:47 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 2015-12-27 14:47 - 2015-12-27 14:47 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT 2015-12-27 14:47 - 2015-12-27 14:47 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared 2015-12-27 14:46 - 2015-12-28 20:25 - 00000000 ____D C:\Windows\system32\Drivers\NSx64 2015-12-27 14:45 - 2015-12-28 19:59 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security 2015-12-27 14:45 - 2015-12-27 14:46 - 00000000 ____D C:\Program Files (x86)\Norton Security 2015-12-27 14:38 - 2015-12-27 14:38 - 00000000 ____D C:\ProgramData\NortonInstaller 2015-12-27 14:38 - 2015-12-27 14:38 - 00000000 ____D C:\Program Files (x86)\NortonInstaller 2015-12-27 14:34 - 2015-12-27 14:49 - 00000000 ____D C:\ProgramData\Norton 2015-12-27 14:34 - 2015-12-27 14:45 - 00001303 _____ C:\Users\cicilia\Desktop\Pliki instalacyjne Norton.lnk 2015-12-27 14:34 - 2015-12-27 14:34 - 00000000 ____D C:\Users\Public\Downloads\Norton 2015-12-27 14:33 - 2015-12-27 14:34 - 01110736 _____ (Symantec Corporation) C:\Users\cicilia\Downloads\NSDownloader.exe 2015-12-25 15:55 - 2015-12-25 15:55 - 00000000 ____D C:\Users\cicilia\Desktop\FRST-OlderVersion 2015-12-24 18:44 - 2015-12-24 18:50 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-12-24 18:44 - 2015-12-24 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-12-24 18:42 - 2015-12-24 18:42 - 01503872 _____ (Skype Technologies S.A.) C:\Users\cicilia\Downloads\SkypeSetup.exe 2015-12-22 14:15 - 2015-12-29 20:04 - 00000000 ____D C:\Users\cicilia\Desktop\muza na holllland 2015-12-22 10:34 - 2016-01-14 17:29 - 00000000 ____D C:\Program Files (x86)\WinZipper 2015-12-22 10:34 - 2015-12-22 10:34 - 00000000 ____D C:\Users\cicilia\AppData\Roaming\WinZipper 2015-12-22 10:34 - 2015-12-22 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper 2015-12-22 10:33 - 2015-12-28 23:30 - 00000000 ____D C:\ProgramData\7WdM7 2015-12-22 10:33 - 2015-12-27 15:14 - 00000000 ____D C:\ProgramData\ZWdMZ ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-01-14 19:50 - 2015-12-10 19:52 - 00000000 ____D C:\FRST 2016-01-14 19:48 - 2015-03-31 17:34 - 00003590 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-217704860-3642134-2051443247-1001 2016-01-14 19:44 - 2015-12-04 17:54 - 00001535 _____ C:\Users\cicilia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk 2016-01-14 19:44 - 2015-03-31 17:30 - 00000093 _____ C:\Users\cicilia\AppData\Roaming\sp_data.sys 2016-01-14 19:43 - 2015-05-31 14:25 - 00001160 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2016-01-14 19:43 - 2015-05-20 19:45 - 00000000 ___RD C:\Users\cicilia\OneDrive 2016-01-14 19:43 - 2015-03-31 17:37 - 00001062 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-14 17:45 - 2015-03-31 17:37 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-14 17:35 - 2015-05-31 14:25 - 00001164 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2016-01-14 17:29 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-14 17:29 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-01-14 17:28 - 2015-03-31 17:27 - 00000000 ____D C:\Users\cicilia 2016-01-14 17:21 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2016-01-14 17:04 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2016-01-14 16:56 - 2015-05-13 18:42 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1 2016-01-14 16:56 - 2015-05-13 18:42 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2 2016-01-14 16:55 - 2015-03-31 17:35 - 00003976 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B6BF768E-64B3-4723-BA07-E8E0EDAB44C4} 2016-01-09 16:28 - 2014-10-21 12:14 - 00807160 _____ C:\Windows\system32\perfh015.dat 2016-01-09 16:28 - 2014-10-21 12:14 - 00163478 _____ C:\Windows\system32\perfc015.dat 2016-01-09 16:28 - 2014-03-18 16:26 - 01825074 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-09 16:28 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2016-01-07 14:27 - 2015-08-23 15:00 - 01378816 ___SH C:\Users\cicilia\Downloads\Thumbs.db 2016-01-07 11:49 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF 2016-01-06 23:17 - 2015-11-24 12:32 - 00000000 ____D C:\Program Files (x86)\RayDld 2016-01-06 19:39 - 2015-12-03 20:05 - 00000000 ____D C:\Program Files\Common Files\AV 2016-01-06 19:36 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2016-01-06 13:17 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2015-12-28 23:30 - 2015-12-09 11:39 - 00000000 ____D C:\ProgramData\gWdMg 2015-12-27 22:37 - 2015-04-30 20:05 - 00000000 ____D C:\ProgramData\MobileBrServ 2015-12-27 18:04 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports 2015-12-27 14:56 - 2015-12-09 11:39 - 00000000 ____D C:\ProgramData\XWdMX 2015-12-27 14:45 - 2015-04-06 10:57 - 00140800 ___SH C:\Users\cicilia\Desktop\Thumbs.db 2015-12-27 14:43 - 2015-05-31 14:16 - 00000000 ____D C:\ProgramData\AVAST Software 2015-12-27 14:43 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2015-12-26 09:48 - 2015-10-14 18:34 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-12-26 09:48 - 2015-10-14 18:34 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-25 15:55 - 2015-12-11 19:37 - 02370560 _____ (Farbar) C:\Users\cicilia\Desktop\FRST64.exe 2015-12-24 21:10 - 2015-04-22 16:02 - 00000000 ____D C:\Users\cicilia\AppData\Roaming\Skype 2015-12-24 18:44 - 2015-04-22 16:02 - 00000000 ____D C:\Users\cicilia\AppData\Local\Skype 2015-12-24 18:44 - 2014-10-21 05:29 - 00000000 ____D C:\ProgramData\Skype 2015-12-22 21:03 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2015-12-18 18:28 - 2015-05-07 21:17 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-12-18 18:28 - 2015-05-07 21:17 - 00000000 ___SD C:\Windows\system32\GWX 2015-12-17 09:26 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2015-12-17 09:24 - 2014-10-21 05:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2015-12-16 22:41 - 2015-03-31 17:37 - 00002517 _____ C:\Users\Public\Desktop\Google Chrome.lnk ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-03-31 17:30 - 2016-01-14 19:44 - 0000093 _____ () C:\Users\cicilia\AppData\Roaming\sp_data.sys 2015-03-31 17:28 - 2016-01-14 19:43 - 1008790 _____ () C:\Users\cicilia\AppData\Local\BTServer.log 2014-10-21 05:28 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2014-10-21 05:28 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2014-10-21 05:28 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-01-07 12:08 ==================== Koniec FRST.txt ============================