Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 21.02.2018 Uruchomiony przez Marek_M (administrator) MAREK_M-HP (23-02-2018 18:44:12) Uruchomiony z C:\Users\Marek_M\Desktop\FR64 Załadowane profile: Marek_M (Dostępne profile: Marek_M) Platform: Windows 7 Professional Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: "C:\Program Files\SRWare Iron (64-Bit)\chrome.exe" -- "%1") Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe () C:\Windows\System32\nvwmi64.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe () C:\Windows\System32\nvwmi64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Megatech\MProtect\MPServ.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe (Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Hewlett-Packard Development Company) C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Touchpoint Manager\Discover HP Touchpoint Manager\LHBeacon.exe () C:\Program Files (x86)\Kalendarz XP\Kalendarz.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe (ESET) C:\Program Files\ESET\ESET Security\egui.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe (The Chromium Authors) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe (The Chromium Authors) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe (The Chromium Authors) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe (The Chromium Authors) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe (The Chromium Authors) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe (The Chromium Authors) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe (The Chromium Authors) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe (The Chromium Authors) C:\Program Files\SRWare Iron (64-Bit)\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659224 2014-11-11] (Realtek Semiconductor) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-09-27] (Intel Corporation) HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2727568 2014-11-26] () HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2014-11-26] (NVIDIA Corporation) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [324352 2018-02-16] (ESET) HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2014-06-19] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [420056 2014-07-19] (Hewlett-Packard Company) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-04-10] (Intel Corporation) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127624 2015-01-31] (Hewlett-Packard Company) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110344 2014-10-06] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492808 2014-10-06] (CyberLink Corp.) HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2312408 2014-06-26] (Hewlett-Packard) HKLM-x32\...\Run: [Discover HP Touchpoint Manager] => C:\Program Files (x86)\Hewlett-Packard\HP Touchpoint Manager\Discover HP Touchpoint Manager\LHBeacon.exe [421000 2014-09-15] (Hewlett-Packard Company) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [Kalendarz XP] => C:\Program Files (x86)\Kalendarz XP\Kalendarz.exe [1194496 2007-05-06] () HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-23] (Adobe Systems Inc.) HKLM-x32\...\Run: [Adobe_ID0EZEHM] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-04-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [1823744 2012-01-05] (Dominik Reichl) HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, HKU\S-1-5-21-1506430796-3702061457-4014563804-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3541008 2013-01-10] (Tonec Inc.) HKU\S-1-5-21-1506430796-3702061457-4014563804-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.) HKU\S-1-5-21-1506430796-3702061457-4014563804-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation) HKU\S-1-5-21-1506430796-3702061457-4014563804-1001\...\Policies\Explorer: [] HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.) AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [171200 2018-02-16] (NVIDIA Corporation) AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171200 2018-02-16] (NVIDIA Corporation) AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [149224 2018-02-16] (NVIDIA Corporation) AppInit_DLLs-x32: ,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149224 2018-02-16] (NVIDIA Corporation) Lsa: [Notification Packages] DPPassFilter scecli Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2017-11-02] ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1029-0000-7760-000000000003}\_SC_Acrobat.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk [2017-11-02] ShortcutTarget: Adobe Acrobat Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe () CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{4ECBA84C-BE95-484F-9EFF-1A48288E4857}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{B0F72EE6-D4C2-48C1-A396-6BEA32ED6BC7}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS HKU\S-1-5-21-1506430796-3702061457-4014563804-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.pl/ HKU\S-1-5-21-1506430796-3702061457-4014563804-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2013-01-09] (Internet Download Manager, Tonec Inc.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-09-27] (HP Inc.) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2013-01-09] (Internet Download Manager, Tonec Inc.) BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23] (Adobe Systems Incorporated) BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-06-26] (Hewlett-Packard) BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-09-27] (HP Inc.) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH) FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome FF Extension: (HP Client Security Manager) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2015-10-09] [Przestarzałe] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension FF Extension: (PDF Architect 2 Creator) - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2017-11-27] [Przestarzałe] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-1506430796-3702061457-4014563804-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Marek_M\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\Marek_M\AppData\Roaming\IDM\idmmzcc5 [2017-10-31] [Przestarzałe] [Brak podpisu cyfrowego] FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-07-03] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-07-03] (Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN) FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-06-26] (DigitalPersona, Inc.) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2014-06-26] Opera: ======= StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.) R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-03-31] () [Brak podpisu cyfrowego] R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2014-07-28] (DigitalPersona, Inc.) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1940584 2018-02-16] (ESET) S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567608 2014-04-10] (Hewlett-Packard Company) R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2017-11-02] (Macrovision Europe Ltd.) [Brak podpisu cyfrowego] R2 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-23] (SafeNet Inc.) R2 HpDamServiceHost; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [18232 2014-04-10] (Hewlett-Packard Development Company) R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.) R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-26] (HP Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-09-27] (Intel Corporation) R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121288 2014-06-05] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-28] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-07-03] (Intel Corporation) R2 Megatech-Software-Protection; C:\Megatech\MProtect\MPSERV.EXE [36864 2007-12-12] () [Brak podpisu cyfrowego] S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-09-23] () R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2693448 2014-11-26] () S2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-09-04] (Realtek Semiconductor) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255576 2017-11-22] (Synaptics Incorporated) S3 ThunderboltService; c:\Program Files\Intel\Thunderbolt Software\tbtsvc.exe [1179944 2014-03-06] (Intel Corporation) R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [37248 2017-09-06] () R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [294168 2017-10-31] (Reason Software Company Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-04] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-09-23] (Intel® Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1423160 2014-04-19] (Motorola Solutions, Inc.) S3 btmlehid; C:\Windows\system32\drivers\btmlehid.sys [83256 2014-02-04] (Motorola Solutions, Inc.) R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-10-07] (Hewlett-Packard Company) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [489752 2014-07-24] (Intel Corporation) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [134368 2017-12-15] (ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107328 2017-12-15] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180088 2017-12-15] (ESET) R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50744 2017-12-15] (ESET) R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [81880 2017-12-15] (ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61040 2017-12-15] (ESET) R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [106304 2017-12-15] (ESET) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [323584 2012-10-06] (SafeNet Inc.) R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-09-27] (Intel Corporation) R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [199624 2014-06-05] (Intel Corporation) R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [125952 2014-07-03] (Intel Corporation) R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3429144 2014-10-17] (Intel Corporation) S3 nhi; C:\Windows\system32\drivers\twn70x.sys [59592 2014-03-06] (Intel Corporation) R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299152 2014-11-26] (NVIDIA Corporation) R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2014-02-03] (WinMagic Inc.) R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [827096 2015-02-07] (Realsil Semiconductor Corporation) S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [391896 2015-02-07] (Realsil Semiconductor Corporation) R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [228544 2014-06-05] (WinMagic Inc.) R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131264 2014-02-03] (WinMagic Inc.) S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [32496 2014-10-31] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [51288 2017-11-22] (Synaptics Incorporated) R3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2017-09-06] (The OpenVPN Project) R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-21] (Windows (R) Win 7 DDK provider) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-02-23 18:43 - 2018-02-23 18:44 - 000000000 ____D C:\FRST 2018-02-23 18:40 - 2018-02-23 18:44 - 000000000 ____D C:\Users\Marek_M\Desktop\FR64 2018-02-23 18:36 - 2018-02-23 18:36 - 002403328 _____ (Farbar) C:\Users\Marek_M\Downloads\Niepotwierdzony 174455.crdownload 2018-02-23 18:34 - 2018-02-23 18:36 - 002403328 _____ (Farbar) C:\Users\Marek_M\Downloads\FRST64.exe 2018-02-23 17:55 - 2018-02-23 17:55 - 000000507 _____ C:\Users\Marek_M\Desktop\Opis.txt 2018-02-23 17:35 - 2018-02-23 17:36 - 000001078 _____ C:\Windows\system32dbgraw.bmp 2018-02-22 22:35 - 2018-02-22 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2018-02-22 22:34 - 2018-02-22 22:34 - 000000000 ____D C:\Program Files\Microsoft Silverlight 2018-02-22 22:34 - 2018-02-22 22:34 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2018-02-16 22:21 - 2018-02-22 22:38 - 000000340 _____ C:\Windows\Tasks\HPCeeScheduleForMarek_M.job 2018-02-16 22:21 - 2018-02-22 22:28 - 000003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForMarek_M 2018-02-16 22:02 - 2018-01-22 00:50 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2018-02-16 22:02 - 2018-01-22 00:40 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2018-02-16 22:02 - 2018-01-19 15:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2018-02-16 22:02 - 2018-01-19 15:05 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2018-02-16 22:02 - 2018-01-19 15:05 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2018-02-16 22:02 - 2018-01-19 15:05 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2018-02-16 22:02 - 2018-01-19 15:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2018-02-16 22:02 - 2018-01-19 15:05 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2018-02-16 22:02 - 2018-01-19 15:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2018-02-16 22:02 - 2018-01-19 15:05 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2018-02-16 20:19 - 2018-02-16 20:19 - 000000000 ____D C:\Users\Marek_M\AppData\Local\NVIDIA Corporation 2018-02-16 20:15 - 2018-02-16 20:15 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2018-02-15 22:37 - 2018-02-10 08:19 - 002900480 ____N (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2018-02-15 22:37 - 2018-02-10 07:27 - 003241472 ____N (Microsoft Corporation) C:\Windows\system32\wininet.dll 2018-02-15 22:37 - 2018-02-10 07:14 - 001546240 ____N (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2018-02-15 22:37 - 2018-02-10 06:54 - 002294272 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2018-02-15 22:37 - 2018-02-10 06:14 - 002767872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2018-02-15 22:37 - 2018-02-10 06:10 - 001314304 ____N (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 001460736 ____N (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 001212928 ____N (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 001163264 ____N (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000880640 ____N (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000731648 ____N (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000503808 ____N (Microsoft Corporation) C:\Windows\system32\srcore.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000419840 ____N (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000361984 ____N (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000345600 ____N (Microsoft Corporation) C:\Windows\system32\schannel.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000316928 ____N (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000312320 ____N (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000243712 ____N (Microsoft Corporation) C:\Windows\system32\wow64.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000215552 ____N (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000210432 ____N (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000135680 ____N (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000123904 ____N (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000086528 ____N (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000044032 ____N (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000043520 ____N (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000028672 ____N (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000028160 ____N (Microsoft Corporation) C:\Windows\system32\secur32.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000022016 ____N (Microsoft Corporation) C:\Windows\system32\credssp.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000013312 ____N (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2018-02-15 22:37 - 2018-01-12 17:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2018-02-15 22:37 - 2018-01-12 17:33 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-02-15 22:37 - 2018-01-12 17:27 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2018-02-15 22:37 - 2018-01-12 17:26 - 001114112 ____N (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2018-02-15 22:37 - 2018-01-12 17:26 - 000666112 ____N (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-02-15 22:37 - 2018-01-12 17:26 - 000644096 ____N (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2018-02-15 22:37 - 2018-01-12 17:26 - 000275456 ____N (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2018-02-15 22:37 - 2018-01-12 17:26 - 000096768 ____N (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2018-02-15 22:37 - 2018-01-12 17:01 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2018-02-15 22:37 - 2018-01-12 17:01 - 000030720 ____N (Microsoft Corporation) C:\Windows\system32\lsass.exe 2018-02-15 22:37 - 2018-01-12 16:57 - 000036352 ____N (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2018-02-15 22:37 - 2018-01-05 17:31 - 000041472 ____N (Microsoft Corporation) C:\Windows\system32\lpk.dll 2018-02-15 22:37 - 2018-01-05 17:11 - 000025600 ____N (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2018-02-15 22:37 - 2017-12-05 18:36 - 001484288 ____N (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2018-02-15 22:37 - 2017-12-05 18:36 - 000229376 ____N (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2018-02-15 22:37 - 2017-12-05 18:36 - 000218112 ____N (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2018-02-15 22:37 - 2017-12-05 18:36 - 000141824 ____N (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2018-02-15 22:37 - 2017-12-05 18:08 - 001176576 ____N (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2018-02-15 22:37 - 2017-12-05 18:08 - 000179200 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-02-23 18:40 - 2017-10-31 21:15 - 000000000 ____D C:\Users\Marek_M\AppData\Roaming\TeraCopy 2018-02-23 17:57 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF 2018-02-23 17:49 - 2009-07-14 05:45 - 000031536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-02-23 17:49 - 2009-07-14 05:45 - 000031536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-02-23 17:41 - 2017-10-30 22:37 - 000741410 _____ C:\Windows\system32\perfh015.dat 2018-02-23 17:41 - 2017-10-30 22:37 - 000156426 _____ C:\Windows\system32\perfc015.dat 2018-02-23 17:41 - 2009-07-14 06:13 - 001672636 _____ C:\Windows\system32\PerfStringBackup.INI 2018-02-23 17:41 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2018-02-23 17:35 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-02-22 23:07 - 2017-10-31 21:29 - 000000000 ____D C:\Users\Marek_M\AppData\Roaming\DMCache 2018-02-22 22:26 - 2017-10-30 21:58 - 000003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{107A02DB-BFB8-4BFC-8675-CC430BB54A8F} 2018-02-22 22:17 - 2017-10-31 00:10 - 000000000 ____D C:\Windows\system32\appraiser 2018-02-16 23:32 - 2013-12-03 20:37 - 001645242 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2018-02-16 22:20 - 2017-10-30 21:58 - 000003768 _____ C:\Windows\System32\Tasks\Registration 2018-02-16 22:09 - 2017-11-14 22:12 - 000000000 ____D C:\Program Files (x86)\TunnelBear 2018-02-16 22:07 - 2017-10-31 00:03 - 000000000 ____D C:\Windows\system32\MRT 2018-02-16 22:06 - 2017-10-31 00:03 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe 2018-02-16 22:06 - 2017-10-31 00:03 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-02-16 22:04 - 2017-12-16 21:18 - 000000000 ____D C:\Program Files\Opera 2018-02-16 21:59 - 2017-10-30 21:58 - 000000000 ____D C:\Users\Marek_M 2018-02-16 21:58 - 2017-10-31 00:10 - 000000000 ___SD C:\Windows\system32\CompatTel 2018-02-16 21:58 - 2015-10-09 05:53 - 000000000 ____D C:\Windows\SysWOW64\NV 2018-02-16 21:58 - 2015-10-09 05:53 - 000000000 ____D C:\Windows\system32\NV 2018-02-16 21:58 - 2015-10-09 05:49 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2018-02-16 21:58 - 2015-10-09 05:38 - 000000000 ___HD C:\Windows\system32\WLANProfiles 2018-02-16 21:58 - 2009-07-14 04:20 - 000000000 __RSD C:\Windows\Media 2018-02-16 21:58 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\ras 2018-02-16 21:58 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\ras 2018-02-16 21:58 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions 2018-02-16 21:58 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Help 2018-02-16 21:58 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\AppCompat 2018-02-16 21:57 - 2017-12-16 23:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFZilla 2018-02-16 21:57 - 2017-12-16 23:34 - 000000000 ____D C:\Program Files (x86)\PDFZilla 2018-02-16 21:57 - 2017-12-16 21:50 - 000000000 ____D C:\Users\Marek_M\AppData\Local\MetaGeek,_LLC 2018-02-16 21:57 - 2017-12-16 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek 2018-02-16 21:57 - 2017-12-16 20:57 - 000000000 ____D C:\Users\Marek_M\AppData\Roaming\AIMP 2018-02-16 21:57 - 2017-12-16 20:50 - 000000000 ____D C:\Users\Marek_M\AppData\Roaming\IrfanView 2018-02-16 21:57 - 2017-11-14 18:01 - 000000000 ____D C:\Users\Marek_M\AppData\Local\HP_Inc 2018-02-16 21:57 - 2017-11-03 16:52 - 000000000 ____D C:\Users\Marek_M\AppData\Roaming\Autodesk 2018-02-16 21:57 - 2017-11-03 16:52 - 000000000 ____D C:\ProgramData\Autodesk 2018-02-16 21:57 - 2017-11-02 20:26 - 000000000 ____D C:\ProgramData\FLEXnet 2018-02-16 21:57 - 2017-10-31 00:18 - 000000000 ____D C:\Users\Marek_M\AppData\Local\Hewlett-Packard_Developme 2018-02-16 21:57 - 2015-10-09 05:50 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2018-02-16 21:57 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration 2018-02-16 21:57 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared 2018-02-16 21:56 - 2017-12-16 21:50 - 000000000 ____D C:\Program Files (x86)\MetaGeek 2018-02-16 21:56 - 2017-11-26 19:17 - 000000000 ____D C:\ProgramData\HP 2018-02-16 21:56 - 2017-10-31 00:13 - 000000000 __RHD C:\MSOCache 2018-02-16 21:11 - 2017-12-01 08:55 - 000000000 ____D C:\Users\Marek_M\Desktop\BRE_ZK_SN 2018-02-16 20:17 - 2015-10-09 05:53 - 000000000 ____D C:\ProgramData\NVIDIA 2018-02-16 20:14 - 2015-10-09 05:49 - 000171200 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2018-02-16 20:14 - 2015-10-09 05:49 - 000149224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-12-16 23:34 - 2008-07-07 13:22 - 000000014 _____ () C:\Users\Marek_M\AppData\Roaming\options.ini 2017-12-16 23:34 - 2012-07-07 13:04 - 000000003 _____ () C:\Users\Marek_M\AppData\Roaming\options_pdfcombine.ini 2017-12-16 23:34 - 2013-02-23 12:15 - 000000003 _____ () C:\Users\Marek_M\AppData\Roaming\options_pdfrotator.ini 2017-12-16 23:34 - 2016-03-30 18:18 - 000000701 _____ () C:\Users\Marek_M\AppData\Roaming\pdfsound.dll 2017-12-16 23:34 - 2013-06-09 09:38 - 000000053 _____ () C:\Users\Marek_M\AppData\Roaming\setting.ini 2017-12-16 23:34 - 2017-12-16 23:45 - 000000030 _____ () C:\Users\Marek_M\AppData\Roaming\setup.ini 2017-12-16 23:34 - 2017-12-16 23:45 - 000000043 _____ () C:\Users\Marek_M\AppData\Roaming\setup_pdfcombine.ini 2017-12-16 23:34 - 2013-06-09 10:34 - 000000043 _____ () C:\Users\Marek_M\AppData\Roaming\setup_pdfrotator.ini Niektóre pliki w TEMP: ==================== 2017-11-03 16:52 - 2015-01-26 15:59 - 000060296 _____ (Autodesk, Inc.) C:\Users\Marek_M\AppData\Local\Temp\AcDeltree.exe 2013-06-04 19:30 - 2013-06-04 19:30 - 000050432 ____R () C:\Users\Marek_M\AppData\Local\Temp\Extract.exe 2017-11-12 00:18 - 2014-07-15 02:26 - 006739008 _____ (Foxit Corporation) C:\Users\Marek_M\AppData\Local\Temp\Foxit PhantomPDF Updater.exe 2017-11-26 19:17 - 2017-11-26 19:17 - 000935864 _____ () C:\Users\Marek_M\AppData\Local\Temp\TAInstaller.exe 2017-11-11 20:39 - 2017-09-27 09:33 - 000172400 _____ (HP Inc.) C:\Users\Marek_M\AppData\Local\Temp\UninstallHPSA.exe 2017-12-16 19:07 - 2006-05-24 18:10 - 000455600 _____ (Macrovision Corporation) C:\Users\Marek_M\AppData\Local\Temp\_is2645.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-02-15 18:11 ==================== Koniec FRST.txt ============================