Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 05-06-2017 Uruchomiony przez hp Anna (administrator) HP-UTLFEVMQB2QI (06-06-2017 15:55:10) Uruchomiony z C:\Users\hp\Downloads Załadowane profile: hp Anna (Dostępne profile: hp Anna) Platform: Windows 8 Pro (X64) Język: Polski (Polska) Internet Explorer Wersja 10 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe () C:\ProgramData\MobileBrServ\mbbService.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe (McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.SmartMonitor.exe (SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\avgui.exe (SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.569\SSScheduler.exe () C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\hp\Downloads\FRST64 (3).exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-06] (IDT, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2015-02-18] (Synaptics Incorporated) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [263088 2017-05-04] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-24] (CyberLink Corp.) HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [303480 2012-07-26] () HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-20] (IVT Corporation) HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-10-16] (Hewlett-Packard Company) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2162760 2016-07-21] () HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [29246632 2017-05-30] (Dropbox, Inc.) HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1193728 2017-02-15] (PDF Complete Inc) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\ DisallowedCertificates: 08738A96A4853A52ACEF23F782E8E1FEA7BCED02 (U) HKLM\ DisallowedCertificates: 08E4987249BC450748A4A78133CBF041A3510033 (U) HKLM\ DisallowedCertificates: 09271DD621EBD3910C2EA1D059F99B8181405A17 (U) HKLM\ DisallowedCertificates: 09FF2CC86CEEFA8A8BB3F2E3E84D6DA3FABBF63E (U) HKLM\ DisallowedCertificates: 23EF3384E21F70F034C467D4CBA6EB61429F174E (U) HKLM\ DisallowedCertificates: 330D8D3FD325A0E5FDDDA27013A2E75E7130165F (U) HKLM\ DisallowedCertificates: 374D5B925B0BD83494E656EB8087127275DB83CE (U) HKLM\ DisallowedCertificates: 3A26012171855D4020C973BEC3F4F9DA45BD2B83 (U) HKLM\ DisallowedCertificates: 4822824ECE7ED1450C039AA077DC1F8AE3489BBF (U) HKLM\ DisallowedCertificates: 4D8547B7F864132A7F62D9B75B068521F10B68E3 (U) HKLM\ DisallowedCertificates: 4DF13947493CFF69CDE554881C5F114E97C3D03B (U) HKLM\ DisallowedCertificates: 4ED8AA06D1BC72CA64C47B1DFE05ACC8D51FC76F (U) HKLM\ DisallowedCertificates: 587B59FB52D8A683CBE1CA00E6393D7BB923BC92 (U) HKLM\ DisallowedCertificates: 5CE339465F41A1E423149F65544095404DE6EBE2 (U) HKLM\ DisallowedCertificates: 5D5185DF1EB7DC76015422EC8138A5724BEE2886 (U) HKLM\ DisallowedCertificates: 6690C02B922CBD3FF0D0A5994DBD336592887E3F (U) HKLM\ DisallowedCertificates: 7613BF0BA261006CAC3ED2DDBEF343425357F18B (U) HKLM\ DisallowedCertificates: 838FFD509DE868F481C29819992E38A4F7082873 (U) HKLM\ DisallowedCertificates: 8977E8569D2A633AF01D0394851681CE122683A6 (U) HKLM\ DisallowedCertificates: A1505D9843C826DD67ED4EA5209804BDBB0DF502 (U) HKLM\ DisallowedCertificates: A221D360309B5C3C4097C44CC779ACC5A9845B66 (U) HKLM\ DisallowedCertificates: A35A8C727E88BCCA40A3F9679CE8CA00C26789FD (U) HKLM\ DisallowedCertificates: A7B5531DDC87129E2C3BB14767953D6745FB14A6 (U) HKLM\ DisallowedCertificates: A81706D31E6F5C791CD9D3B1B9C63464954BA4F5 (U) HKLM\ DisallowedCertificates: BED412B1334D7DFCEBA3015E5F9F905D571C45CF (U) HKLM\ DisallowedCertificates: C6796490CDEEAAB31AED798752ECD003E6866CB2 (U) HKLM\ DisallowedCertificates: C69F28C825139E65A646C434ACA5A1D200295DB1 (U) HKLM\ DisallowedCertificates: D0BB3E3DFBFB86C0EEE2A047E328609E6E1F185E (U) HKLM\ DisallowedCertificates: D2DBF71823B2B8E78F5958096150BFCB97CC388A (U) HKLM\ DisallowedCertificates: D43153C8C25F0041287987250F1E3CABAC8C2177 (U) HKLM\ DisallowedCertificates: D8CE8D07F9F19D2569C2FB854401BC99C1EB7C3B (U) HKLM\ DisallowedCertificates: E1F3591E769865C4E447ACC37EAFC9E2BFE4C576 (U) HKLM\ DisallowedCertificates: E38A2B7663B86796436D8DF5898D9FAA6835B238 (U) HKLM\ DisallowedCertificates: E95DD86F32C771F0341743EBD75EC33C74A3DED9 (U) HKLM\ DisallowedCertificates: E9809E023B4512AA4D4D53F40569C313C1D0294D (U) HKLM\ DisallowedCertificates: F5A874F3987EB0A9961A564B669A9050F770308A (U) HKLM\ DisallowedCertificates: F92BE5266CC05DB2DC0DC3F2DC74E02DEFD949CB (U) HKU\S-1-5-21-1402408945-3110404489-2080467581-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [5772240 2017-05-17] (SecureMix LLC) HKU\S-1-5-21-1402408945-3110404489-2080467581-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640 2017-05-09] (Google Inc.) HKU\S-1-5-21-1402408945-3110404489-2080467581-1001\...\MountPoints2: {621833af-7cde-11e5-beaa-00e04c680021} - "F:\AutoRun.exe" HKU\S-1-5-21-1402408945-3110404489-2080467581-1001\...\MountPoints2: {6e0db490-b983-11e4-be77-00e04c680021} - "F:\LGAutoRun.exe" HKU\S-1-5-21-1402408945-3110404489-2080467581-1001\...\MountPoints2: {d0b193b2-e3dc-11e6-beee-0c5b8f279a64} - "E:\Startme.exe" Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-06-04] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.569\SSScheduler.exe (McAfee, Inc.) CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{1BC8D9E8-FDBE-4412-9673-55B3A2DA8F25}: [DhcpNameServer] 10.106.12.27 Tcpip\..\Interfaces\{24E20555-A186-4087-9024-B79FC68B1E9B}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{86B2E93F-BD93-414B-BF81-219E9DD5555F}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{C2A8DF25-25B9-4228-A5DE-44D591BA231E}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{C46E2F31-E6B4-4B6F-9DF5-EFF4974A0787}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{CD11F264-83D3-4F2E-B6F4-E62FF3670291}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-1402408945-3110404489-2080467581-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn5dJ8gs0DGDT3GOWsi_8CTz4dPZ12eOxDEGKlyBETtOuwJfh-uM5PRzQiv18anQNWzeU9tCz9a8qxnLk0k4uaOwaUceY7PiL_-EtnJGkGxQVYflOeqqvEIK6qZoSGOysfQljYfM9ZdGZ371c2IN4ERT54x6ep92x5m0WJ-ULtpnEFkfM3ifJ2ir&q={searchTerms} HKU\S-1-5-21-1402408945-3110404489-2080467581-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={3F50603A-766A-4344-BC09-30F7C7DCED7F}&mid=9f7ad5ea293a47cc9d7bd1a90a8ce9d2-8f874c82ec8b6d58717dda2b4a9e885567363bd9&lang=en&ds=AVG&coid=avgtbavg&cmpid=0216pi&pr=fr&d=2016-04-13 16:47:44&v=4.3.1.831&pid=wtu&sg=&sap=hp SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn5dJ8gs0DGDT3GOWsi_8CTz4dPZ12eOxDEGKlyBETtOuwJfh-uM5PRzQiv18anQNWzeU9tCz9a8qxnLk0k4uaOwaUceY7PiL_-EtnJGkGxQVYflOeqqvEIK6qZoSGOysfQljYfM9ZdGZ371c2IN4ERT54x6ep92x5m0WJ-ULtpnEFkfM3ifJ2ir&q={searchTerms} SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-1402408945-3110404489-2080467581-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={3F50603A-766A-4344-BC09-30F7C7DCED7F}&mid=9f7ad5ea293a47cc9d7bd1a90a8ce9d2-8f874c82ec8b6d58717dda2b4a9e885567363bd9&lang=en&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2016-04-13 16:47:44&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-1402408945-3110404489-2080467581-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={3F50603A-766A-4344-BC09-30F7C7DCED7F}&mid=9f7ad5ea293a47cc9d7bd1a90a8ce9d2-8f874c82ec8b6d58717dda2b4a9e885567363bd9&lang=en&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2016-04-13 16:47:44&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-1402408945-3110404489-2080467581-1001 -> {ielnksrch} URL = BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-05-17] (Intel Security) BHO: Brak nazwy -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Brak pliku BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Brak pliku BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-05-17] (Intel Security) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.2.18\AVG Web TuneUp.dll [2016-07-21] (AVG) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-10] (Hewlett-Packard) Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-05-17] (Intel Security) Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-05-17] (Intel Security) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Brak pliku FireFox: ======== FF DefaultProfile: 822aees3.default FF ProfilePath: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\822aees3.default [2017-05-10] FF Extension: (AVG Web TuneUp) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\822aees3.default\Extensions\avg@toolbar.xpi [2016-07-21] FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\822aees3.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-11-27] [Brak podpisu cyfrowego] FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\822aees3.default\searchplugins\avg-secure-search.xml [2016-07-21] FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\822aees3.default\searchplugins\findit.xml [2016-03-30] FF SearchPlugin: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\822aees3.default\searchplugins\google-avast.xml [2015-10-24] FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt => nie znaleziono FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\findit.xml [2016-03-30] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-07-21] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] () FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.2\\npsitesafety.dll [Brak pliku] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-09-20] (DigitalPersona, Inc.) FF Plugin HKU\S-1-5-21-1402408945-3110404489-2080467581-1001: hp.com/HPDetect -> C:\Users\hp\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll [2012-08-30] (HP) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> mysearch.avg.com CHR StartupUrls: Default -> "hxxp://google.pl/","hxxp://www.google.com/","hxxp://www.default-search.net/?sid=476&aid=132&itype=a&ver=13277&tm=364&src=hmp","hxxp://www.gazeta.pl/0,0.html?p=164","hxxp://rts.dsrlte.com/?affID=na","hxxp://isearch.omiga-plus.com/?type=hp&ts=1413197526&from=tugs&uid=ST750LM022XHN-M750MBB_S2SUJ9ECB26508","hxxp://isearch.omiga-plus.com/?type=hp&ts=1416482349&from=adks&uid=ST750LM022XHN-M750MBB_S2SUJ9ECB26508","hxxp://www.interia.pl/#utm_source=instalki&utm_medium=installer&utm_campaign=instalki","hxxp://www.gazeta.pl/0,%200.html?p=164","hxxp://do-search.com/?type=hp&ts=1427332255&from=cor&uid=ST750LM022XHN-M750MBB_S2SUJ9ECB26508","hxxp://do-search.com/?type=hppp&ts=1427332319&from=cor&uid=ST750LM022XHN-M750MBB_S2SUJ9ECB26508","hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_616_bl-is-18__alt__ddc_dsssyc_bd_com","hxxp://www.delta-homes.com/?type=hp&ts=1432123365&z=88069f5c27506e182f8ec59gfz5c5o7gfofcfcdq0m&from=wpm05203&uid=ST750LM022XHN-M750MBB_S2SUJ9ECB26508","hxxp://www.istartsurf.com/?type=hp&ts=1433959188&z=118f547689b8f254fa38e64g5z1ccc0tawbt8gab7b&from=cornl&uid=ST750LM022XHN-M750MBB_S2SUJ9ECB26508","hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggWeVhaUQ1AEhgQIVxcTA1CFlEOeQ9eVRQUGFYWdlwAVFwUQwwFIk0FA1oDB0VXfV5bFElXTwhBMlZPElwBVFlQJQ==","hxxp://www.sweet-page.com/?type=hp&ts=1446220027&z=dd5db83ea2098caa30dc34dg8z7zfq5o6o4e6e4ocm&from=cornl&uid=ST750LM022XHN-M750MBB_S2SUJ9ECB26508" CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default [2017-06-06] CHR Extension: (Prezentacje Google) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-06] CHR Extension: (Dokumenty Google) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06] CHR Extension: (Dysk Google) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23] CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (AVG Secure Search) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-06-27] CHR Extension: (Google Search) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (DownSpeedTest) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpdmooaefpilleajjbcmbpnjiillmbak [2017-05-24] CHR Extension: (Adobe Acrobat) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05] CHR Extension: (Arkusze Google) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-06] CHR Extension: (Dokumenty Google offline) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17] CHR Extension: (SafeSideSearch Extension) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclpcakhmfeidfpdlmoompeikfiapikb [2016-11-10] CHR Extension: (AVG SafePrice) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2017-06-04] CHR Extension: (DigitalPersona Extension) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2015-02-06] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-15] CHR Extension: (Window not close) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\omophjpgeglapdbegohmnaellnnlcffl [2017-05-04] CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-10] CHR Extension: (Chrome Media Router) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-23] CHR HKU\S-1-5-21-1402408945-3110404489-2080467581-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1402408945-3110404489-2080467581-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [knnaihaddpogmkclkahpcnhppgapinpe] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx [2012-09-20] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [262696 2017-05-04] (AVG Technologies CZ, s.r.o.) S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7448992 2017-05-04] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-05-31] (AVG Technologies CZ, s.r.o.) R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-27] (IVT Corporation) R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-20] (IVT Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-22] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-22] (Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-05-30] (Dropbox, Inc.) R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [488824 2012-09-20] (DigitalPersona, Inc.) R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [4405200 2017-05-17] (SecureMix LLC) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-15] (Hewlett-Packard Company) [Brak podpisu cyfrowego] R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-10-16] (Hewlett-Packard Company) R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1006424 2013-01-24] (Hewlett-Packard Company) [Brak podpisu cyfrowego] R2 Intel(R) Bluetooth Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [160712 2013-03-11] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-19] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.569\McCHSvc.exe [404376 2017-05-25] (McAfee, Inc.) R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242264 2014-11-20] () R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1719552 2017-02-15] (PDF Complete Inc) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-06] (IDT, Inc.) [Brak podpisu cyfrowego] R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [998296 2017-05-10] (McAfee, Inc.) R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16160 2017-05-10] (McAfee, Inc.) S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86776 2017-05-10] (McAfee, Inc.) R2 vToolbarUpdater40.3.2; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe [1309768 2016-07-21] (AVG Secure Search) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation) R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [976456 2016-07-21] () S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X] S2 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [X] S2 Quotenamron; C:\ProgramData\\Quotenamron\\Quotenamron.exe shuz -f "C:\ProgramData\\Quotenamron\\Quotenamron.dat" -l -a ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 avgbdisk; C:\Windows\system32\drivers\avgbdiska.sys [166136 2017-05-04] (AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [310056 2017-05-04] (AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [192096 2017-05-04] (AVG Technologies CZ, s.r.o.) R0 avgblog; C:\Windows\system32\drivers\avgbloga.sys [336408 2017-05-04] (AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [50848 2017-05-04] (AVG Technologies CZ, s.r.o.) S3 avgHwid; C:\Windows\system32\drivers\avgHwid.sys [39288 2017-05-04] (AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [129776 2017-05-04] (AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [102136 2017-05-04] (AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [76688 2017-05-04] (AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\Windows\system32\drivers\avgSnx.sys [1006040 2017-05-04] (AVG Technologies CZ, s.r.o.) R1 avgSP; C:\Windows\system32\drivers\avgSP.sys [557912 2017-05-04] (AVG Technologies CZ, s.r.o.) R2 avgStm; C:\Windows\system32\drivers\avgStm.sys [165048 2017-05-04] (AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\Windows\system32\drivers\avgVmm.sys [340688 2017-05-04] (AVG Technologies CZ, s.r.o.) U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation) S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-20] (Ralink Corporation) S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-02] (Ralink Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (SecureMix LLC) R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1062008 2012-08-03] (Sunplus) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-06-27] (Hewlett-Packard Development Company, L.P.) U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.) S3 dbx; system32\DRIVERS\dbx.sys [X] S3 rtbth; \SystemRoot\System32\drivers\rtbth.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-06-06 15:45 - 2017-06-06 15:45 - 01036718 _____ C:\Users\hp\Desktop\vol5512016079.pdf 2017-06-06 15:45 - 2017-06-06 15:45 - 00594560 _____ C:\Users\hp\Desktop\vol5422015115.pdf 2017-06-06 15:44 - 2017-06-06 15:44 - 00291582 _____ C:\Users\hp\Desktop\677.pdf 2017-06-06 15:43 - 2017-06-06 15:43 - 00657337 _____ C:\Users\hp\Desktop\ZASTOSOWANIE ORAZ.pdf 2017-06-06 15:40 - 2017-06-06 15:41 - 02433536 _____ (Farbar) C:\Users\hp\Downloads\FRST64 (3).exe 2017-06-06 15:21 - 2017-06-06 15:21 - 00284360 _____ C:\Windows\Minidump\060617-27968-01.dmp 2017-06-05 23:41 - 2017-06-05 23:41 - 00284360 _____ C:\Windows\Minidump\060517-27984-01.dmp 2017-06-05 23:23 - 2017-06-05 23:23 - 00657337 _____ C:\Users\hp\Downloads\ZASTOSOWANIE ORAZ.pdf 2017-06-05 22:52 - 2017-06-05 22:52 - 00973930 _____ C:\Users\hp\Downloads\Tlenowy-granulowany-osad-czynny-05.11.2015.pdf 2017-06-05 21:42 - 2017-06-05 21:42 - 00000374 _____ C:\Users\hp\Desktop\GMER.txt 2017-06-05 21:20 - 2017-06-05 21:20 - 00042723 _____ C:\Users\hp\Downloads\Shortcut.txt 2017-06-05 21:18 - 2017-06-06 15:53 - 00042157 _____ C:\Users\hp\Downloads\Addition.txt 2017-06-05 21:16 - 2017-06-06 15:55 - 00036629 _____ C:\Users\hp\Downloads\FRST.txt 2017-06-05 21:15 - 2017-06-06 15:55 - 00000000 ____D C:\FRST 2017-06-05 21:14 - 2017-06-05 21:14 - 02433536 _____ (Farbar) C:\Users\hp\Downloads\FRST64 (2).exe 2017-06-05 21:13 - 2017-06-05 21:13 - 00000000 ____D C:\Users\hp\AppData\Local\GlassWire 2017-06-05 21:12 - 2017-06-05 21:12 - 00001912 _____ C:\Users\Public\Desktop\GlassWire.lnk 2017-06-05 21:12 - 2017-06-05 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlassWire 2017-06-05 21:12 - 2017-06-05 21:12 - 00000000 ____D C:\ProgramData\GlassWire 2017-06-05 21:12 - 2017-06-05 21:12 - 00000000 ____D C:\Program Files (x86)\GlassWire 2017-06-05 21:12 - 2015-05-29 06:30 - 00008392 _____ C:\Windows\system32\Drivers\gwdrv.cat 2017-06-05 21:12 - 2015-05-29 06:15 - 00033152 _____ (SecureMix LLC) C:\Windows\system32\Drivers\gwdrv.sys 2017-06-05 21:10 - 2017-06-05 21:10 - 00380928 _____ C:\Users\hp\Downloads\ze545yxq.exe 2017-06-05 21:08 - 2017-06-05 21:10 - 30639400 _____ (SecureMix LLC) C:\Users\hp\Downloads\glasswire-setup-1.2.3100.exe 2017-06-05 21:04 - 2017-06-05 21:07 - 02433536 _____ (Farbar) C:\Users\hp\Downloads\FRST64 (1).exe 2017-06-05 21:03 - 2017-06-05 21:05 - 02433536 _____ (Farbar) C:\Users\hp\Downloads\FRST64.exe 2017-06-05 20:32 - 2017-06-05 20:32 - 00284304 _____ C:\Windows\Minidump\060517-26781-01.dmp 2017-06-05 20:19 - 2017-06-05 20:19 - 00284304 _____ C:\Windows\Minidump\060517-23437-01.dmp 2017-06-05 19:52 - 2017-06-05 19:52 - 00284248 _____ C:\Windows\Minidump\060517-26640-01.dmp 2017-06-05 19:40 - 2017-06-05 19:40 - 00284304 _____ C:\Windows\Minidump\060517-21625-01.dmp 2017-06-05 19:31 - 2017-06-05 19:32 - 00284304 _____ C:\Windows\Minidump\060517-30437-01.dmp 2017-06-05 18:00 - 2017-06-05 18:00 - 00508547 _____ C:\Users\hp\Downloads\New Inside Out WORD LISTS.pdf 2017-06-05 17:37 - 2017-06-05 17:38 - 00284304 _____ C:\Windows\Minidump\060517-35265-01.dmp 2017-06-05 17:29 - 2017-06-05 17:29 - 00000165 ____H C:\Users\hp\Desktop\~$Zmiany epigenetyczne zachodzące pod wpływem stresu_Bartosz Łowisz.pptx 2017-06-05 15:57 - 2017-06-05 15:58 - 00284304 _____ C:\Windows\Minidump\060517-33203-01.dmp 2017-06-04 21:37 - 2017-06-04 21:37 - 00001971 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2017-06-04 21:37 - 2017-06-04 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2017-06-04 21:37 - 2017-06-04 21:37 - 00000000 ____D C:\ProgramData\McAfee Security Scan 2017-06-04 21:27 - 2017-06-04 21:27 - 00285760 _____ C:\Windows\Minidump\060417-45937-01.dmp 2017-06-04 19:12 - 2017-06-04 19:12 - 00195687 _____ C:\Users\hp\Desktop\W-3.pdf 2017-06-04 19:07 - 2017-06-05 22:16 - 00450944 ____H C:\Users\hp\Desktop\~WRL3095.tmp 2017-06-04 12:16 - 2017-06-04 21:27 - 00000372 _____ C:\Windows\Tasks\HPCeeScheduleForhp Anna.job 2017-06-04 12:16 - 2017-06-04 12:16 - 00003190 _____ C:\Windows\System32\Tasks\HPCeeScheduleForhp Anna 2017-06-02 19:39 - 2017-06-02 19:39 - 00001158 _____ C:\Users\Public\Desktop\True Key.lnk 2017-05-31 19:38 - 2017-05-31 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-05-31 01:22 - 2017-06-06 15:28 - 00000000 ____D C:\Users\hp\Desktop\egzaminy i zaliczenia 2017-05-30 19:26 - 2017-05-30 19:26 - 00284304 _____ C:\Windows\Minidump\053017-27203-01.dmp 2017-05-30 19:16 - 2017-05-30 19:17 - 00284304 _____ C:\Windows\Minidump\053017-28218-01.dmp 2017-05-30 15:45 - 2017-05-30 15:45 - 12701327 ____H C:\Users\hp\Desktop\~WRL3605.tmp 2017-05-30 15:34 - 2017-05-30 15:35 - 00284304 _____ C:\Windows\Minidump\053017-33718-01.dmp 2017-05-30 12:22 - 2017-05-30 12:22 - 00048944 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2017-05-29 15:23 - 2017-05-29 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2017-05-24 20:50 - 2017-05-24 21:29 - 02986260 ____H C:\Users\hp\Desktop\~WRL0004.tmp 2017-05-24 20:33 - 2017-05-24 20:33 - 00284304 _____ C:\Windows\Minidump\052417-125890-01.dmp 2017-05-24 20:22 - 2017-05-24 20:22 - 00284304 _____ C:\Windows\Minidump\052417-119203-01.dmp 2017-05-24 20:08 - 2017-05-24 20:09 - 00284248 _____ C:\Windows\Minidump\052417-21656-01.dmp 2017-05-24 18:26 - 2017-05-24 18:26 - 00284304 _____ C:\Windows\Minidump\052417-27921-01.dmp 2017-05-24 18:00 - 2017-05-24 18:00 - 00284304 _____ C:\Windows\Minidump\052417-24109-01.dmp 2017-05-24 17:21 - 2017-05-24 18:21 - 00598761 ____H C:\Users\hp\Desktop\~WRL0003.tmp 2017-05-24 17:21 - 2017-05-24 17:58 - 00226040 ____H C:\Users\hp\Desktop\~WRL0965.tmp 2017-05-24 17:21 - 2017-05-24 17:21 - 00225561 ____H C:\Users\hp\Desktop\~WRL2066.tmp 2017-05-24 16:55 - 2017-05-24 16:55 - 00284304 _____ C:\Windows\Minidump\052417-27296-01.dmp 2017-05-24 15:26 - 2017-05-24 15:26 - 00284304 _____ C:\Windows\Minidump\052417-23171-01.dmp 2017-05-24 13:51 - 2017-05-24 13:51 - 00284248 _____ C:\Windows\Minidump\052417-31781-01.dmp 2017-05-24 10:46 - 2017-05-29 22:44 - 00000000 _____ C:\Windows\SysWOW64\last.dump 2017-05-22 23:16 - 2017-05-22 23:16 - 00284304 _____ C:\Windows\Minidump\052217-33468-01.dmp 2017-05-22 23:14 - 2017-05-22 23:14 - 00000000 ____D C:\Users\hp\AppData\Roaming\Google 2017-05-22 23:07 - 2017-05-22 23:07 - 00284304 _____ C:\Windows\Minidump\052217-29500-01.dmp 2017-05-10 15:40 - 2017-05-10 15:40 - 00284304 _____ C:\Windows\Minidump\051017-25484-01.dmp 2017-05-10 15:33 - 2017-05-10 15:33 - 00284304 _____ C:\Windows\Minidump\051017-20609-01.dmp 2017-05-10 14:55 - 2017-05-10 14:55 - 00284304 _____ C:\Windows\Minidump\051017-28031-01.dmp 2017-05-10 12:54 - 2017-05-10 12:54 - 00284304 _____ C:\Windows\Minidump\051017-23500-01.dmp 2017-05-10 12:35 - 2017-05-10 12:35 - 00284304 _____ C:\Windows\Minidump\051017-22640-01.dmp 2017-05-10 11:43 - 2017-05-10 11:43 - 00284304 _____ C:\Windows\Minidump\051017-28078-01.dmp 2017-05-09 22:48 - 2017-05-09 22:48 - 00284304 _____ C:\Windows\Minidump\050917-24765-01.dmp 2017-05-09 22:09 - 2017-05-09 22:10 - 00284304 _____ C:\Windows\Minidump\050917-32187-01.dmp 2017-05-09 21:59 - 2017-05-09 21:59 - 00284304 _____ C:\Windows\Minidump\050917-38703-01.dmp 2017-05-09 21:49 - 2017-05-09 21:50 - 00284248 _____ C:\Windows\Minidump\050917-42671-01.dmp 2017-05-07 23:29 - 2017-05-07 23:29 - 00284304 _____ C:\Windows\Minidump\050717-40015-01.dmp 2017-05-07 18:27 - 2017-05-07 18:28 - 00284248 _____ C:\Windows\Minidump\050717-36437-01.dmp 2017-05-07 18:03 - 2017-05-07 18:03 - 00000000 ____D C:\Users\hp\Downloads\LBP6020_6020B_R151_V110_W64_uk_EN_1 2017-05-07 17:58 - 2017-05-07 17:58 - 00000000 ____D C:\Users\hp\Downloads\LBP6020_6020B_R151_V110_W64_PL 2017-05-07 16:56 - 2017-05-07 16:57 - 00284304 _____ C:\Windows\Minidump\050717-48187-01.dmp ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-06-06 15:38 - 2015-02-22 08:41 - 00000000 ____D C:\Users\hp\Desktop\wszystko 2017-06-06 15:36 - 2017-02-21 18:05 - 00000000 ____D C:\Users\hp\Desktop\licencjat 2017-06-06 15:25 - 2016-10-22 17:41 - 00001182 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2017-06-06 15:24 - 2016-03-31 11:41 - 00000308 _____ C:\Windows\Tasks\System HealerStartUp.job 2017-06-06 15:23 - 2015-01-30 18:27 - 00000000 ____D C:\ProgramData\PDFC 2017-06-06 15:21 - 2015-03-05 02:55 - 00000000 ____D C:\Windows\Minidump 2017-06-06 15:21 - 2012-09-26 19:53 - 00000932 _____ C:\Windows\SysWOW64\bscs.ini 2017-06-06 15:21 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-06-06 15:20 - 2016-06-02 18:49 - 516436973 _____ C:\Windows\MEMORY.DMP 2017-06-05 23:57 - 2016-10-22 17:41 - 00001186 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2017-06-05 21:12 - 2015-02-08 21:40 - 26639360 ___SH C:\Users\hp\Desktop\Thumbs.db 2017-06-05 20:48 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF 2017-06-05 20:39 - 2015-01-30 09:02 - 01106874 _____ C:\Windows\system32\perfh015.dat 2017-06-05 20:39 - 2015-01-30 09:02 - 00258524 _____ C:\Windows\system32\perfc015.dat 2017-06-05 20:39 - 2012-07-26 09:28 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI 2017-06-05 18:07 - 2015-02-08 21:40 - 06510592 ___SH C:\Users\hp\Downloads\Thumbs.db 2017-06-05 15:31 - 2016-09-21 21:13 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task 2017-06-04 21:37 - 2017-04-28 23:19 - 00000000 ____D C:\Program Files\McAfee Security Scan 2017-06-04 21:28 - 2017-04-28 23:10 - 00000000 ____D C:\Program Files (x86)\McAfee 2017-06-04 21:27 - 2017-04-28 22:47 - 00000000 ____D C:\Program Files\TrueKey 2017-06-04 12:16 - 2015-01-30 18:42 - 00000000 ____D C:\Users\hp 2017-06-02 19:39 - 2017-04-28 23:14 - 00001172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk 2017-06-01 14:38 - 2016-03-31 11:41 - 00000308 _____ C:\Windows\Tasks\System HealerPeriod.job 2017-05-31 19:39 - 2016-10-22 17:41 - 00000000 ____D C:\Users\hp\AppData\Local\Dropbox 2017-05-31 19:38 - 2016-10-22 17:41 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-05-30 19:16 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\Inf 2017-05-29 15:23 - 2017-05-04 19:44 - 00001008 _____ C:\Users\Public\Desktop\AVG.lnk 2017-05-28 22:39 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI 2017-05-24 20:42 - 2017-04-30 21:41 - 00001414 _____ C:\Users\hp\Desktop\licencjat.txt 2017-05-24 15:22 - 2015-02-06 02:38 - 132223576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-05-24 15:22 - 2015-02-06 02:38 - 00000000 ____D C:\Windows\system32\MRT 2017-05-19 18:01 - 2015-02-06 00:20 - 00002208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-19 18:01 - 2015-02-06 00:20 - 00002196 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-05-10 12:20 - 2016-02-03 11:30 - 00000150 _____ C:\Windows\Reimage.ini 2017-05-09 18:57 - 2017-04-28 22:47 - 00004592 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-05-09 18:57 - 2015-03-31 00:43 - 00004388 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-05-09 18:56 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-05-09 18:56 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\Macromed 2017-05-08 19:31 - 2016-11-10 20:58 - 14884352 ____H C:\Users\hp\Desktop\~WRL0406.tmp 2017-05-07 18:50 - 2015-06-14 15:44 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-05-07 18:17 - 2015-09-13 19:28 - 00000000 ____D C:\Users\hp\AppData\Local\ElevatedDiagnostics 2017-05-07 16:52 - 2016-03-30 16:01 - 00000000 ____D C:\ProgramData\Quotenamron ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-03-30 16:01 - 2016-03-30 16:01 - 6504960 _____ () C:\Users\hp\AppData\Roaming\agent.dat 2016-03-30 16:01 - 2016-03-30 16:01 - 0065856 _____ () C:\Users\hp\AppData\Roaming\Config.xml 2016-03-30 16:00 - 2016-03-30 16:00 - 0053334 _____ () C:\Users\hp\AppData\Roaming\inst.lat 2016-03-30 16:00 - 2016-03-30 16:00 - 0014448 _____ () C:\Users\hp\AppData\Roaming\InstallationConfiguration.xml 2016-03-30 16:00 - 2016-03-30 16:00 - 0127488 _____ () C:\Users\hp\AppData\Roaming\Installer.dat 2016-03-30 16:01 - 2016-03-30 16:01 - 0018432 _____ () C:\Users\hp\AppData\Roaming\Main.dat 2016-03-30 16:01 - 2016-03-30 16:01 - 0005568 _____ () C:\Users\hp\AppData\Roaming\md.xml 2016-03-30 16:01 - 2016-03-30 16:01 - 0126464 _____ () C:\Users\hp\AppData\Roaming\noah.dat 2016-03-30 16:01 - 2016-03-30 16:01 - 1626591 _____ () C:\Users\hp\AppData\Roaming\Solit.tst 2016-03-30 16:01 - 2016-03-30 16:01 - 0032038 _____ () C:\Users\hp\AppData\Roaming\uninstall_temp.ico 2016-03-04 22:31 - 2016-03-07 17:32 - 0005120 _____ () C:\Users\hp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-10-30 17:49 - 2015-10-30 17:49 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Niektóre pliki w TEMP: ==================== 2016-08-06 19:57 - 2016-06-21 18:49 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\hp\AppData\Local\Temp\avguirn_08100444541.exe 2016-06-23 18:11 - 2016-05-18 13:03 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\hp\AppData\Local\Temp\avguirn_081755427439.exe 2016-05-06 23:31 - 2016-03-23 16:57 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\hp\AppData\Local\Temp\avguirn_081854807608.exe 2016-08-26 21:28 - 2016-07-20 14:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\hp\AppData\Local\Temp\avguirn_082122832979.exe 2016-05-31 16:10 - 2016-04-22 10:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\hp\AppData\Local\Temp\avguirn_082140552749.exe 2016-04-10 10:55 - 2016-02-18 12:09 - 0179624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\hp\AppData\Local\Temp\avguirn_08606144525.exe 2016-05-13 19:21 - 2016-04-14 17:29 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\hp\AppData\Local\Temp\avguirn_08745926526.exe 2017-02-16 19:47 - 2017-02-16 19:47 - 0000000 ____D () C:\Users\hp\AppData\Local\Temp\MovieStudio.exe 2016-02-03 11:31 - 2017-05-10 12:18 - 13414504 _____ (Reimage) C:\Users\hp\AppData\Local\Temp\ReimagePackage.exe 2016-01-20 19:58 - 2016-01-20 19:58 - 0987728 _____ (Google Inc.) C:\Users\hp\AppData\Local\Temp\{5C59EB17-7CA5-44BD-852C-0F6B3B057986}-GoogleUpdateSetup.exe 2016-01-16 09:57 - 2016-01-16 09:57 - 2776656 _____ () C:\Users\hp\AppData\Local\Temp\{FAF86DA7-ED69-41EB-9E1D-1DD4FFF1A57A}-47.0.2526.111_47.0.2526.106_chrome_updater_3stage.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-05-29 14:33 ==================== Koniec FRST.txt ============================