Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 05-02-2017 Uruchomiony przez Monika (administrator) MONIKASALAMON (08-02-2017 11:37:14) Uruchomiony z C:\Users\TEMP\Desktop Załadowane profile: UpdatusUser & Monika & (Dostępne profile: UpdatusUser & Monika) <==== UWAGA (Profil tymczasowy?) Platform: Windows 8.1 (Update) (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: IE) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Western Digital) C:\Program Files\Western Digital\WD Boost\WDBoost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.253.0\McCSPServiceHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe (Sony Corporation) C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe (Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2013-12-11] (Realtek Semiconductor) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation) HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-04-15] (Intel Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3178937606-276424082-2874363280-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017235403835\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation) HKU\S-1-5-21-3178937606-276424082-2874363280-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017235405289\...\Run: [Dropbox Update] => C:\Users\Monika\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) HKU\S-1-5-21-3178937606-276424082-2874363280-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017235405289\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.) HKU\S-1-5-21-3178937606-276424082-2874363280-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017235405289\...\Policies\Explorer: [] HKU\S-1-5-21-3178937606-276424082-2874363280-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017235405289\...\MountPoints2: {2408d687-d935-11e5-beae-0c8bfd8c2912} - "D:\Startme.exe" HKU\S-1-5-21-3178937606-276424082-2874363280-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017235405289\...\MountPoints2: {c4e7d6ce-de2a-11e6-bed6-0c8bfd8c2912} - "D:\startme.exe" HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [184048 2013-12-17] (NVIDIA Corporation) AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-12-17] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-12-17] (NVIDIA Corporation) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Brak pliku ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Brak pliku ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> Brak pliku ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> Brak pliku ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Brak pliku ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> Brak pliku ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Brak pliku ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> Brak pliku ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-19] (AVAST Software) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 194.204.152.34 194.204.159.1 Tcpip\..\Interfaces\{36AD16AE-C297-4F99-A427-888B9ADBCAE3}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{A1432318-FFBC-4B52-B78D-15A16B346E82}: [DhcpNameServer] 194.204.152.34 194.204.159.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3178937606-276424082-2874363280-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com/?pc=SEJB HKU\S-1-5-21-3178937606-276424082-2874363280-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com/?pc=SEJB HKU\S-1-5-21-3178937606-276424082-2874363280-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu HKU\S-1-5-21-3178937606-276424082-2874363280-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017235405289\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3178937606-276424082-2874363280-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017235405289\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu URLSearchHook: [S-1-5-21-3178937606-276424082-2874363280-1001] UWAGA => Brak domyślnego URLSearchHook URLSearchHook: [S-1-5-21-3178937606-276424082-2874363280-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017235403835] UWAGA => Brak domyślnego URLSearchHook SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-21] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-25] (AVAST Software) BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-01-09] (McAfee, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-21] (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-21] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-25] (AVAST Software) BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-01-09] (McAfee, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-21] (Oracle Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-01-09] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-01-09] (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2016-12-21] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-12-21] (McAfee, Inc.) FireFox: ======== FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-19] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-19] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-02-06] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-02-06] [Brak podpisu cyfrowego] FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2014-10-21] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-10-21] (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-12-21] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-07-15] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-07-15] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2014-10-21] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-21] (Oracle Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll [Brak pliku] FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-12-21] () FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-04-01] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3178937606-276424082-2874363280-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017235405289: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-04-15] (Intel) FF Plugin HKU\S-1-5-21-3178937606-276424082-2874363280-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02072017235405289: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-04-15] (Intel) Chrome: ======= CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.) S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-19] (AVAST Software) R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-05-28] (Intel) R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1701840 2016-12-08] (Intel Security) S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2015-02-04] (Intel Corporation) R2 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe [3727360 2010-09-17] (Firebird Project) [Brak podpisu cyfrowego] R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-04-01] (WildTangent) R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-07-15] (Intel Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156616 2013-07-03] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-07-15] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-01-09] (McAfee, Inc.) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-18] (McAfee, Inc.) R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.) S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.253.0\\McCSPServiceHost.exe [2053568 2016-11-16] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1342904 2016-12-15] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.) R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.) S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-10-29] () S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego] S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-07-27] (Sony Corporation) R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation) S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-12-11] (Realtek Semiconductor) S4 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2015-02-04] (Intel Corporation) R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2015-02-04] (Intel Corporation) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation) R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation) R2 WD Boost; C:\Program Files\Western Digital\WD Boost\WDBoost.exe [61712 2013-07-16] (Western Digital) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-08-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-08-12] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3818704 2014-10-29] (Intel® Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [77912 2015-09-23] (SafeNet Inc.) S3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [322560 2015-09-23] (SafeNet Inc.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-19] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-19] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-19] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-19] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-19] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-19] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-23] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-19] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software) R3 btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [1385272 2013-04-23] (Motorola Solutions, Inc.) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.) R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [350552 2015-09-23] (SafeNet Inc.) R1 hiofs; C:\WINDOWS\System32\DRIVERS\hiofs.sys [28944 2013-07-16] (Western Digital) R0 hiosd; C:\WINDOWS\System32\DRIVERS\hiosd.sys [234768 2013-07-16] (Western Digital) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [115656 2013-06-03] (Intel Corporation) R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [77992 2013-11-28] (Intel Corporation) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (EZB Systems, Inc.) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251848 2017-02-07] (Malwarebytes) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99800 2013-07-15] (Intel Corporation) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.) R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.) S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.) R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\NETwbw02.sys [3482600 2014-11-06] (Intel Corporation) S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [3648480 2013-08-30] (Intel Corporation) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [444632 2013-12-19] (Realsil Semiconductor Corporation) R3 SensorsServiceDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated) R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [206744 2013-05-28] (Windows (R) Win 7 DDK provider) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-08-12] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-08-12] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-08-12] (Microsoft Corporation) R3 WUDFWpdComp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S1 p1481544159am; \??\C:\Users\Monika\AppData\Local\Temp\bk4714.tmp\p1481544159am.sys [X] <==== UWAGA S1 p1481709006am; \??\C:\Users\Monika\AppData\Local\Temp\bk5134.tmp\p1481709006am.sys [X] <==== UWAGA S1 p1484818928am; \??\C:\Users\Monika\AppData\Local\Temp\bk1229.tmp\p1484818928am.sys [X] <==== UWAGA S1 p1485335143am; \??\C:\Users\Monika\AppData\Local\Temp\bk44A7.tmp\p1485335143am.sys [X] <==== UWAGA S1 p1485335232am; \??\C:\Users\Monika\AppData\Local\Temp\bk9CC5.tmp\p1485335232am.sys [X] <==== UWAGA S1 p1485348521am; \??\C:\Users\Monika\AppData\Local\Temp\bk1E6C.tmp\p1485348521am.sys [X] <==== UWAGA S1 p1485348591am; \??\C:\Users\Monika\AppData\Local\Temp\bk2E46.tmp\p1485348591am.sys [X] <==== UWAGA S1 p1486112695am; \??\C:\Users\Monika\AppData\Local\Temp\bkCF8D.tmp\p1486112695am.sys [X] <==== UWAGA ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-02-08 11:37 - 2017-02-08 11:37 - 00030839 _____ C:\Users\TEMP\Desktop\FRST.txt 2017-02-08 11:28 - 2017-02-08 11:26 - 02421248 _____ (Farbar) C:\Users\TEMP\Desktop\FRST64.exe 2017-02-08 11:28 - 2017-02-08 11:26 - 00380928 _____ C:\Users\TEMP\Desktop\655vyk07.exe 2017-02-08 00:09 - 2017-02-08 00:09 - 00000000 ____D C:\Users\TEMP\AppData\Local\CEF 2017-02-08 00:01 - 2017-02-08 10:40 - 00000000 ___RD C:\Users\TEMP\OneDrive 2017-02-08 00:00 - 2017-02-08 00:00 - 00000000 ____D C:\Users\TEMP\Documents\Autodesk Application Manager 2017-02-08 00:00 - 2017-02-08 00:00 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\AVAST Software 2017-02-08 00:00 - 2017-02-08 00:00 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Autodesk 2017-02-08 00:00 - 2017-02-08 00:00 - 00000000 ____D C:\Users\TEMP\AppData\Local\Autodesk 2017-02-07 23:59 - 2017-02-08 00:00 - 00000000 ____D C:\Users\TEMP\AppData\Local\Sony Corporation 2017-02-07 23:58 - 2017-02-07 23:58 - 00000020 ___SH C:\Users\TEMP.MonikaSalamon\ntuser.ini 2017-02-07 23:58 - 2017-02-07 23:58 - 00000000 _SHDL C:\Users\TEMP.MonikaSalamon\Ustawienia lokalne 2017-02-07 23:58 - 2017-02-07 23:58 - 00000000 _SHDL C:\Users\TEMP.MonikaSalamon\Szablony 2017-02-07 23:58 - 2017-02-07 23:58 - 00000000 _SHDL C:\Users\TEMP.MonikaSalamon\Moje dokumenty 2017-02-07 23:58 - 2017-02-07 23:58 - 00000000 _SHDL C:\Users\TEMP.MonikaSalamon\Menu Start 2017-02-07 23:58 - 2017-02-07 23:58 - 00000000 _SHDL C:\Users\TEMP.MonikaSalamon\Documents\Moje wideo 2017-02-07 23:58 - 2017-02-07 23:58 - 00000000 _SHDL C:\Users\TEMP.MonikaSalamon\Documents\Moje obrazy 2017-02-07 23:58 - 2017-02-07 23:58 - 00000000 _SHDL C:\Users\TEMP.MonikaSalamon\Documents\Moja muzyka 2017-02-07 23:58 - 2017-02-07 23:58 - 00000000 _SHDL C:\Users\TEMP.MonikaSalamon\Dane aplikacji 2017-02-07 23:58 - 2017-02-07 23:58 - 00000000 _SHDL C:\Users\TEMP.MonikaSalamon\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-02-07 23:58 - 2017-02-07 23:58 - 00000000 _SHDL C:\Users\TEMP.MonikaSalamon\AppData\Local\Historia 2017-02-07 23:58 - 2017-02-07 23:58 - 00000000 _SHDL C:\Users\TEMP.MonikaSalamon\AppData\Local\Dane aplikacji 2017-02-07 23:58 - 2017-02-07 23:58 - 00000000 ____D C:\Users\TEMP.MonikaSalamon 2017-02-07 23:58 - 2014-11-20 22:19 - 00000000 ____D C:\Users\TEMP.MonikaSalamon\AppData\Local\PackageAware 2017-02-07 23:58 - 2014-11-17 12:16 - 00000000 ____D C:\Users\TEMP.MonikaSalamon\AppData\Local\Microsoft Help 2017-02-07 23:58 - 2014-09-24 16:10 - 00000369 _____ C:\Users\TEMP.MonikaSalamon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2017-02-07 23:58 - 2014-09-24 16:10 - 00000369 _____ C:\Users\TEMP.MonikaSalamon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2017-02-07 23:57 - 2017-02-07 23:57 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Sony Corporation 2017-02-07 23:55 - 2017-02-08 00:01 - 00000000 ____D C:\Users\TEMP\AppData\Local\Packages 2017-02-07 23:55 - 2017-02-07 23:55 - 00001450 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-02-07 23:55 - 2017-02-07 23:55 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe 2017-02-07 23:55 - 2017-02-07 23:55 - 00000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore 2017-02-07 23:54 - 2017-02-08 00:01 - 00000000 ____D C:\Users\TEMP 2017-02-07 23:54 - 2017-02-07 23:54 - 00000020 ___SH C:\Users\TEMP\ntuser.ini 2017-02-07 23:54 - 2017-02-07 23:54 - 00000000 _SHDL C:\Users\TEMP\Ustawienia lokalne 2017-02-07 23:54 - 2017-02-07 23:54 - 00000000 _SHDL C:\Users\TEMP\Szablony 2017-02-07 23:54 - 2017-02-07 23:54 - 00000000 _SHDL C:\Users\TEMP\Moje dokumenty 2017-02-07 23:54 - 2017-02-07 23:54 - 00000000 _SHDL C:\Users\TEMP\Menu Start 2017-02-07 23:54 - 2017-02-07 23:54 - 00000000 _SHDL C:\Users\TEMP\Documents\Moje wideo 2017-02-07 23:54 - 2017-02-07 23:54 - 00000000 _SHDL C:\Users\TEMP\Documents\Moje obrazy 2017-02-07 23:54 - 2017-02-07 23:54 - 00000000 _SHDL C:\Users\TEMP\Documents\Moja muzyka 2017-02-07 23:54 - 2017-02-07 23:54 - 00000000 _SHDL C:\Users\TEMP\Dane aplikacji 2017-02-07 23:54 - 2017-02-07 23:54 - 00000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-02-07 23:54 - 2017-02-07 23:54 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Historia 2017-02-07 23:54 - 2017-02-07 23:54 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Dane aplikacji 2017-02-07 23:54 - 2017-02-07 23:54 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Intel 2017-02-07 23:54 - 2014-11-20 22:19 - 00000000 ____D C:\Users\TEMP\AppData\Local\PackageAware 2017-02-07 23:54 - 2014-11-17 12:16 - 00000000 ____D C:\Users\TEMP\AppData\Local\Microsoft Help 2017-02-07 23:54 - 2014-09-24 16:10 - 00000369 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2017-02-07 23:54 - 2014-09-24 16:10 - 00000369 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2017-02-07 23:32 - 2017-02-07 23:54 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-02-07 23:32 - 2017-02-07 23:32 - 00001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-02-07 23:32 - 2017-02-07 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-02-07 23:32 - 2017-02-07 23:32 - 00000000 ____D C:\Program Files\Malwarebytes 2017-02-07 23:32 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-02-06 16:04 - 2017-02-06 16:04 - 00002064 _____ C:\Users\Public\Desktop\McAfee® Internet Security.lnk 2017-02-06 16:04 - 2017-02-06 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2017-02-06 16:03 - 2016-08-02 01:03 - 00216704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys 2017-02-06 16:01 - 2017-02-06 16:01 - 00003084 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon 2017-02-06 16:01 - 2017-02-06 16:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2017-02-06 16:01 - 2017-02-06 16:01 - 00000000 ____D C:\ProgramData\Intel Security 2017-02-06 15:59 - 2017-02-06 16:04 - 00000000 ____D C:\Program Files\McAfee 2017-02-06 15:59 - 2017-02-06 15:59 - 00000000 ____D C:\Program Files\McAfee.com 2017-02-06 15:59 - 2017-02-06 15:59 - 00000000 ____D C:\Program Files\Common Files\Intel Security 2017-02-06 15:58 - 2017-02-06 16:04 - 00000000 ____D C:\Program Files (x86)\McAfee 2017-02-06 15:52 - 2017-02-06 16:02 - 00000000 ____D C:\Program Files\Common Files\McAfee 2017-02-06 15:52 - 2017-02-06 15:52 - 09448968 _____ (McAfee, Inc.) C:\Users\Monika\Downloads\Setup_serial_KpaXcpENRGVPNwehfCuSRA2_key.exe 2017-02-06 15:52 - 2016-11-14 17:41 - 00342768 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe 2017-02-06 10:56 - 2017-02-06 10:56 - 00000000 ____D C:\Program Files (x86)\Gub 2017-02-06 10:40 - 2017-02-06 10:41 - 00296896 _____ C:\WINDOWS\Minidump\020617-22546-01.dmp 2017-02-03 09:59 - 2017-02-03 09:59 - 00296608 _____ C:\WINDOWS\Minidump\020317-31312-01.dmp 2017-02-03 09:45 - 2017-02-03 09:45 - 00000000 ____D C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-02-02 13:28 - 2017-02-02 13:28 - 00432702 _____ C:\WINDOWS\ProcessedPackets.KTL 2017-01-31 15:05 - 2017-01-31 15:05 - 00000000 ____D C:\Users\Monika\Desktop\Stare dane programu Firefox 2017-01-31 15:04 - 2017-02-08 11:25 - 00001951 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-01-31 15:04 - 2017-02-07 23:33 - 00000000 ____D C:\Users\Monika\AppData\LocalLow\Mozilla 2017-01-31 15:04 - 2017-02-07 23:19 - 00001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-01-31 15:04 - 2017-01-31 15:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-01-26 10:30 - 2017-01-26 10:30 - 07738372 _____ C:\Users\Monika\Downloads\Stawiski nowy.bak 2017-01-25 13:58 - 2017-02-06 16:40 - 00000000 ____D C:\Program Files (x86)\amuleC3 2017-01-25 13:46 - 2017-01-25 13:46 - 00296512 _____ C:\WINDOWS\Minidump\012517-20828-01.dmp 2017-01-25 13:42 - 2017-01-25 13:42 - 00000000 _____ C:\autoexec.bat 2017-01-25 10:01 - 2017-01-25 10:02 - 00296512 _____ C:\WINDOWS\Minidump\012517-24250-01.dmp 2017-01-24 16:24 - 2017-01-24 16:25 - 00304704 _____ C:\WINDOWS\Minidump\012417-31203-01.dmp 2017-01-23 17:45 - 2017-01-23 17:46 - 00028160 _____ C:\Users\Monika\Downloads\historia_polaczen_20170101-20170123.xls 2017-01-23 17:40 - 2017-01-23 17:40 - 00011776 _____ C:\Users\Monika\Downloads\historia_polaczen_20161201-20161231.xls 2017-01-22 22:49 - 2017-01-22 22:50 - 41414008 _____ (Aiseesoft Studio ) C:\Users\Monika\Downloads\as-android-recovery (2).exe 2017-01-22 22:40 - 2017-01-22 22:40 - 00001472 _____ C:\Users\Public\Desktop\FoneLab for Android.lnk 2017-01-22 22:11 - 2017-01-22 22:39 - 41414008 _____ (Aiseesoft Studio ) C:\Users\Monika\Downloads\as-android-recovery (1).exe 2017-01-22 22:06 - 2017-01-22 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft 2017-01-22 22:06 - 2017-01-22 22:06 - 00000000 ____D C:\Users\Monika\AppData\Local\Aiseesoft Studio 2017-01-22 22:06 - 2017-01-22 22:06 - 00000000 ____D C:\Users\Monika\.android 2017-01-22 22:05 - 2017-01-22 22:05 - 00000000 ____D C:\ProgramData\Aiseesoft Studio 2017-01-22 22:05 - 2017-01-22 22:05 - 00000000 ____D C:\Program Files (x86)\Aiseesoft Studio 2017-01-22 22:00 - 2017-01-22 22:01 - 41414008 _____ (Aiseesoft Studio ) C:\Users\Monika\Downloads\as-android-recovery.exe 2017-01-19 10:36 - 2017-01-19 10:37 - 00295832 _____ C:\WINDOWS\Minidump\011917-21703-01.dmp 2017-01-19 10:22 - 2017-01-19 10:23 - 00304704 _____ C:\WINDOWS\Minidump\011917-30296-01.dmp 2017-01-18 10:48 - 2017-01-18 10:48 - 63198648 _____ () C:\Users\Monika\Downloads\plytki_perlyceramikiue2016_3etapy_konkurs (2).exe 2017-01-12 12:09 - 2017-01-12 12:09 - 00068287 _____ C:\Users\Monika\Downloads\history_20170112_120951.pdf 2017-01-12 12:09 - 2017-01-12 12:09 - 00066593 _____ C:\Users\Monika\Downloads\history_20170112_120931.pdf 2017-01-09 14:32 - 2017-01-09 14:32 - 63198648 _____ () C:\Users\Monika\Downloads\plytki_perlyceramikiue2016_3etapy_konkurs (1).exe ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-02-08 11:37 - 2015-08-02 20:58 - 00000000 ____D C:\FRST 2017-02-08 11:31 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-02-08 11:29 - 2014-09-24 16:08 - 02154586 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-02-08 11:29 - 2014-09-24 15:35 - 01049582 _____ C:\WINDOWS\system32\perfh015.dat 2017-02-08 11:29 - 2014-09-24 15:35 - 00246600 _____ C:\WINDOWS\system32\perfc015.dat 2017-02-08 11:29 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf 2017-02-08 11:19 - 2015-06-22 08:34 - 00001194 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3178937606-276424082-2874363280-1002UA.job 2017-02-08 11:19 - 2015-06-22 08:34 - 00001142 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3178937606-276424082-2874363280-1002Core.job 2017-02-08 10:45 - 2014-11-05 10:59 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3178937606-276424082-2874363280-1002 2017-02-08 10:44 - 2014-11-06 21:35 - 00003758 _____ C:\WINDOWS\System32\Tasks\AutoKMS 2017-02-08 00:01 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-02-07 23:53 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-02-07 23:50 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2017-02-07 23:32 - 2015-08-02 20:39 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-02-07 23:31 - 2015-08-02 21:21 - 00000000 ____D C:\AdwCleaner 2017-02-07 23:26 - 2014-11-12 15:34 - 00000000 ___RD C:\Users\Monika\Dropbox 2017-02-07 23:25 - 2014-11-17 14:57 - 00000000 ____D C:\Users\Monika\OneDrive 2017-02-07 23:21 - 2013-08-22 15:44 - 00583504 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-02-07 23:19 - 2016-07-18 08:17 - 00001020 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2017-02-07 23:19 - 2016-07-18 08:17 - 00001008 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk 2017-02-07 23:19 - 2015-11-04 09:08 - 00000000 ____D C:\WINDOWS\system32\log 2017-02-07 23:19 - 2014-11-17 14:54 - 00001011 _____ C:\Users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-02-07 23:09 - 2014-11-25 10:29 - 00000000 ____D C:\Users\Monika\AppData\Roaming\TeamViewer 2017-02-07 23:03 - 2014-12-01 09:06 - 00004008 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{28366D20-D6A3-48CA-A2B4-2AC631B6987D} 2017-02-07 13:50 - 2014-10-21 00:09 - 00000000 ____D C:\ProgramData\McAfee 2017-02-07 13:20 - 2014-11-25 10:47 - 00000000 ____D C:\ProgramData\firebird 2017-02-07 13:20 - 2014-11-06 21:24 - 00000000 ____D C:\Users\Monika\Documents\Pliki programu Outlook 2017-02-06 16:41 - 2016-04-24 13:39 - 00000000 ____D C:\Autodesk 2017-02-06 16:05 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2017-02-06 16:00 - 2012-07-26 09:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2017-02-06 15:58 - 2015-12-04 11:51 - 00000000 ____D C:\Program Files\Common Files\AV 2017-02-06 10:40 - 2015-07-15 09:20 - 1471946676 _____ C:\WINDOWS\MEMORY.DMP 2017-02-06 10:40 - 2015-07-15 09:20 - 00000000 ____D C:\WINDOWS\Minidump 2017-02-03 16:22 - 2016-12-07 13:55 - 00000000 ____D C:\ProgramData\aehae 2017-02-03 09:44 - 2014-11-12 15:30 - 00000000 ____D C:\Users\Monika\AppData\Roaming\Dropbox 2017-02-02 13:28 - 2017-01-04 13:36 - 05760100 _____ C:\WINDOWS\NGIPacket.KTL 2017-02-02 13:28 - 2017-01-04 13:36 - 00288104 _____ C:\WINDOWS\SentOSPackets.KTL 2017-02-02 13:28 - 2017-01-04 13:36 - 00288098 _____ C:\WINDOWS\NGIControl.KTL 2017-02-02 13:28 - 2017-01-04 13:36 - 00288088 _____ C:\WINDOWS\Control.KTL 2017-01-31 15:04 - 2014-11-06 21:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-01-26 11:17 - 2014-11-25 10:18 - 00000000 ____D C:\Program Files (x86)\Google 2017-01-25 13:42 - 2014-11-17 12:07 - 00000000 ____D C:\Users\Monika 2017-01-24 16:33 - 2015-09-26 17:19 - 00004180 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2017-01-22 22:47 - 2016-11-21 11:38 - 00000000 ____D C:\ProgramData\ucky 2017-01-17 13:15 - 2014-11-17 12:07 - 00000000 ____D C:\Users\UpdatusUser 2017-01-13 14:33 - 2014-11-06 20:11 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-01-13 14:33 - 2014-11-06 20:11 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-01-13 14:33 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-12 10:03 - 2014-10-21 00:27 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2017-01-12 10:01 - 2015-01-05 13:17 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task ==================== Pliki w katalogu głównym wybranych folderów ======= 2014-11-17 12:01 - 2014-11-17 12:01 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Niektóre pliki w TEMP: ==================== 2016-04-23 21:04 - 2015-01-26 17:34 - 0015752 _____ (Autodesk, Inc.) C:\Users\Monika\AppData\Local\Temp\AcDeltree.exe 2016-04-23 21:06 - 2016-04-23 21:06 - 0467968 _____ (Realtek Semiconductor Corp.) C:\Users\Monika\AppData\Local\Temp\COMAP.EXE 2016-04-24 16:25 - 2016-04-24 16:25 - 1962752 _____ (Flexera Software LLC) C:\Users\Monika\AppData\Local\Temp\FNP_ACT_InstallerCA.dll 2016-11-16 12:28 - 2016-11-16 12:28 - 0244264 _____ (McAfee, Inc.) C:\Users\Monika\AppData\Local\Temp\McCSPInstall.dll 2016-08-30 09:47 - 2016-08-30 09:47 - 1083904 _____ (Opera Software) C:\Users\Monika\AppData\Local\Temp\Opera_installer_20168304741202.dll 2014-11-08 09:33 - 2015-06-21 18:56 - 0610816 _____ () C:\Users\Monika\AppData\Local\Temp\Quarantine.exe 2016-10-14 10:44 - 2016-10-14 10:45 - 70524384 _____ (Dropbox, Inc.) C:\Users\Monika\AppData\Local\Temp\{4389F700-1995-4435-A27B-ADBD386A3C64}-DropboxClient_12.4.22.exe 2015-07-24 13:44 - 2015-07-24 13:45 - 50190752 _____ (Dropbox, Inc.) C:\Users\Monika\AppData\Local\Temp\{B348BFD2-A2F1-43E6-BDE1-829A335B3FB5}-DropboxClient_3.6.9.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-02-06 10:52 ==================== Koniec FRST.txt ============================