Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:11-10-2015 01 Uruchomiony przez ALEKS (administrator) ALEKS-KOMPUTER (11-10-2015 17:45:27) Uruchomiony z C:\Users\ALEKS\Downloads Załadowane profile: ALEKS & UpdatusUser (Dostępne profile: ALEKS & UpdatusUser & Gość) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Qihu Software Co. Limited) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe () C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe () C:\Program Files (x86)\Common Files\NMSAccessU.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe (SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Flux Software LLC) C:\Users\ALEKS\AppData\Local\FluxSoftware\Flux\flux.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Program Files (x86)\Netia\Mobilny Internet\UIExec.exe (百度在线网络技术(北京)有限公司) C:\Program Files (x86)\baidu\BaiduSd\3.0.0.4605\BaiduSdUProxy64.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe () C:\Windows\SysWOW64\Rezip.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe () C:\Program Files (x86)\Netia\Mobilny Internet\AssistantServices.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Google Inc.) C:\Users\ALEKS\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ALEKS\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ALEKS\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ALEKS\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ALEKS\AppData\Local\Google\Chrome\Application\chrome.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Users\ALEKS\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\ALEKS\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9644576 2009-12-15] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM\...\Run: [baidusdTray] => C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\baidusdTray.exe [3257240 2015-04-21] (百度在线网络技术(北京)有限公司) HKLM-x32\...\Run: [UpdateLBPShortCut] => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" HKLM-x32\...\Run: [CLMLServer] => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" HKLM-x32\...\Run: [UpdateP2GoShortCut] => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" HKLM-x32\...\Run: [UpdatePDRShortCut] => "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0" HKLM-x32\...\Run: [RemoteControl8] => "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" HKLM-x32\...\Run: [PDVD8LanguageShortcut] => "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe" HKLM-x32\...\Run: [UpdatePPShortCut] => "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0" HKLM-x32\...\Run: [UpdatePSTShortCut] => "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" HKLM-x32\...\Run: [APLangApp] => C:\Program Files (x86)\AnyPC Client\APLangApp.exe [13312 2009-11-20] (DoctorSoft) HKLM-x32\...\Run: [UCam_Menu] => "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\Netia\Mobilny Internet\UIExec.exe [138072 2010-03-02] () HKLM-x32\...\Run: [Acrobat Assistant 8.0] => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" HKLM-x32\...\Run: [baidusdTray] => C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdTray.exe [3257240 2015-04-21] (百度在线网络技术(北京)有限公司) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3775912 2015-08-24] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1287800 2015-09-21] (QIHU 360 SOFTWARE CO. LIMITED) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\Run: [Google Update] => C:\Users\ALEKS\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.) HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\Run: [TomTomHOME.exe] => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\Run: [Facebook Update] => "C:\Users\ALEKS\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\Run: [ALLUpdate] => D:\ALLPlayer\ALLPlayer\ALLUpdate.exe [3670472 2015-07-28] (ALLPlayer Group Ltd.) HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd) HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\Run: [f.lux] => C:\Users\ALEKS\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\MountPoints2: G - G:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\MountPoints2: {29107e47-048d-11e1-944d-b482fe516781} - F:\setup.exe AUTORUN=1 HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\MountPoints2: {328d7793-308e-11e0-95c3-b482fe516781} - F:\AutoRun.exe HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\MountPoints2: {328d7797-308e-11e0-95c3-b482fe516781} - F:\AutoRun.exe HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\MountPoints2: {4d8fb533-d37b-11e3-9d96-b482fe516781} - F:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\MountPoints2: {54b4b296-18e0-11e0-a17d-b482fe516781} - F:\LaunchU3.exe -a HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\MountPoints2: {66d1117a-654a-11e4-994e-b482fe516781} - F:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\MountPoints2: {9b5851f0-2fb7-11e0-9d02-b482fe516781} - F:\AutoRun.exe HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\MountPoints2: {ac7b9138-7f17-11e1-9944-b482fe516781} - F:\Setup.exe HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\MountPoints2: {cb0f2e30-124e-11e3-ad7e-b482fe516781} - G:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\MountPoints2: {cb0f3321-124e-11e3-ad7e-b482fe516781} - G:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\MountPoints2: {d79073ea-36c9-11e3-8c22-b482fe516781} - G:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\MountPoints2: {d7907857-36c9-11e3-8c22-b482fe516781} - F:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\...\MountPoints2: {e1aa5689-b1b2-11df-a2dc-b482fe516781} - F:\setup\rsrc\Autorun.exe HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-2195184045-3265951034-2981680463-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> Startup: C:\Users\ALEKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-07-01] ShortcutTarget: Dropbox.lnk -> C:\Users\ALEKS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) GroupPolicy: Ograniczenia - Chrome <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 10.30.30.1 150.254.173.2 150.254.173.3 8.8.8.8 Tcpip\..\Interfaces\{B6AC41CC-732B-4B03-897C-92612C138041}: [DhcpNameServer] 10.30.30.1 150.254.173.2 150.254.173.3 8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.duba.com/?un_449343_1618 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={261F23AB-804E-43AB-9593-0DC92CD90ACE}&mid=f1b312713de3484dbabaf754ff139815-37513ad3abf0df8ad8a29357f444e280373f62d3&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-05-05 17:44:05&v=4.1.8.599&pid=wtu&sg=&sap=hp HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={261F23AB-804E-43AB-9593-0DC92CD90ACE}&mid=f1b312713de3484dbabaf754ff139815-37513ad3abf0df8ad8a29357f444e280373f62d3&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-05-05 17:44:05&v=4.1.8.599&pid=wtu&sg=&sap=hp HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2195184045-3265951034-2981680463-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2009-01-29] () BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2015-09-21] (Qihu 360 Software Co., Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-10-11] (Oracle Corporation) BHO-x32: Pomocnik logowania za pomocą identyfikatora Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Brak pliku BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2009-01-29] () BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2015-09-21] (Qihu 360 Software Co., Ltd.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-10-11] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Brak nazwy -> {fda8d6c4-fe72-447c-b234-6ed844ce65c9} -> Brak pliku Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2009-01-29] () Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2009-01-29] () Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated) DPF: HKLM-x32 {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} hxxps://m.zentis.pl/dwa85W.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Brak pliku Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2009-01-29] () Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2009-01-29] () Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Brak pliku FireFox: ======== FF ProfilePath: C:\Users\ALEKS\AppData\Roaming\Mozilla\Firefox\Profiles\zf5fg4xv.default FF Homepage: hxxps://mysearch.avg.com/?cid={261F23AB-804E-43AB-9593-0DC92CD90ACE}&mid=f1b312713de3484dbabaf754ff139815-37513ad3abf0df8ad8a29357f444e280373f62d3&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0415av&pr=fr&d=2015-05-05 17:44:05&v=4.1.5.143&pid=wtu&sg=&sap=hp FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] () FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw.dll [Brak pliku] FF Plugin-x32: @baidu.com/BaiduExpert-npplugin -> C:\Users\ALEKS\AppData\Roaming\Baidu\BDWebAdapter\3.0.331.0\npBDExNP.dll [2015-08-19] (百度在线网络技术(北京)有限公司) FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll [2014-11-06] (百度在线网络技术(北京)有限公司) FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-10-11] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-10-11] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [Brak pliku] FF Plugin-x32: Adobe Reader -> D:\Adobe\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems) FF Plugin HKU\S-1-5-21-2195184045-3265951034-2981680463-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ALEKS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll Brak pliku FF Plugin HKU\S-1-5-21-2195184045-3265951034-2981680463-1001: @tools.google.com/Google Update;version=3 -> C:\Users\ALEKS\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin HKU\S-1-5-21-2195184045-3265951034-2981680463-1001: @tools.google.com/Google Update;version=9 -> C:\Users\ALEKS\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin HKU\S-1-5-21-2195184045-3265951034-2981680463-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ALEKS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-02-22] (Unity Technologies ApS) FF SearchPlugin: C:\Users\ALEKS\AppData\Roaming\Mozilla\Firefox\Profiles\zf5fg4xv.default\searchplugins\dikipl---sownik-angielskiego.xml [2010-12-11] FF Extension: Personas Plus - C:\Users\ALEKS\AppData\Roaming\Mozilla\Firefox\Profiles\zf5fg4xv.default\Extensions\personas@christopher.beard.xpi [2013-03-01] FF Extension: SmallringFX DARKBlue - C:\Users\ALEKS\AppData\Roaming\Mozilla\Firefox\Profiles\zf5fg4xv.default\Extensions\{0471d3b0-a403-11df-981c-0800200c9a66}.xpi [2011-06-04] FF Extension: Adblock Plus - C:\Users\ALEKS\AppData\Roaming\Mozilla\Firefox\Profiles\zf5fg4xv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-10] FF HKLM-x32\...\Firefox\Extensions: [{B7082FAA-CB62-4872-9106-E42DD88EDE45}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2010-03-06] FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release8029.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release8029\ff => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn => nie znaleziono FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox FF Extension: 360 Internet Protection - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2015-10-10] StartMenuInternet: FIREFOX.EXE - D:\Mozilla Firefox\firefox.exe Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.pl/" CHR Plugin: (Native Client) - C:\Users\ALEKS\AppData\Local\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => Brak pliku CHR Plugin: (Chrome PDF Viewer) - C:\Users\ALEKS\AppData\Local\Google\Chrome\Application\45.0.2454.101\pdf.dll => Brak pliku CHR Plugin: (Shockwave Flash) - C:\Users\ALEKS\AppData\Local\Google\Chrome\Application\45.0.2454.101\gcswf32.dll => Brak pliku CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll => Brak pliku CHR Plugin: (AVG Internet Security) - C:\Users\ALEKS\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll => Brak pliku CHR Plugin: (vShare.tv plug-in) - C:\Users\ALEKS\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll => Brak pliku CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Brak pliku CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => Brak pliku CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => Brak pliku CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - D:\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation) CHR Plugin: (LiveVDO plug-in) - D:\Mozilla Firefox\plugins\npvsharetvplg.dll (LiveVDO ) CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll => Brak pliku CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll => Brak pliku CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Unity Player) - C:\Users\ALEKS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Facebook Desktop) - C:\Users\ALEKS\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll => Brak pliku CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\ALEKS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Brak pliku CHR Plugin: (Google Update) - C:\Users\ALEKS\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Brak pliku CHR Plugin: (Shockwave for Director) - C:\windows\system32\Adobe\Director\np32dsw.dll => Brak pliku CHR Plugin: (Picasa) - D:\Picasa Google\Picasa3\npPicasa3.dll => Brak pliku CHR Profile: C:\Users\ALEKS\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Przelewy24) - C:\Users\ALEKS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiicmmpkicnndkhlnnloilpgncbpkbjj [2015-05-12] CHR Extension: (Adblock Plus) - C:\Users\ALEKS\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-21] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\ALEKS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx CHR HKLM-x32\...\Chrome\Extension: [eflnnkmjeadgdeplfdhkhfpfjgppnlpl] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta837\ch\VideoPlayerV3beta837.crx CHR HKLM-x32\...\Chrome\Extension: [eninddghlnbmemfnoobkjdjgphopojgc] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha295\ch\WebexpEnhancedV1alpha295.crx CHR HKLM-x32\...\Chrome\Extension: [ocldjbeggnppblbfbbokokmicofpbhng] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release8029\ch\RichMediaViewV1release8029.crx StartMenuInternet: Google Chrome - C:\Users\ALEKS\AppData\Local\Google\Chrome\Application\chrome.exe Opera: ======= OPR Extension: (Adblock Plus) - C:\Users\ALEKS\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-04-04] StartMenuInternet: (HKLM) OperaStable - D:\Opera\Launcher.exe ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3637160 2015-08-24] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-08-24] (AVG Technologies CZ, s.r.o.) R2 BaiduHips; C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe [64008 2015-04-03] (百度在线网络技术(北京)有限公司) R2 BDKVRTP; C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\BaiduSdSvc.exe [793096 2014-11-06] (百度在线网络技术(北京)有限公司) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [203280 2009-01-23] () R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 NMSAccessU; C:\Program Files (x86)\Common Files\NMSAccessU.exe [65536 2007-01-25] () [Brak podpisu cyfrowego] R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Brak podpisu cyfrowego] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [859768 2015-09-21] (QIHU 360 SOFTWARE CO. LIMITED) R2 Rezip; C:\windows\SysWOW64\Rezip.exe [311296 2009-03-05] () [Brak podpisu cyfrowego] R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] () R2 UI Assistant Service; C:\Program Files (x86)\Netia\Mobilny Internet\AssistantServices.exe [247152 2010-03-02] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-09-30] () S2 GtDetectSc; "C:\Program Files\Orange\ICON 225 USB Connect\GtDetectSc.exe" [X] S2 HTCMonitorService; "D:\HTC SYNC\HSMServiceEntry.exe" [X] S2 TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137296 2015-09-21] (360.cn) R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2015-09-21] (360.cn) R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2015-09-21] (360.cn) R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-09-21] (360.cn) R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [363088 2015-09-21] (360.cn) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313264 2015-08-19] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [300464 2015-08-04] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [50976 2014-08-12] (AVG Technologies) R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [178768 2015-09-21] (360.cn) R1 bd0001; C:\Windows\System32\DRIVERS\bd0001.sys [202704 2015-04-21] (Baidu) R1 bd0002; C:\Windows\System32\DRIVERS\bd0002.sys [198600 2015-04-21] (Baidu) R1 bd0003; C:\Windows\System32\DRIVERS\bd0003.sys [67400 2014-11-06] (Baidu) R2 BDArKit; C:\Windows\System32\DRIVERS\BDArKit.sys [152392 2014-12-25] (Baidu Technology) R2 BDDefense; C:\windows\system32\drivers\BDDefense.sys [103752 2015-09-01] (Baidu) R1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [56136 2014-11-06] (Baidu) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 GT72NDISIPXP; C:\Windows\System32\DRIVERS\Gt51Ip.sys [124416 2007-11-13] (Option N.V.) S3 GT72UBUS; C:\Windows\System32\DRIVERS\gt72ubus.sys [80896 2007-10-09] (Option N.V.) S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [10624 2007-03-30] (Option N.V.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-08-27] () [Brak podpisu cyfrowego] U5 UnlockerDriver5; D:\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] () U3 ac1y9onp; Brak ImagePath U3 alazw7mq; Brak ImagePath S1 BdSandBox; system32\DRIVERS\BdSandBox.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-10-11 17:45 - 2015-10-11 17:45 - 00033081 _____ C:\Users\ALEKS\Downloads\FRST.txt 2015-10-11 17:24 - 2015-10-11 17:45 - 00000000 ____D C:\FRST 2015-10-11 17:24 - 2015-10-11 17:24 - 02195456 _____ (Farbar) C:\Users\ALEKS\Downloads\FRST64.exe 2015-10-11 16:41 - 2015-10-11 16:41 - 01682432 _____ C:\Users\ALEKS\Desktop\AdwCleaner.exe 2015-10-11 12:54 - 2015-10-11 12:54 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\TuneUp Software 2015-10-11 12:50 - 2015-10-11 12:50 - 00000000 ____D C:\Users\ALEKS\AppData\Local\MFAData 2015-10-11 12:46 - 2015-10-11 12:46 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux 2015-10-11 12:46 - 2015-10-11 12:46 - 00000000 ____D C:\Users\ALEKS\AppData\Local\FluxSoftware 2015-10-11 11:21 - 2015-10-11 11:18 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll 2015-10-11 11:15 - 2015-10-11 11:15 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task 2015-10-10 22:03 - 2015-01-07 05:10 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll 2015-10-10 22:03 - 2015-01-07 04:44 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\gpapi.dll 2015-10-10 22:03 - 2015-01-07 03:49 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys 2015-10-10 22:03 - 2015-01-07 03:48 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys 2015-10-10 22:02 - 2015-01-07 05:15 - 00104896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mup.sys 2015-10-10 21:56 - 2015-10-11 11:22 - 00000000 ____D C:\ProgramData\Oracle 2015-10-10 21:55 - 2015-10-10 21:55 - 00004152 _____ C:\windows\msxml4-KB2758694-chs.LOG 2015-10-10 21:54 - 2015-10-11 11:22 - 00000000 ____D C:\Program Files (x86)\Java 2015-10-10 21:54 - 2015-10-10 21:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-10-10 21:49 - 2015-10-10 21:49 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-10-10 21:45 - 2015-10-11 17:07 - 00000224 _____ C:\windows\setupact.log 2015-10-10 21:45 - 2015-10-10 21:45 - 00000000 _____ C:\windows\setuperr.log 2015-10-10 21:44 - 2015-10-11 17:06 - 00005894 _____ C:\windows\PFRO.log 2015-10-10 21:42 - 2015-10-10 21:42 - 00000000 __SHD C:\$360Section 2015-10-10 20:47 - 2015-10-10 21:42 - 00000000 ____D C:\ProgramData\360Quarant 2015-10-10 20:46 - 2015-10-10 21:55 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\360safe 2015-10-10 20:46 - 2015-10-10 20:46 - 00000000 ____D C:\windows\Tasks\360Disabled 2015-10-10 20:46 - 2015-10-10 20:46 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\360TotalSecurity 2015-10-10 20:45 - 2015-10-11 17:19 - 00000000 ____D C:\Users\ALEKS\AppData\LocalLow\360WD 2015-10-10 20:45 - 2015-10-10 20:46 - 00000000 ____D C:\ProgramData\360TotalSecurity 2015-10-10 20:45 - 2015-10-10 20:46 - 00000000 ____D C:\ProgramData\360safe 2015-10-10 20:45 - 2015-10-10 20:45 - 00001113 _____ C:\Users\Public\Desktop\360 Total Security.lnk 2015-10-10 20:45 - 2015-10-10 20:45 - 00000000 _RSHD C:\360SANDBOX 2015-10-10 20:45 - 2015-10-10 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center 2015-10-10 20:45 - 2015-10-10 20:45 - 00000000 ____D C:\Program Files (x86)\360 2015-10-10 20:45 - 2015-09-21 06:10 - 00363088 _____ (360.cn) C:\windows\system32\Drivers\360fsflt.sys 2015-10-10 20:45 - 2015-09-21 06:10 - 00319568 _____ (360.cn) C:\windows\system32\Drivers\360Box64.sys 2015-10-10 20:45 - 2015-09-21 06:10 - 00178768 _____ (360.cn) C:\windows\system32\Drivers\BAPIDRV64.SYS 2015-10-10 20:45 - 2015-09-21 06:10 - 00137296 _____ (360.cn) C:\windows\system32\Drivers\360AntiHacker64.sys 2015-10-10 20:45 - 2015-09-21 06:10 - 00077904 _____ (360.cn) C:\windows\system32\Drivers\360AvFlt.sys 2015-10-10 20:45 - 2015-09-21 06:10 - 00040520 _____ (360.cn) C:\windows\system32\Drivers\360Camera64.sys 2015-10-10 20:20 - 2015-10-10 20:20 - 00002802 _____ C:\windows\System32\Tasks\CCleanerSkipUAC 2015-10-10 20:20 - 2015-10-10 20:20 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2015-10-10 20:20 - 2015-10-10 20:20 - 00000000 ____D C:\Program Files\CCleaner 2015-10-09 15:04 - 2015-10-09 15:04 - 00000000 ____D C:\Users\ALEKS\AppData\Local\{D6543D28-E48D-4597-A5F2-547D57146233} 2015-10-09 14:56 - 2015-10-09 14:56 - 00000000 ____D C:\ProgramData\Reason 2015-10-09 14:53 - 2015-10-09 14:53 - 00000000 ____D C:\Program Files\Reason 2015-10-09 14:44 - 2015-10-11 17:40 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\Appcelerator 2015-10-07 17:29 - 2015-10-07 17:29 - 00000000 ____D C:\Users\ALEKS\AppData\Local\{B9DC07FB-5518-4515-9EE0-4D041CC13791} 2015-10-05 18:26 - 2015-10-05 18:26 - 00000670 _____ C:\Users\ALEKS\Desktop\ALLPlayer.lnk 2015-10-05 18:26 - 2015-10-05 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer 2015-10-05 18:26 - 2013-04-05 21:26 - 00276992 _____ (IntelleSoft) C:\windows\SysWOW64\BugTrap.dll 2015-09-16 19:57 - 2015-09-16 19:57 - 00000000 ____D C:\Users\Gość\AppData\Local\Avg ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-10-11 17:16 - 2009-07-14 06:45 - 00022976 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-10-11 17:16 - 2009-07-14 06:45 - 00022976 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-10-11 17:14 - 2010-03-06 21:04 - 01109960 _____ C:\windows\WindowsUpdate.log 2015-10-11 17:11 - 2015-04-21 19:35 - 00000000 ____D C:\AdwCleaner 2015-10-11 17:07 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT 2015-10-11 17:04 - 2015-05-16 15:32 - 00001058 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2195184045-3265951034-2981680463-1001UA.job 2015-10-11 16:57 - 2013-03-30 17:05 - 00000930 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2015-10-11 16:48 - 2011-08-30 12:54 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-10-11 16:48 - 2011-04-23 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3. High End Loft Stuff 2015-10-11 16:48 - 2011-04-23 13:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3. Ambitions 2015-10-11 16:47 - 2015-03-02 18:14 - 00725112 _____ C:\Users\ALEKS\Desktop\SEMESTR LETNI.xlsx 2015-10-11 16:47 - 2012-05-18 09:15 - 01671459 _____ C:\windows\SysWOW64\debug.log 2015-10-11 15:40 - 2011-02-24 11:52 - 00003990 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{61248C4A-D447-49D8-A2C4-079AD2C5A6C3} 2015-10-11 14:59 - 2010-10-16 14:36 - 00000000 ____D C:\ProgramData\MFAData 2015-10-11 13:15 - 2010-03-06 04:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-10-11 10:04 - 2011-08-30 12:53 - 00001006 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2195184045-3265951034-2981680463-1001Core.job 2015-10-11 03:56 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache 2015-10-11 00:20 - 2012-03-24 18:17 - 00001056 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2195184045-3265951034-2981680463-1001Core.job 2015-10-10 21:45 - 2009-07-14 06:45 - 00390224 _____ C:\windows\system32\FNTCACHE.DAT 2015-10-10 21:42 - 2010-08-24 18:58 - 00000000 ___RD C:\Users\ALEKS\Desktop\Samsung 2015-10-10 20:47 - 2014-01-30 00:27 - 00000266 __RSH C:\ProgramData\ntuser.pol 2015-10-10 20:46 - 2014-06-03 13:23 - 00003844 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1383754833 2015-10-10 20:46 - 2012-08-24 18:45 - 00003034 _____ C:\windows\System32\Tasks\{03C1FFEE-CBFD-4E37-A3B1-BD93CDEBEA0F} 2015-10-10 20:46 - 2012-02-16 16:03 - 00003168 _____ C:\windows\System32\Tasks\VKSaverUpdate 2015-10-10 20:46 - 2010-08-25 19:45 - 00002876 _____ C:\windows\System32\Tasks\{FEA45AFA-D07A-4827-93BE-0D1F6D6BBF6B} 2015-10-10 20:46 - 2010-03-06 04:15 - 00003158 _____ C:\windows\System32\Tasks\SUPBackground 2015-10-10 20:43 - 2010-08-24 18:04 - 00094344 _____ C:\Users\ALEKS\AppData\Local\GDIPFONTCACHEV1.DAT 2015-10-10 20:41 - 2015-01-13 22:13 - 00000000 ____D C:\Program Files (x86)\LibreOffice 4 2015-10-10 20:32 - 2015-04-21 20:04 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2015-10-10 20:32 - 2010-08-27 10:10 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\DAEMON Tools Lite 2015-10-10 20:31 - 2015-04-20 13:45 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\PhotoScape 2015-10-10 20:31 - 2010-08-25 19:45 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\Skype 2015-10-10 20:30 - 2010-12-17 20:36 - 00000000 ____D C:\windows\Minidump 2015-10-10 20:30 - 2009-08-02 04:27 - 00000000 ____D C:\windows\Panther 2015-10-09 11:35 - 2015-04-05 01:44 - 00000000 ___SD C:\windows\system32\GWX 2015-10-09 11:30 - 2012-05-20 14:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-10-09 01:14 - 2015-04-05 01:44 - 00000000 ___SD C:\windows\SysWOW64\GWX 2015-10-07 19:11 - 2010-08-25 19:44 - 00000000 ____D C:\ProgramData\Skype 2015-10-05 18:28 - 2015-07-12 16:47 - 00000000 ____D C:\Users\ALEKS\Desktop\Kariera 2015-10-05 18:26 - 2010-08-28 13:11 - 00000000 ____D C:\ProgramData\ALLPlayer 2015-10-05 18:22 - 2015-06-10 12:54 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-10-05 18:22 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD 2015-10-04 12:32 - 2010-03-06 21:46 - 00740688 _____ C:\windows\system32\perfh015.dat 2015-10-04 12:32 - 2010-03-06 21:46 - 00156230 _____ C:\windows\system32\perfc015.dat 2015-10-04 12:32 - 2009-07-14 07:13 - 01670590 _____ C:\windows\system32\PerfStringBackup.INI 2015-09-30 20:05 - 2015-05-05 17:43 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp 2015-09-30 14:03 - 2015-04-25 21:03 - 00000000 ____D C:\Users\ALEKS\Desktop\Literatura 2015-09-22 12:57 - 2013-03-30 17:05 - 00003868 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater 2015-09-22 12:57 - 2012-05-18 08:02 - 00780488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2015-09-22 12:57 - 2011-08-21 18:14 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-09-20 16:03 - 2014-01-17 22:48 - 00000000 ____D C:\Users\ALEKS\AppData\Local\PokerStars.EU 2015-09-17 14:41 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF 2015-09-17 14:25 - 2015-05-07 14:35 - 00000000 ____D C:\Users\ALEKS\AppData\Roaming\foobar2000 2015-09-16 19:59 - 2015-07-11 12:15 - 00000955 _____ C:\Users\Public\Desktop\AVG 2015.lnk 2015-09-16 19:59 - 2015-07-11 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-09-15 09:59 - 2015-05-16 15:32 - 00004032 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2195184045-3265951034-2981680463-1001UA 2015-09-15 09:59 - 2011-08-30 12:53 - 00003636 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2195184045-3265951034-2981680463-1001Core 2015-09-14 22:43 - 2010-08-24 18:37 - 00000000 ____D C:\Users\ALEKS\AppData\Local\Google ==================== Pliki w katalogu głównym wybranych folderów ======= 2007-01-25 03:52 - 2007-01-25 03:52 - 0065536 _____ () C:\Program Files (x86)\Common Files\NMSAccessU.exe 2015-07-08 10:40 - 2015-07-08 10:44 - 0000563 _____ () C:\Users\ALEKS\AppData\Roaming\burnaware.ini 2012-09-27 19:18 - 2012-09-27 19:18 - 0000000 _____ () C:\Users\ALEKS\AppData\Roaming\wklnhst.dat 2010-12-12 13:56 - 2010-12-12 13:56 - 0003584 _____ () C:\Users\ALEKS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-01-14 16:42 - 2015-01-14 16:42 - 0026900 _____ () C:\Users\ALEKS\AppData\Local\dt.dat 2011-09-17 20:14 - 2014-09-19 17:06 - 0007246 _____ () C:\ProgramData\hpzinstall.log 2010-03-06 04:21 - 2010-03-06 04:21 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2010-03-06 04:19 - 2010-03-06 04:20 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log 2010-03-06 04:16 - 2010-03-06 04:17 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2010-03-06 04:20 - 2010-03-06 04:21 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log 2010-03-06 04:15 - 2010-03-06 04:16 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2010-03-06 04:17 - 2010-03-06 04:19 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log Niektóre pliki w TEMP: ==================== C:\Users\ALEKS\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppml3ei.dll C:\Users\ALEKS\AppData\Local\Temp\jre-7u79-windows-i586-iftw.exe C:\Users\ALEKS\AppData\Local\Temp\jre-8u51-windows-au.exe C:\Users\ALEKS\AppData\Local\Temp\NVI2_29.DLL ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\windows\system32\wininit.exe => Plik podpisany cyfrowo C:\windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\windows\explorer.exe => Plik podpisany cyfrowo C:\windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\windows\system32\svchost.exe => Plik podpisany cyfrowo C:\windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\windows\system32\services.exe => Plik podpisany cyfrowo C:\windows\system32\User32.dll => Plik podpisany cyfrowo C:\windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\windows\system32\userinit.exe => Plik podpisany cyfrowo C:\windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-10-11 03:48 ==================== Koniec FRST.txt ============================