Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:27-01-2016 Uruchomiony przez Ania (administrator) ANIA-KOMPUTER (06-02-2016 18:37:12) Uruchomiony z C:\Users\Ania\Desktop Załadowane profile: Ania (Dostępne profile: Ania) Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Atheros) C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe (Atheros Commnucations) C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe (ASUS) C:\Program Files\P4G\BatteryLife.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe () C:\Windows\System32\rpcnetp.exe (Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Sonix Technology Co., Ltd.) C:\Windows\vsnp2uvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (© 2015 Microsoft Corporation) C:\Users\Ania\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (The Eraser Project) C:\Program Files\Eraser\Eraser.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ASUS WebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2186856 2010-12-10] (Realtek Semiconductor) HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [909824 2010-01-21] (Sonix Technology Co., Ltd.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-13] (ELAN Microelectronics Corp.) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation) HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.) HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.) HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS) HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus) HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] () Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-729949790-563291647-4237402503-1002\...\Run: [Akamai NetSession Interface] => "C:\Users\Ania\AppData\Local\Akamai\netsession_win.exe" HKU\S-1-5-21-729949790-563291647-4237402503-1002\...\Run: [BingSvc] => C:\Users\Ania\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation) HKU\S-1-5-21-729949790-563291647-4237402503-1002\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-729949790-563291647-4237402503-1002\...\MountPoints2: {130594b4-ca2b-11e3-9c1e-485d60f3ffe9} - G:\LG_PC_Programs.exe HKU\S-1-5-21-729949790-563291647-4237402503-1002\...\MountPoints2: {175aa03a-d10a-11e3-bf01-485d60f3ffe9} - F:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-729949790-563291647-4237402503-1002\...\MountPoints2: {7fa60c5d-7f9f-11e5-bf40-485d60f3ffe9} - F:\LG_PC_Programs.exe HKU\S-1-5-21-729949790-563291647-4237402503-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-05] (Microsoft Corporation) HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-11-13] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2011-03-01] ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe () ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\..\Interfaces\{896892F4-2142-4F23-B207-883325049890}: [DhcpNameServer] 37.8.214.2 31.11.202.254 Tcpip\..\Interfaces\{F9975AD4-6EB9-4112-8D45-A80CFD4470E1}: [DhcpNameServer] 194.204.159.1 194.204.152.34 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1418929443&from=epom&uid=WDCXWD6400BPVT-80HXZT1_WD-WXG1EB0MDC66MDC66 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mystartsearch.com/?type=hp&ts=1418929443&from=epom&uid=WDCXWD6400BPVT-80HXZT1_WD-WXG1EB0MDC66MDC66 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418929443&from=epom&uid=WDCXWD6400BPVT-80HXZT1_WD-WXG1EB0MDC66MDC66&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418929443&from=epom&uid=WDCXWD6400BPVT-80HXZT1_WD-WXG1EB0MDC66MDC66&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1418929443&from=epom&uid=WDCXWD6400BPVT-80HXZT1_WD-WXG1EB0MDC66MDC66 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1418929443&from=epom&uid=WDCXWD6400BPVT-80HXZT1_WD-WXG1EB0MDC66MDC66 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418929443&from=epom&uid=WDCXWD6400BPVT-80HXZT1_WD-WXG1EB0MDC66MDC66&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418929443&from=epom&uid=WDCXWD6400BPVT-80HXZT1_WD-WXG1EB0MDC66MDC66&q={searchTerms} HKU\S-1-5-21-729949790-563291647-4237402503-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=pl-pl HKU\S-1-5-21-729949790-563291647-4237402503-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1418929443&from=epom&uid=WDCXWD6400BPVT-80HXZT1_WD-WXG1EB0MDC66MDC66 SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418929443&from=epom&uid=WDCXWD6400BPVT-80HXZT1_WD-WXG1EB0MDC66MDC66&q={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418929443&from=epom&uid=WDCXWD6400BPVT-80HXZT1_WD-WXG1EB0MDC66MDC66&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418929443&from=epom&uid=WDCXWD6400BPVT-80HXZT1_WD-WXG1EB0MDC66MDC66&q={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418929443&from=epom&uid=WDCXWD6400BPVT-80HXZT1_WD-WXG1EB0MDC66MDC66&q={searchTerms} SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT SearchScopes: HKU\S-1-5-21-729949790-563291647-4237402503-1002 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418929443&from=epom&uid=WDCXWD6400BPVT-80HXZT1_WD-WXG1EB0MDC66MDC66&q={searchTerms} SearchScopes: HKU\S-1-5-21-729949790-563291647-4237402503-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-729949790-563291647-4237402503-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1418929443&from=epom&uid=WDCXWD6400BPVT-80HXZT1_WD-WXG1EB0MDC66MDC66&q={searchTerms} SearchScopes: HKU\S-1-5-21-729949790-563291647-4237402503-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner64.dll [2011-03-01] (Google Inc.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-22] (Oracle Corporation) BHO-x32: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner.dll [2011-03-01] (Google Inc.) BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll [2010-11-26] (Atheros Commnucations) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation) BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO-x32: PriceFountain -> {b608cc98-54de-4775-96c9-097de398500c} -> C:\Users\Ania\AppData\Local\PriceFountain\PriceFountainIE.dll [2015-01-11] () BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-22] (Oracle Corporation) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1418929443&from=epom&uid=WDCXWD6400BPVT-80HXZT1_WD-WXG1EB0MDC66MDC66 FireFox: ======== FF ProfilePath: C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\nbsr4833.default FF NewTab: chrome://quick_start/content/index.html FF SearchEngineOrder.1: v9 FF SelectedSearchEngine: Bing FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-22] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-22] (Oracle Corporation) FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-08] () FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-08] () FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-08] () FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Brak pliku] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll [2012-09-11] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll [2012-09-11] (Google Inc.) FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation) FF Plugin HKU\S-1-5-21-729949790-563291647-4237402503-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Brak pliku] FF user.js: detected! => C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\nbsr4833.default\user.js [2015-11-07] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet) FF SearchPlugin: C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\nbsr4833.default\searchplugins\bing-.xml [2015-11-05] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mystartsearch.xml [2014-12-18] FF Extension: Flashblock - C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\nbsr4833.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-12-30] FF Extension: Bing Search - C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\nbsr4833.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-05] FF Extension: Fast Start - C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\nbsr4833.default\Extensions\faststartff@gmail.com [2014-12-18] [Brak podpisu cyfrowego] FF Extension: Iplex to ALLPlayer - C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\nbsr4833.default\Extensions\IplextoALL@ALLPlayer.org.xpi [2012-09-23] [Brak podpisu cyfrowego] FF Extension: PriceFountain - C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\nbsr4833.default\Extensions\{b6a94784-0ffb-4121-88c6-435139067ee2}.xpi [2015-02-15] [Brak podpisu cyfrowego] FF Extension: BrowseMark - C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\nbsr4833.default\Extensions\{b99c8534-7800-48fa-bd71-519a46cdc7e1}.xpi [2014-04-09] [Brak podpisu cyfrowego] FF Extension: Adblock Plus - C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\nbsr4833.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-21] FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\nbsr4833.default\extensions\faststartff@gmail.com FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-08] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-08] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-08] [Brak podpisu cyfrowego] Chrome: ======= CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho CHR HKU\S-1-5-21-729949790-563291647-4237402503-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe [151552 2010-05-25] (Atheros) [Brak podpisu cyfrowego] R2 AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [52896 2010-11-26] (Atheros Commnucations) [Brak podpisu cyfrowego] R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-06-22] (Kaspersky Lab ZAO) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation) S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [821720 2012-08-21] (Mister Group) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-06-22] (Kaspersky Lab UK Ltd) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 eusk2par; C:\Windows\system32\Drivers\eusk2par-amd64.sys [32336 2008-12-18] (Aladdin Knowledge Systems Ltd.) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31136 2016-01-10] (REALiX(tm)) R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [64368 2015-06-22] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [159960 2015-06-22] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [225976 2015-06-29] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [831672 2015-10-05] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39280 2015-06-22] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [40304 2015-06-22] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [39280 2015-06-22] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [24944 2015-06-22] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-22] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [85360 2015-06-22] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [190648 2015-10-05] (Kaspersky Lab ZAO) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800832 2010-09-07] (Sonix Technology Co., Ltd.) R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-17] () ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-02-06 18:37 - 2016-02-06 18:37 - 00024639 _____ C:\Users\Ania\Desktop\FRST.txt 2016-02-06 18:37 - 2016-02-06 18:37 - 00000000 ____D C:\FRST 2016-02-06 18:36 - 2016-02-06 18:31 - 00380416 _____ C:\Users\Ania\Desktop\02xlus3s.exe 2016-02-06 18:36 - 2016-02-06 18:28 - 02370560 _____ (Farbar) C:\Users\Ania\Desktop\FRST64.exe 2016-02-06 18:36 - 2016-02-06 18:28 - 01508352 _____ C:\Users\Ania\Desktop\adwcleaner_5.032.exe 2016-01-19 21:19 - 2016-01-19 21:19 - 00001268 _____ C:\Users\Ania\Desktop\21-19 — skrót.lnk 2016-01-19 21:19 - 2016-01-19 21:19 - 00000000 ____D C:\Users\Ania\Documents\OCCT 2016-01-19 19:59 - 2016-01-19 19:59 - 00000000 ____D C:\Users\Ania\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me 2016-01-19 18:58 - 2016-01-19 18:58 - 00000969 _____ C:\Users\Ania\Desktop\OCCT.lnk 2016-01-19 18:58 - 2016-01-19 18:58 - 00000000 ____D C:\Users\Ania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT 2016-01-19 18:58 - 2016-01-19 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT 2016-01-19 18:58 - 2016-01-19 18:58 - 00000000 ____D C:\Program Files (x86)\OCCTPT 2016-01-19 18:57 - 2014-03-16 13:11 - 06891341 _____ C:\Users\Ania\Desktop\OCCT_win7_PT4.4.0.exe 2016-01-10 21:37 - 2016-01-10 21:37 - 00014133 _____ C:\Users\Ania\Desktop\taskschd.msc — skrót.lnk 2016-01-10 21:37 - 2016-01-10 21:37 - 00014133 _____ C:\Users\Ania\Desktop\services.msc — skrót.lnk 2016-01-10 21:35 - 2016-01-10 21:35 - 00014133 _____ C:\Users\Ania\Desktop\diskmgmt.msc — skrót.lnk 2016-01-10 19:29 - 2012-07-26 14:58 - 00000000 ____D C:\Users\Ania\Desktop\KB971033_KB3022345_KB3035583_KB3068708_KB3075249_KB3080149_dont_instal_win7_win8_GWX_update 2016-01-10 19:26 - 2016-02-06 18:35 - 00255648 _____ C:\Windows\ntbtlog.txt 2016-01-10 19:25 - 2016-01-10 19:25 - 00000000 ____D C:\Users\Ania\AppData\Local\Eraser 6 2016-01-10 19:00 - 2016-01-10 19:00 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-01-10 19:00 - 2016-01-10 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-01-10 19:00 - 2016-01-10 19:00 - 00000000 ____D C:\Program Files\CCleaner 2016-01-10 18:56 - 2014-03-16 13:12 - 04765152 _____ (Piriform Ltd) C:\Users\Ania\Desktop\CCleaner_setup411_allwindows.exe 2016-01-10 18:33 - 2016-01-10 18:33 - 00000832 _____ C:\Users\Ania\Desktop\HWiNFO64 Program.lnk 2016-01-10 18:30 - 2016-01-10 18:30 - 00031136 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS 2016-01-10 18:29 - 2016-01-10 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 2016-01-10 18:29 - 2016-01-10 18:29 - 00000000 ____D C:\Program Files\HWiNFO64 2016-01-10 18:27 - 2016-01-10 18:27 - 00001188 _____ C:\Users\Ania\Desktop\CrystalDiskInfo.lnk 2016-01-10 18:27 - 2016-01-10 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo 2016-01-10 18:27 - 2016-01-10 18:27 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo 2016-01-10 18:24 - 2016-01-10 18:24 - 00000928 _____ C:\Users\Ania\Desktop\HD Tune.lnk 2016-01-10 18:24 - 2016-01-10 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune 2016-01-10 18:24 - 2016-01-10 18:24 - 00000000 ____D C:\Program Files (x86)\HD Tune 2016-01-10 17:07 - 2016-01-10 17:07 - 00001761 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk 2016-01-10 17:07 - 2016-01-10 17:07 - 00001749 _____ C:\Users\Public\Desktop\Eraser.lnk 2016-01-10 17:07 - 2016-01-10 17:07 - 00000000 ____D C:\Program Files\Eraser 2016-01-10 17:06 - 2016-01-10 17:06 - 00013341 _____ C:\Users\Ania\Desktop\cmd.exe — skrót.lnk 2016-01-10 17:03 - 2016-01-10 22:30 - 00000227 _____ C:\Users\Ania\Desktop\fancy start daemon.txt 2016-01-10 17:01 - 2016-01-10 17:07 - 00000000 ____D C:\Windows\pss 2016-01-10 17:01 - 2016-01-10 17:01 - 00013568 _____ C:\Users\Ania\Desktop\msconfig.exe — skrót.lnk 2016-01-10 16:57 - 2016-01-10 16:57 - 00000000 ____D C:\Users\Ania\Desktop\spacesniffer_1_1_4_0 2016-01-10 16:57 - 2014-03-16 20:56 - 07315456 _____ C:\Users\Ania\Desktop\Gadwin_PrintScreen503_x64bit.msi 2016-01-10 16:56 - 2015-11-11 19:44 - 08338384 _____ (The Eraser Project) C:\Users\Ania\Desktop\Eraser 6.2.0.2970.exe 2016-01-10 16:56 - 2015-11-07 17:57 - 03907296 _____ (Crystal Dew World ) C:\Users\Ania\Desktop\Crystal.Disk.Info.6_5_2-en_AWD_OPERA_DELETE.exe 2016-01-10 16:56 - 2013-09-26 20:38 - 02930656 _____ (Martin Malík - REALiX ) C:\Users\Ania\Desktop\HWiNFO_hw64_424.exe 2016-01-10 16:56 - 2013-09-23 19:48 - 00642632 _____ (EFD Software ) C:\Users\Ania\Desktop\HDTune_255.exe ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-02-06 18:36 - 2009-07-14 05:45 - 00019056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-02-06 18:36 - 2009-07-14 05:45 - 00019056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-02-06 18:29 - 2012-09-12 01:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-02-06 18:28 - 2014-09-08 05:06 - 00017920 _____ C:\Windows\SysWOW64\rpcnetp.exe 2016-02-06 18:28 - 2014-09-08 05:06 - 00017920 _____ C:\Windows\SysWOW64\rpcnetp.dll 2016-02-06 18:28 - 2012-09-11 22:40 - 00045056 _____ C:\Windows\SysWOW64\acovcnt.exe 2016-02-06 18:28 - 2011-03-01 02:25 - 00017920 _____ C:\Windows\system32\rpcnetp.exe 2016-02-06 18:28 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-19 18:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-01-10 22:50 - 2014-05-06 22:03 - 00000000 ___SD C:\Windows\system32\CompatTel 2016-01-10 22:32 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing 2016-01-10 22:10 - 2014-12-12 13:51 - 00000000 ____D C:\Windows\system32\appraiser 2016-01-10 20:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2016-01-10 19:56 - 2009-08-03 20:55 - 00752084 _____ C:\Windows\system32\perfh015.dat 2016-01-10 19:56 - 2009-08-03 20:55 - 00159966 _____ C:\Windows\system32\perfc015.dat 2016-01-10 19:56 - 2009-07-14 06:13 - 01701278 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-10 18:45 - 2015-02-15 21:42 - 00000000 ____D C:\Users\Ania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceFountain 2016-01-10 16:55 - 2012-09-15 18:52 - 00000000 ____D C:\ProgramData\Adobe 2016-01-10 16:52 - 2011-03-01 04:09 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini 2016-01-10 15:44 - 2012-09-11 23:34 - 00000000 ____D C:\Users\Ania\AppData\Local\Google 2016-01-10 15:36 - 2011-03-01 03:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2016-01-10 15:36 - 2011-03-01 03:37 - 00000000 ____D C:\Program Files (x86)\ASUS 2016-01-10 15:18 - 2014-06-02 20:58 - 00000000 ____D C:\Program Files\WinRAR 2016-01-09 18:05 - 2015-02-11 09:48 - 00000000 ____D C:\ProgramData\ALLPlayer 2016-01-09 17:20 - 2014-03-28 20:15 - 00000000 ____D C:\Users\Ania\AppData\Local\Facebook 2016-01-09 17:04 - 2014-12-18 19:58 - 00000000 ____D C:\ProgramData\Package Cache 2016-01-09 17:03 - 2015-02-28 17:02 - 00000000 ____D C:\Users\Ania\AppData\Roaming\Garmin 2016-01-09 17:03 - 2015-02-28 17:01 - 00000000 ____D C:\Users\Ania\AppData\Local\Garmin 2016-01-09 17:03 - 2015-02-28 17:00 - 00000000 ____D C:\ProgramData\Garmin 2016-01-09 17:03 - 2015-02-28 17:00 - 00000000 ____D C:\Program Files (x86)\Garmin 2016-01-09 16:55 - 2012-09-11 22:42 - 00000000 ____D C:\Users\Ania\Documents\Bluetooth Folder 2016-01-09 00:15 - 2014-05-16 20:47 - 00000000 ____D C:\Users\Ania\AppData\Roaming\BitComet 2016-01-07 19:41 - 2016-01-05 19:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2016-01-07 19:41 - 2012-09-16 14:07 - 00000000 ____D C:\Users\Ania\AppData\Local\Thunderbird 2016-01-07 19:41 - 2011-03-01 03:15 - 00000000 ____D C:\Program Files (x86)\Google 2016-01-07 19:27 - 2014-12-18 20:04 - 00000000 ____D C:\Users\Ania\AppData\Roaming\mystartsearch 2016-01-07 19:27 - 2012-09-12 01:16 - 00001423 _____ C:\Users\Ania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-01-07 19:27 - 2012-09-11 23:40 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-01-07 19:18 - 2014-07-18 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra 2016-01-07 19:18 - 2014-01-04 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2016-01-07 19:17 - 2014-07-18 20:27 - 00000547 _____ C:\Windows\SIERRA.INI 2016-01-07 19:17 - 2014-01-04 20:43 - 00000000 ____D C:\ProgramData\Origin 2016-01-07 19:11 - 2014-06-29 16:46 - 00000000 ____D C:\ProgramData\Skype 2016-01-07 19:11 - 2014-01-04 20:43 - 00000000 ____D C:\ProgramData\Electronic Arts 2016-01-07 19:11 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-01-07 18:31 - 2014-06-04 17:21 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin ==================== Pliki w katalogu głównym wybranych folderów ======= 2012-09-12 01:28 - 2012-09-12 01:28 - 0017408 _____ () C:\Users\Ania\AppData\Local\WebpageIcons.db 2011-03-01 03:39 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe 2011-03-01 03:13 - 2011-03-01 03:14 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2011-03-01 03:13 - 2011-03-01 03:13 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-01-19 19:44 ==================== Koniec FRST.txt ============================