Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 28-05-2017 Uruchomiony przez Michał (administrator) MICHAŁ (30-05-2017 09:25:57) Uruchomiony z D:\Downloads\antywir Załadowane profile: Michał (Dostępne profile: Michał) Platform: Windows 7 Ultimate Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 10 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (CANON INC.) C:\Program Files\Canon\DIAS\CnxDIAS.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (FirebirdSQL Project) C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe (Foxit Software Inc.) C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe (HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe (Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe (Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe (FirebirdSQL Project) C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbserver.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (CANON INC.) C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Foxit Software Inc.) C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\FoxitReader.exe (Microsoft Corporation) C:\Windows\System32\prevhost.exe (Foxit Corporation) C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Shell Extensions\FoxitPrevhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [486552 2012-09-27] (CANON INC.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2810608 2014-04-07] (Synaptics Incorporated) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [322312 2017-04-20] (Bitdefender) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28734456 2017-05-16] (Dropbox, Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2511481870-1426507333-4213709584-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-2511481870-1426507333-4213709584-1000\...\Run: [FormAutoFill] => C:\Program Files (x86)\FormAutoFill\faf.exe HKU\S-1-5-21-2511481870-1426507333-4213709584-1000\...\MountPoints2: {3900e082-2c51-11e5-bda9-28d244511585} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2511481870-1426507333-4213709584-1000\...\MountPoints2: {3900e087-2c51-11e5-bda9-28d244511585} - E:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2511481870-1426507333-4213709584-1000\...\MountPoints2: {c7c2006b-821d-11e4-bba4-28d244511585} - E:\AutoRun.exe ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{006A3DA8-E626-44AF-97BC-E30F59743CE3}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{2D80599E-FC70-4759-B423-3435B16408AF}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2511481870-1426507333-4213709584-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2511481870-1426507333-4213709584-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: Portfel Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-20] (Bitdefender) BHO-x32: Portfel Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-20] (Bitdefender) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-16] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-16] (Oracle Corporation) Toolbar: HKLM - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-20] (Bitdefender) Toolbar: HKLM-x32 - Portfel Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-20] (Bitdefender) DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T29L10NSP13EP41-30001/webex/ieatgpc1.cab FireFox: ======== FF DefaultProfile: slyjh381.default-1495990450722 FF ProfilePath: C:\Users\Michał\AppData\Roaming\Mozilla\Firefox\Profiles\slyjh381.default-1495990450722 [2017-05-28] FF Extension: (uBlock Origin) - C:\Users\Michał\AppData\Roaming\Mozilla\Firefox\Profiles\slyjh381.default-1495990450722\Extensions\uBlock0@raymondhill.net.xpi [2017-05-28] FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-04-21] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-04-21] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-10-07] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-10-07] () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2016-06-07] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2016-06-07] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2016-06-07] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2016-06-07] (Foxit Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-14] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-14] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-16] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-16] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Session Restore: Default -> [funkcja włączona] CHR Profile: C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default [2017-05-30] CHR Extension: (Dysk Google) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-29] CHR Extension: (YouTube) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01] CHR Extension: (uBlock Origin) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-05-28] CHR Extension: (Google Search) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29] CHR Extension: (Autofill) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmmgnhgdeffjkdckmikfpnddkbbfkkk [2017-05-28] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Gmail) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18] CHR Extension: (Chrome Media Router) - C:\Users\Michał\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-28] CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Brak podpisu cyfrowego] R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [5205392 2014-03-06] (CANON INC.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-05-16] (Dropbox, Inc.) R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [100448 2017-04-20] (Bitdefender) R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe [81920 2012-02-21] (FirebirdSQL Project) [Brak podpisu cyfrowego] R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbserver.exe [2048000 2012-02-21] (FirebirdSQL Project) [Brak podpisu cyfrowego] S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2015-08-29] (Macrovision Europe Ltd.) [Brak podpisu cyfrowego] R2 FoxitReaderService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe [1647808 2016-06-21] (Foxit Software Inc.) S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [Brak podpisu cyfrowego] R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [Brak podpisu cyfrowego] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28736 2016-03-16] (Hewlett-Packard Company) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-14] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-14] (Intel Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [41760 2015-10-13] (Microsoft) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-04-20] (Bitdefender) R2 ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [22872 2014-07-21] (Validity Sensors, Inc.) R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [49040 2014-07-21] (Synaptics Incorporated) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1424224 2017-05-18] (Bitdefender) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1605376 2016-09-20] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [119696 2016-06-15] (BitDefender LLC) R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC) R0 Ignis; C:\Windows\System32\DRIVERS\ignis.sys [305120 2017-03-15] (Bitdefender) R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [288840 2013-05-16] (Realtek Semiconductor Corp.) R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8243272 2013-03-21] (Realtek Semiconductor Corp.) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-04-07] (Synaptics Incorporated) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-05-28 21:31 - 2017-05-28 21:31 - 00285576 _____ C:\Windows\Minidump\052817-27518-01.dmp 2017-05-28 19:00 - 2017-05-28 19:00 - 00285576 _____ C:\Windows\Minidump\052817-14383-01.dmp 2017-05-28 09:50 - 2017-05-28 09:50 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Google 2017-05-28 09:10 - 2017-05-28 09:10 - 00029365 _____ C:\ProgramData\agent.update.1495955370.bdinstall.bin 2017-05-28 08:56 - 2017-05-30 09:25 - 00000000 ____D C:\FRST 2017-05-28 08:39 - 2017-05-28 19:10 - 00000000 ____D C:\AdwCleaner 2017-05-27 20:29 - 2017-05-27 20:30 - 00000042 _____ C:\Windows\SysWOW64\GZ 2017-05-22 17:14 - 2017-05-22 17:14 - 00019123 _____ C:\Users\Michał\Desktop\compensa.xlsx 2017-05-18 22:21 - 2017-05-18 22:21 - 00057062 _____ C:\ProgramData\dm.1495138807.bdinstall.bin 2017-05-18 22:20 - 2017-05-18 22:20 - 00000000 ____D C:\ProgramData\Bitdefender Device Management 2017-05-18 22:00 - 2017-05-18 22:00 - 00435546 _____ C:\ProgramData\cl.1495137119.bdinstall.bin 2017-05-18 21:57 - 2017-05-18 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017 2017-05-18 21:57 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys 2017-05-18 21:56 - 2017-03-15 08:03 - 00305120 _____ (Bitdefender) C:\Windows\system32\Drivers\ignis.sys 2017-05-18 21:56 - 2016-09-20 04:17 - 01605376 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys 2017-05-18 21:56 - 2016-09-20 04:16 - 00878072 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys 2017-05-18 21:53 - 2017-05-18 22:20 - 00000000 ____D C:\Program Files\Bitdefender 2017-05-18 21:53 - 2016-10-29 09:54 - 00182944 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys 2017-05-18 21:53 - 2016-06-22 15:40 - 00520032 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys 2017-05-18 21:51 - 2017-05-18 21:53 - 00000000 ____D C:\Program Files\Common Files\Bitdefender 2017-05-18 21:43 - 2017-05-18 22:12 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Bitdefender 2017-05-18 21:43 - 2017-05-18 21:43 - 00217039 _____ C:\ProgramData\1495136443.bdinstall.bin 2017-05-18 08:01 - 2017-05-18 08:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-05-16 23:01 - 2017-05-16 23:01 - 00048944 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2017-05-16 12:06 - 2017-05-28 18:53 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-05-16 12:06 - 2017-05-28 18:52 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-05-10 19:33 - 2017-05-10 19:34 - 00000000 ____D C:\Users\Michał\Desktop\Lipsk na 11-05-2017 2017-05-10 16:15 - 2017-05-10 16:15 - 06381724 _____ C:\Users\Michał\Desktop\POLISA 908553424311.pdf 2017-05-10 11:55 - 2017-05-10 11:55 - 00029998 _____ C:\Users\Michał\Desktop\Zgłoszenie (1) (1).pdf 2017-05-10 11:25 - 2017-05-10 11:25 - 00285576 _____ C:\Windows\Minidump\051017-15100-01.dmp 2017-05-10 09:49 - 2017-05-10 09:49 - 00285576 _____ C:\Windows\Minidump\051017-15303-01.dmp 2017-05-08 21:16 - 2017-05-08 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.0 2017-05-08 21:16 - 2012-02-21 12:46 - 00323584 _____ (IBPhoenix) C:\Windows\SysWOW64\Firebird2Control.cpl 2017-05-08 21:16 - 2012-02-21 12:45 - 00417792 _____ (FirebirdSQL Project) C:\Windows\SysWOW64\GDS32.DLL 2017-05-08 19:48 - 2017-05-28 19:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-05-07 11:41 - 2017-05-07 11:41 - 00285464 _____ C:\Windows\Minidump\050717-15756-01.dmp 2017-05-05 10:20 - 2017-05-05 10:20 - 00000000 ____D C:\ProgramData\Synaptics 2017-05-05 10:13 - 2017-05-05 10:13 - 00044912 _____ C:\Users\Michał\Desktop\bookmarks.html 2017-05-04 15:10 - 2017-05-11 22:14 - 00011595 _____ C:\Users\Michał\Desktop\Komórki.xlsx 2017-05-02 23:49 - 2017-05-02 23:49 - 00000000 _____ C:\Users\Michał\AppData\Local\{8EB86DBE-9358-4365-85A9-242484F6F183} 2017-05-02 21:12 - 2017-05-02 21:13 - 00000000 ____D C:\Users\Michał\AppData\Local\FileZilla 2017-05-02 14:24 - 2017-05-02 19:06 - 00000000 ____D C:\Users\Michał\AppData\Local\Mikogo-video ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-05-30 09:17 - 2009-07-14 06:45 - 00029952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-05-30 09:17 - 2009-07-14 06:45 - 00029952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-05-30 09:16 - 2016-02-04 21:44 - 00000000 ____D C:\Program Files\Bitdefender Agent 2017-05-30 09:16 - 2015-09-09 23:03 - 00001148 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2017-05-30 09:08 - 2016-06-29 09:24 - 00000000 ____D C:\ProgramData\Foxit Software 2017-05-30 09:08 - 2014-10-22 02:18 - 00000000 ____D C:\ProgramData\Validity 2017-05-30 09:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-05-28 22:12 - 2016-02-04 21:50 - 00437686 _____ C:\bdlog.txt 2017-05-28 21:55 - 2015-09-09 23:03 - 00001152 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2017-05-28 21:31 - 2016-09-26 10:41 - 603355694 _____ C:\Windows\MEMORY.DMP 2017-05-28 21:31 - 2015-01-08 22:16 - 00000000 ____D C:\Windows\Minidump 2017-05-28 18:56 - 2016-11-21 17:44 - 00000000 ____D C:\Users\Michał\AppData\LocalLow\Mozilla 2017-05-28 18:53 - 2016-11-21 16:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-05-28 09:50 - 2014-10-22 02:29 - 00002277 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-28 09:47 - 2014-10-22 02:28 - 00000000 ____D C:\Users\Michał\AppData\Local\Deployment 2017-05-28 09:14 - 2017-04-28 09:20 - 00000000 ____D C:\Windows\system32\log 2017-05-28 08:43 - 2015-12-04 12:02 - 00000000 ____D C:\Users\Michał\AppData\Local\CrashDumps 2017-05-23 15:32 - 2015-09-09 23:05 - 00000000 ___RD C:\Users\Michał\Dropbox 2017-05-23 10:04 - 2016-03-11 10:57 - 00267333 _____ C:\Users\Michał\Desktop\wypowiedznie_komunikacyjne.pdf 2017-05-23 09:41 - 2016-01-05 15:11 - 00000000 ____D C:\SS_AGENT 2017-05-23 08:24 - 2017-01-17 12:05 - 00000000 ____D C:\Users\Michał\AppData\LocalLow\LastPass 2017-05-22 16:18 - 2015-09-09 23:03 - 00000000 ____D C:\Users\Michał\AppData\Local\Dropbox 2017-05-18 22:22 - 2016-02-04 21:47 - 00000000 ____D C:\ProgramData\Bitdefender 2017-05-18 21:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2017-05-18 08:02 - 2015-09-09 23:03 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-05-10 09:26 - 2014-10-30 20:57 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Foxit Software 2017-05-08 21:16 - 2016-02-01 11:54 - 00001184 _____ C:\Users\Michał\Desktop\Faktury.lnk 2017-05-08 21:16 - 2016-02-01 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Faktury Express 2017-05-08 10:14 - 2014-10-21 20:51 - 00000000 ____D C:\Users\Michał\Desktop\Programy 2017-05-07 19:23 - 2014-10-22 02:08 - 00000000 ____D C:\Program Files\Synaptics 2017-05-05 10:16 - 2014-10-22 02:04 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-05-05 10:15 - 2016-02-24 15:07 - 00000000 ____D C:\Program Files (x86)\Motorola Scanner 2017-05-04 22:30 - 2017-04-17 20:08 - 00000503 _____ C:\Users\Michał\Desktop\focus.txt 2017-05-04 18:47 - 2016-02-24 15:07 - 00000106 _____ C:\Windows\SysWOW64\symbscnr.log.bak 2017-05-02 21:13 - 2015-12-02 14:20 - 00000000 ____D C:\Users\Michał\AppData\Roaming\FileZilla 2017-05-02 21:12 - 2015-12-02 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2017-05-02 21:12 - 2015-12-02 14:20 - 00000000 ____D C:\Program Files\FileZilla FTP Client 2017-05-02 20:13 - 2014-10-22 01:53 - 00000000 ____D C:\Users\Michał\AppData\Roaming\Adobe ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-02-14 15:11 - 2017-02-14 15:11 - 0004096 ____H () C:\Users\Michał\AppData\Local\keyfile3.drm 2017-02-18 23:49 - 2017-02-18 23:49 - 0007605 _____ () C:\Users\Michał\AppData\Local\Resmon.ResmonCfg 2016-09-18 11:07 - 2016-09-18 11:07 - 0000000 _____ () C:\Users\Michał\AppData\Local\{1FF73687-BD14-4254-B478-0C02091A8903} 2017-05-02 23:49 - 2017-05-02 23:49 - 0000000 _____ () C:\Users\Michał\AppData\Local\{8EB86DBE-9358-4365-85A9-242484F6F183} 2016-09-26 10:45 - 2016-09-26 10:45 - 0000000 _____ () C:\Users\Michał\AppData\Local\{CC9310A7-0E26-48ED-828A-4EA671179E04} 2017-02-18 23:36 - 2017-02-18 23:36 - 0000000 _____ () C:\Users\Michał\AppData\Local\{D1BC6E95-A16C-4710-AE63-EEFD61EAFAE4} 2017-05-18 21:43 - 2017-05-18 21:43 - 0217039 _____ () C:\ProgramData\1495136443.bdinstall.bin 2017-05-28 09:10 - 2017-05-28 09:10 - 0029365 _____ () C:\ProgramData\agent.update.1495955370.bdinstall.bin 2017-05-18 22:00 - 2017-05-18 22:00 - 0435546 _____ () C:\ProgramData\cl.1495137119.bdinstall.bin 2017-05-18 22:21 - 2017-05-18 22:21 - 0057062 _____ () C:\ProgramData\dm.1495138807.bdinstall.bin 2014-10-22 02:04 - 2014-10-22 02:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-03-09 12:02 ==================== Koniec FRST.txt ============================