Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 19-05.2019 Uruchomiony przez Roksanka (administrator) ROKSANKA-HP (Hewlett-Packard HP Pavilion g6 Notebook PC) (19-05-2019 21:13:01) Uruchomiony z C:\Users\Roksanka\Desktop Załadowane profile: Roksanka (Dostępne profile: Roksanka) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Antivirus\egui.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Antivirus\ekrn.exe (Google LLC -> Google) C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\SwReporter\40.200.201.3\software_reporter_tool.exe (Google LLC -> Google) C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\SwReporter\40.200.201.3\software_reporter_tool.exe (Google LLC -> Google) C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\SwReporter\40.200.201.3\software_reporter_tool.exe (Google LLC -> Google) C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\SwReporter\40.200.201.3\software_reporter_tool.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Huawei Software Technologies Co., LTD. -> ) C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe (IDT, Inc.) [Brak podpisu cyfrowego] C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.) [Brak podpisu cyfrowego] C:\Program Files\IDT\WDM\sttray64.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\Roksanka\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Opera Software AS -> Opera Software) C:\Users\Roksanka\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software) C:\Users\Roksanka\AppData\Local\Temp\opera autoupdate\installer.exe (Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Protexis Inc. -> Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Realsil Microelectronics Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-10-01] (IDT, Inc.) [Brak podpisu cyfrowego] HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-09-27] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2795248 2013-10-01] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc. -> Apple Inc.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Antivirus\ecmds.exe [178496 2018-04-19] (ESET, spol. s r.o. -> ESET) HKU\S-1-5-21-401114214-1193736764-2307863192-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd -> Piriform Ltd) HKU\S-1-5-21-401114214-1193736764-2307863192-1001\...\Run: [BingSvc] => C:\Users\Roksanka\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation) HKU\S-1-5-21-401114214-1193736764-2307863192-1001\...\MountPoints2: F - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-401114214-1193736764-2307863192-1001\...\MountPoints2: G - G:\HiSuiteDownLoader.exe HKU\S-1-5-21-401114214-1193736764-2307863192-1001\...\MountPoints2: {084bc2ab-ca22-11e6-a330-101f74b1ac4a} - F:\startme.exe HKU\S-1-5-21-401114214-1193736764-2307863192-1001\...\MountPoints2: {130aa38e-91d7-11e8-bf37-101f74b1ac4a} - "F:\WD Drive Unlock.exe" autoplay=true HKU\S-1-5-21-401114214-1193736764-2307863192-1001\...\MountPoints2: {1828fe9d-ebb7-11e6-9285-101f74b1ac4a} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-401114214-1193736764-2307863192-1001\...\MountPoints2: {2fe4a025-b429-11e7-a348-101f74b1ac4a} - G:\HiSuiteDownLoader.exe HKU\S-1-5-21-401114214-1193736764-2307863192-1001\...\MountPoints2: {69a2de14-026b-11e6-af82-101f74b1ac4a} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-401114214-1193736764-2307863192-1001\...\MountPoints2: {7fe861c6-cf2d-11e6-9f7d-101f74b1ac4a} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-401114214-1193736764-2307863192-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\GPhotos.scr HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\Installer\chrmstp.exe [2019-05-19] (Google LLC -> Google Inc.) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2016-09-30] (McAfee, Inc. -> McAfee, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0924EDAC-1037-44B6-9178-FAD38D7E78B5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [271448 2017-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {0B1BA13A-F08B-46F2-A570-B4FB35B1CD25} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.) Task: {0EAA70F4-D123-4DC2-B74B-0AF80979FE1C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [19512 2011-02-23] (Hewlett-Packard Company -> Hewlett-Packard Company) Task: {10C82EBE-4888-478D-A0E0-0D76D2105199} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2017-10-12] (Apple Inc. -> Apple Inc.) Task: {128A4DE0-87D0-42B6-BFE8-61B0F33E17D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.) Task: {14722D76-4E77-4B8F-8BFC-396B79B0CE47} - System32\Tasks\Opera scheduled Autoupdate 1558278624 => C:\Users\Roksanka\AppData\Local\Programs\Opera\launcher.exe [1493592 2019-05-16] (Opera Software AS -> Opera Software) Task: {171E8A98-4816-4F15-9193-32E1501607AD} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe [1277016 2017-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {28612FDE-DDCC-4DFF-BD8F-5154775BE320} - System32\Tasks\{F1CD65AD-2557-4533-8958-756D654CE689} => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Software Sarl -> Skype Technologies S.A.) Task: {2F9F5BF2-12C8-44A5-A231-8D3CDAE1BE68} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1301560 2011-02-23] (Hewlett-Packard Company -> Hewlett-Packard Company) Task: {2FF90ED3-9534-4F20-8DED-6256519BC145} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {498FB63B-E0DA-400B-94E1-B3D8D7FCA4C7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [2380088 2019-04-07] (AVAST Software s.r.o. -> AVAST Software) Task: {6EA26F1C-6B53-425B-82B4-DE7994A21A3F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7045848 2016-11-15] (Piriform Ltd -> Piriform Ltd) Task: {7A738100-3755-47F9-B92F-FCF01704164D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1301560 2011-02-23] (Hewlett-Packard Company -> Hewlett-Packard Company) Task: {865CB719-E2E4-43C9-A32A-FE51C6DD7821} - System32\Tasks\AdobeGCInvoker-1.0-Roksanka-HP-Roksanka => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {886FE209-1A06-4909-A07B-58FAEA27F257} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2011-03-22] (CyberLink -> CyberLink) Task: {9DF9C4B4-7762-4E6D-BB66-D92E0F4C1ED0} - System32\Tasks\AdobeAAMUpdater-1.0-Roksanka-HP-Roksanka => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {A04FA590-934D-48F6-9AB1-EFAFC094FE7C} - System32\Tasks\{5C1BB58B-D5BB-4FC6-88F5-904D8308481A} => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Software Sarl -> Skype Technologies S.A.) Task: {A0C46145-C001-4805-A202-F087BE70F3AD} - System32\Tasks\{4C52E79A-B987-437F-AED7-B8A4597B47CD} => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Software Sarl -> Skype Technologies S.A.) Task: {D81CFA3B-8CC3-4C5B-A886-424ACBD73A19} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [564536 2015-06-24] (Hewlett-Packard Company -> Hewlett-Packard) Task: {F059BEA4-7FD0-45B9-95E9-5F63F4F6A507} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [564536 2015-06-24] (Hewlett-Packard Company -> Hewlett-Packard) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{289549E0-3EA3-4F33-A6AE-63D5B403715D}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{DCE17D4C-90B4-4BC9-8001-8332BB153E51}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131513300755189639&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131513300755829675&GUID=00000000-0000-0000-0000-000000000000 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = SearchScopes: HKU\S-1-5-21-401114214-1193736764-2307863192-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-401114214-1193736764-2307863192-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Pomocnik logowania za pomocą konta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR DefaultProfile: Profile 1 CHR HomePage: Profile 1 -> msn.com CHR StartupUrls: Profile 1 -> "hxxp://google.pl/" CHR Profile: C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Default [2019-05-19] CHR Extension: (Prezentacje Google) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-05] CHR Extension: (Dokumenty Google) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-05] CHR Extension: (Dysk Google) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-05] CHR Extension: (YouTube) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-05] CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-03-05] CHR Extension: (Arkusze Google) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-05] CHR Extension: (Dokumenty Google offline) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-01] CHR Extension: (Skype) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-04-01] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-01] CHR Extension: (Gmail) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-05] CHR Extension: (Chrome Media Router) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-29] CHR Profile: C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-05-19] CHR Extension: (Prezentacje) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Dokumenty) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Dysk Google) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18] CHR Extension: (YouTube) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Adblock Plus - darmowy adblocker) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-23] CHR Extension: (Google Search) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Adobe Acrobat) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-19] CHR Extension: (Arkusze) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Dokumenty Google offline) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-26] CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2019-05-19] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04] CHR Extension: (Gmail) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30] CHR Extension: (Chrome Media Router) - C:\Users\Roksanka\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-19] CHR HKU\S-1-5-21-401114214-1193736764-2307863192-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-401114214-1193736764-2307863192-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR StartupUrls: "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_616_bl-is-21__alt__ddc_dsssyc_bd_com" OPR Session Restore: -> [funkcja włączona] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc. -> Apple Inc.) R2 ekrn; C:\Program Files\ESET\ESET Antivirus\ekrn.exe [2240264 2018-04-19] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Antivirus\ekrn.exe [2240264 2018-04-19] (ESET, spol. s r.o. -> ESET) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company -> Hewlett-Packard Company) R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [192304 2016-02-16] (Huawei Software Technologies Co., LTD. -> ) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-09-27] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2372096 2011-02-19] (Realsil Microelectronics Inc.) [Brak podpisu cyfrowego] R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339968 2013-10-01] (IDT, Inc.) [Brak podpisu cyfrowego] S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-09-30] (McAfee, Inc. -> McAfee, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 androidusb; C:\Windows\System32\Drivers\ssadadb.sys [36328 2011-05-13] (MCCI Internal Testing Software -> Google Inc) R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2736640 2011-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.) R1 ccnfd_1_10_0_6; C:\Windows\System32\drivers\ccnfd_1_10_0_6.sys [58232 2015-01-07] (CLICKCAPTION -> ClickCaption) R3 clwvd; C:\Windows\System32\DRIVERS\clwvd.sys [31088 2010-07-28] (CyberLink -> CyberLink Corporation) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [137928 2018-04-12] (ESET, spol. s r.o. -> ESET) U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-13] (ESET, spol. s r.o. -> ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [196112 2018-04-12] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [108320 2018-04-12] (ESET, spol. s r.o. -> ESET) S3 HWHandSet; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [223232 2016-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-09-27] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [12262624 2011-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2011-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation) S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2017-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-01] (Synaptics Incorporated -> Synaptics Incorporated) S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [551936 2013-10-01] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) U0 aswVmm; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-05-19 21:13 - 2019-05-19 21:18 - 000028140 _____ C:\Users\Roksanka\Desktop\FRST.txt 2019-05-19 20:48 - 2019-05-19 21:01 - 000009947 _____ C:\Users\Roksanka\Desktop\Fixlog.txt 2019-05-19 17:25 - 2019-05-19 21:13 - 000000000 ____D C:\FRST 2019-05-19 17:24 - 2019-05-19 17:25 - 002435072 _____ (Farbar) C:\Users\Roksanka\Desktop\FRST64.exe 2019-05-19 17:10 - 2019-05-19 17:10 - 000004138 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1558278624 2019-05-19 17:10 - 2019-05-19 17:10 - 000001328 _____ C:\Users\Roksanka\Desktop\Przeglądarka Opera.lnk 2019-05-19 17:10 - 2019-05-19 17:10 - 000001328 _____ C:\Users\Roksanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk 2019-05-19 15:50 - 2019-05-19 15:55 - 000000000 ____D C:\AdwCleaner 2019-05-19 15:20 - 2019-05-19 15:50 - 007025360 _____ (Malwarebytes) C:\Users\Roksanka\Downloads\adwcleaner_7.3.exe 2019-05-19 13:24 - 2019-05-19 13:27 - 000000000 ____D C:\d6ecd7bf5a843a1cd8c032742af22e 2019-05-17 22:28 - 2019-05-17 22:54 - 000000000 ____D C:\Users\Roksanka\Desktop\skopiowane 2019-05-17 18:53 - 2019-05-17 18:53 - 000000000 ____D C:\Users\Roksanka\Desktop\iTunes Crash Logs 2019-05-17 03:42 - 2019-05-17 03:42 - 000000000 ___HD C:\_Exception1 2019-05-17 03:42 - 2019-05-17 03:42 - 000000000 ____D C:\Backup_2019-05-16 174201 2019-05-15 21:05 - 2019-05-15 21:05 - 000000000 ____D C:\HP_TOOLS_mountHPSF ==================== Jeden miesiąc (zmodyfikowane) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-05-19 21:06 - 2015-05-03 12:55 - 000000008 __RSH C:\ProgramData\ntuser.pol 2019-05-19 21:05 - 2009-07-14 07:08 - 000032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2019-05-19 21:05 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-05-19 20:53 - 2015-01-28 21:29 - 000000000 ____D C:\Users\Roksanka\AppData\LocalLow\Temp 2019-05-19 20:50 - 2016-05-14 21:02 - 000000000 ____D C:\Users\Roksanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2019-05-19 20:50 - 2015-01-26 22:47 - 000002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-05-19 20:50 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\GroupPolicy 2019-05-19 18:32 - 2015-06-23 10:24 - 000002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-05-19 18:22 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-05-19 18:22 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-05-19 16:06 - 2011-05-28 09:25 - 000741726 _____ C:\Windows\system32\perfh015.dat 2019-05-19 16:06 - 2011-05-28 09:25 - 000156766 _____ C:\Windows\system32\perfc015.dat 2019-05-19 16:06 - 2009-07-14 07:13 - 001674012 _____ C:\Windows\system32\PerfStringBackup.INI 2019-05-19 16:06 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2019-05-19 15:02 - 2015-01-26 15:42 - 000000000 ____D C:\Users\Roksanka\Desktop\DOKUMNETY 2019-05-19 14:28 - 2016-12-10 17:19 - 000000000 ____D C:\Windows\system32\MRT 2019-05-19 14:10 - 2015-01-29 15:04 - 000000000 ____D C:\Users\Roksanka\AppData\Local\Adobe 2019-05-19 13:57 - 2016-12-10 17:19 - 132445408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-05-19 13:33 - 2015-01-27 17:56 - 001646618 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2019-05-17 20:05 - 2019-04-13 16:49 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-05-17 19:31 - 2018-11-14 16:53 - 000000000 ____D C:\Users\Roksanka\Desktop\aplikacja work 2019-05-17 01:25 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration 2019-05-16 18:02 - 2015-01-26 22:42 - 000000000 ____D C:\Users\Roksanka 2019-05-16 12:16 - 2015-02-16 12:21 - 000000000 __SHD C:\Users\Roksanka\AppData\LocalLow\EmieUserList 2019-05-16 12:13 - 2015-02-16 12:21 - 000000000 __SHD C:\Users\Roksanka\AppData\Local\EmieUserList 2019-05-16 12:13 - 2015-02-16 12:21 - 000000000 __SHD C:\Users\Roksanka\AppData\Local\EmieSiteList 2019-05-16 12:13 - 2015-01-28 17:35 - 000000000 __SHD C:\Users\Roksanka\AppData\LocalLow\EmieSiteList 2019-05-15 21:25 - 2015-01-28 14:29 - 000000000 ____D C:\Program Files (x86)\Opera 2019-05-15 20:57 - 2015-01-26 22:46 - 000003482 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2019-05-15 20:57 - 2015-01-26 22:46 - 000003354 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2019-04-30 19:00 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache 2019-04-22 11:25 - 2009-07-14 06:45 - 000500600 _____ C:\Windows\system32\FNTCACHE.DAT ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-11-05 21:02 - 2016-04-08 01:18 - 000000034 _____ () C:\Users\Roksanka\AppData\Roaming\AdobeWLCMCache.dat 2015-02-24 01:00 - 2015-12-01 14:59 - 000011776 _____ () C:\Users\Roksanka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-10-04 17:09 - 2018-10-04 17:09 - 000000000 _____ () C:\Users\Roksanka\AppData\Local\oobelibMkey.log 2016-12-25 16:06 - 2016-12-25 16:10 - 045700992 _____ (Sony) C:\Users\Roksanka\AppData\Local\pcc.exe 2016-11-18 12:40 - 2016-11-18 12:40 - 000000981 _____ () C:\Users\Roksanka\AppData\Local\recently-used.xbel ==================== SigCheck =============================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) LastRegBack: 2019-05-19 20:35 ==================== Koniec FRST.txt ============================