Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:05-03-2016 01 Uruchomiony przez Joanna (administrator) LENOVO-PC (18-03-2016 21:32:28) Uruchomiony z C:\Users\Joanna\Downloads Załadowane profile: Joanna (Dostępne profile: Joanna) Platform: Windows 8.1 Connected (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (tsvr.com) C:\Users\Joanna\AppData\Roaming\TSv\TSvr.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe (Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe (Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe () C:\ProgramData\f08cac26-e74f-49b4-9ff1-f081aa55e1b3\plugincontainer.exe () C:\Program Files (x86)\Common Files\f08cac26-e74f-49b4-9ff1-f081aa55e1b3\updater.exe () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe (WN) C:\Program Files (x86)\Wordinator_1.10.0.17\Service\wsvc.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Pokki) C:\Users\Joanna\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (Lenovo) C:\Program Files\lenovo\Lenovo Solution Center\LSCNotify.exe (ClientConnect LTD) C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe (ClientConnect LTD) C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\cltmng.exe () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Pokki) C:\Users\Joanna\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Pokki) C:\Users\Joanna\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Pokki) C:\Users\Joanna\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-04] (Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891080 2013-10-17] (ELAN Microelectronics Corp.) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216576 2014-03-10] (Realtek Semiconductor Corporation) HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2014-02-27] (Realtek semiconductor) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-12-02] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-12-02] (Lenovo(beijing) Limited) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.) HKU\S-1-5-21-2689289588-2193139115-2762245797-1001\...\MountPoints2: {dce1f8e7-95f6-11e5-82c4-7429af2a9a5e} - "F:\startme.exe" AppInit_DLLs: C:\PROGRA~2\LENOVO~1\LENOVO~1\bin\SPVC64~1.DLL => C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC64Loader.dll [206152 2014-07-22] (ClientConnect LTD) AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [119616 2014-09-26] (Amazon Inc.) AppInit_DLLs-x32: C:\PROGRA~2\LENOVO~1\LENOVO~1\bin\SPVC32~1.DLL => C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32Loader.dll [173896 2014-07-22] (ClientConnect LTD) AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE.dll [106304 2014-09-26] (Amazon Inc.) GroupPolicy: Ograniczenia - Chrome <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.3 Tcpip\..\Interfaces\{10F79564-BE6A-4A27-8B6C-24F4248A3192}: [DhcpNameServer] 192.168.1.3 Tcpip\..\Interfaces\{AD779819-6DA9-4202-9C9B-EF3184623009}: [DhcpNameServer] 150.211.1.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1434552920&z=e208560f8f9fc51f967bdd7gcz9c0z3w4w2odt3gdm&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1434552920&z=e208560f8f9fc51f967bdd7gcz9c0z3w4w2odt3gdm&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1434552863&z=04e2f0679df92d9c0dee091g8z0c6z4w7w5obb9wft&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1434552863&z=04e2f0679df92d9c0dee091g8z0c6z4w7w5obb9wft&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1434552920&z=e208560f8f9fc51f967bdd7gcz9c0z3w4w2odt3gdm&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1434552920&z=e208560f8f9fc51f967bdd7gcz9c0z3w4w2odt3gdm&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1434552863&z=04e2f0679df92d9c0dee091g8z0c6z4w7w5obb9wft&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1434552863&z=04e2f0679df92d9c0dee091g8z0c6z4w7w5obb9wft&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U&q={searchTerms} HKU\S-1-5-21-2689289588-2193139115-2762245797-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=dspp&ts=1434552920&z=e208560f8f9fc51f967bdd7gcz9c0z3w4w2odt3gdm&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U&q={searchTerms} HKU\S-1-5-21-2689289588-2193139115-2762245797-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=1434552920&z=e208560f8f9fc51f967bdd7gcz9c0z3w4w2odt3gdm&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U HKU\S-1-5-21-2689289588-2193139115-2762245797-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1434552920&z=e208560f8f9fc51f967bdd7gcz9c0z3w4w2odt3gdm&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U HKU\S-1-5-21-2689289588-2193139115-2762245797-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://mystart.lenovo.com HKU\S-1-5-21-2689289588-2193139115-2762245797-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1434552920&z=e208560f8f9fc51f967bdd7gcz9c0z3w4w2odt3gdm&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U&q={searchTerms} SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = SearchScopes: HKLM -> OldSearch URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1434552863&z=04e2f0679df92d9c0dee091g8z0c6z4w7w5obb9wft&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U&q={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQ9dA1hEEVMXbV0LUVhcFVYaeRRZBQpEDAIXcw9bAwtJRQ1CIR9aFQQTSEcFME0FCFwEURNNfX9RDU0UU2dGM0xUFUo=&q={searchTerms} SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1444209382&from=zzgbkk123&uid=wdcxwd5000lpcx-24c6ht0_wd-wx41e74u2y4uu2y4u&z=98129904a42a565acab3163g1z9zcz4odeat7c2mdt&q={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1434552863&z=04e2f0679df92d9c0dee091g8z0c6z4w7w5obb9wft&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U&q={searchTerms} SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1444209382&from=zzgbkk123&uid=wdcxwd5000lpcx-24c6ht0_wd-wx41e74u2y4uu2y4u&z=98129904a42a565acab3163g1z9zcz4odeat7c2mdt&q={searchTerms} SearchScopes: HKU\S-1-5-21-2689289588-2193139115-2762245797-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} SearchScopes: HKU\S-1-5-21-2689289588-2193139115-2762245797-1001 -> OldSearch URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} SearchScopes: HKU\S-1-5-21-2689289588-2193139115-2762245797-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} SearchScopes: HKU\S-1-5-21-2689289588-2193139115-2762245797-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U&ts=1434552936&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-2689289588-2193139115-2762245797-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1434552920&z=e208560f8f9fc51f967bdd7gcz9c0z3w4w2odt3gdm&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U&q={searchTerms} SearchScopes: HKU\S-1-5-21-2689289588-2193139115-2762245797-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1444209382&from=zzgbkk123&uid=wdcxwd5000lpcx-24c6ht0_wd-wx41e74u2y4uu2y4u&z=98129904a42a565acab3163g1z9zcz4odeat7c2mdt&q={searchTerms} SearchScopes: HKU\S-1-5-21-2689289588-2193139115-2762245797-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U&ts=1434552936&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-2689289588-2193139115-2762245797-1001 -> {EF2A1302-0876-49D5-849D-1C2D6F8A58A6} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD5000LPCX-24C6HT0_WD-WX41E74U2Y4UU2Y4U&ts=1434552936&type=default&q={searchTerms} BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\MiuiTab\SupTab.dll => Brak pliku BHO-x32: Filter Results -> {dd4c66b8-f943-4b10-8053-7e9ee39bba4a} -> C:\Program Files (x86)\Filter Results\Extensions\dd4c66b8-f943-4b10-8053-7e9ee39bba4a.dll [2015-06-17] () Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-05-13] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-05-13] (McAfee, Inc.) FireFox: ======== FF ProfilePath: C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\0lwhj5tr.default FF NewTab: hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHANGIlgNUV9FDFEQcFgVVVpIGBhCJAoNTA5FEgNAIgsABQEQQBNBNARaB0tXUUEeGGlxR1dMZ1xPNFxKM1wCVFlXMw== FF DefaultSearchEngine: V9 FF SelectedSearchEngine: V9 FF Homepage: hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggVJVtZVAkXFRhHcwlZTA0SGAwOIV0LVBRGFQYVI1sKWV1JQFQFIk0FA18DB0VXfWFoKB8fHHNKLE1dE2sUUkBPNEo= FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-05-13] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-05-13] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-06] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-06] (Google Inc.) FF SearchPlugin: C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\0lwhj5tr.default\searchplugins\default.xml [2015-11-28] FF SearchPlugin: C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\0lwhj5tr.default\searchplugins\v9-.xml [2015-11-28] FF Extension: xRocket Toolbar - C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\0lwhj5tr.default\extensions\arthurj8283@gmail.com [2015-10-07] [Brak podpisu cyfrowego] FF Extension: Filter Results - C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\0lwhj5tr.default\Extensions\{3625d4bd-dace-476b-8fc2-747c931e7c57}.xpi [2015-09-27] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Joanna\AppData\Roaming\Mozilla\Firefox\Profiles\0lwhj5tr.default\extensions\arthurj8283@gmail.com FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-06-28] [Brak podpisu cyfrowego] Chrome: ======= CHR HomePage: Default -> hxxp://www.v9.com?type=hp&ts=1444209382&from=mych123&uid=wdcxwd5000lpcx-24c6ht0_wd-wx41e74u2y4uu2y4u&z=98129904a42a565acab3163g1z9zcz4odeat7c2mdt CHR StartupUrls: Default -> "hxxp://www.v9.com?type=hp&ts=1444209382&from=mych123&uid=wdcxwd5000lpcx-24c6ht0_wd-wx41e74u2y4uu2y4u&z=98129904a42a565acab3163g1z9zcz4odeat7c2mdt" CHR Profile: C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-28] CHR Extension: (Dokumenty Google) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-28] CHR Extension: (Dysk Google) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-28] CHR Extension: (YouTube) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-28] CHR Extension: (Google Search) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-28] CHR Extension: (Arkusze Google) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-28] CHR Extension: (Dokumenty Google offline) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-28] CHR Extension: (Gmail) - C:\Users\Joanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-28] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [95232 2014-03-27] () [Brak podpisu cyfrowego] R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-09] () R2 CltMngSvc; C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe [2538824 2014-07-22] (ClientConnect LTD) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-10-09] (ELAN Microelectronics Corp.) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [318568 2014-08-20] (Intel Corporation) R2 IhPul; C:\Users\Joanna\AppData\Roaming\TSv\TSvr.exe [396944 2015-09-21] (tsvr.com) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-08-19] (Elex do Brasil Participações Ltda) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-22] (Lenovo) R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.) R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-12-02] (Lenovo(beijing) Limited) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] () R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1871784 2015-08-21] (Maxthon) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [754280 2015-05-13] (McAfee, Inc.) S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe [207344 2015-06-04] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [609592 2015-05-05] (McAfee, Inc.) S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-04-08] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-05-14] (McAfee, Inc.) R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [250672 2015-04-08] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () R2 Service Mgr FilterResults; C:\ProgramData\f08cac26-e74f-49b4-9ff1-f081aa55e1b3\plugincontainer.exe [1405160 2016-02-13] () <==== UWAGA R2 Update Mgr FilterResults; C:\Program Files (x86)\Common Files\f08cac26-e74f-49b4-9ff1-f081aa55e1b3\updater.exe [1270504 2016-02-13] () <==== UWAGA R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-12-02] () R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 wsvc_1.10.0.17; C:\Program Files (x86)\Wordinator_1.10.0.17\Service\wsvc.exe [278616 2015-06-03] (WN) S2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [X] S2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe -s [X] S2 VisualDiscovery; C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [68784 2015-04-08] (McAfee, Inc.) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [198448 2015-04-27] (McAfee, Inc.) R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [260856 2015-05-14] (Elex do Brasil Participações Ltda) S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2015-08-19] (Elex do Brasil Participações Ltda) R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2015-08-19] (Elex do Brasil Participações Ltda) R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2015-08-19] (Elex do Brasil Participações Ltda) R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2015-08-19] (Elex do Brasil Participações Ltda) R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-06-30] (Elex do Brasil Participações Ltda) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [402888 2015-04-08] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [338272 2015-04-08] (McAfee, Inc.) R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-04-08] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-04-08] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [488000 2015-04-08] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864200 2015-04-08] (McAfee, Inc.) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [483240 2015-03-26] (McAfee, Inc.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2015-03-26] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335944 2015-04-08] (McAfee, Inc.) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [559832 2014-02-26] (Realtek Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9109720 2014-02-27] (Realtek Semiconductor Corp.) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3558104 2014-08-15] (Realtek Semiconductor Corporation ) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R1 wfd_1_10_0_17; C:\Windows\System32\drivers\wfd_1_10_0_17.sys [58240 2015-06-03] (WN) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-03-18 21:32 - 2016-03-18 21:34 - 00029102 _____ C:\Users\Joanna\Downloads\FRST.txt 2016-03-18 21:30 - 2016-03-18 21:32 - 00000000 ____D C:\FRST 2016-03-18 21:28 - 2016-03-18 21:28 - 02374144 _____ (Farbar) C:\Users\Joanna\Downloads\FRST64.exe ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-03-18 21:34 - 2013-08-22 16:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-03-18 21:24 - 2015-11-28 14:25 - 00002232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-03-18 21:24 - 2015-11-28 14:25 - 00002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-03-18 21:23 - 2014-12-02 21:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo 2016-03-18 21:18 - 2015-05-14 22:21 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2689289588-2193139115-2762245797-1001 2016-03-18 21:07 - 2015-06-11 21:21 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-03-18 21:07 - 2015-05-14 22:26 - 00003992 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FA1DEF14-1DAA-4B82-98FC-CF8105C7BBA9} 2016-03-18 21:05 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-03-18 21:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-03-18 21:04 - 2015-05-14 22:13 - 00000000 ____D C:\Users\Joanna\AppData\Local\SweetLabs App Platform 2016-03-18 20:57 - 2014-12-03 05:25 - 00013484 _____ C:\WINDOWS\system32\perfh015.dat 2016-03-18 20:57 - 2014-12-03 05:25 - 00004226 _____ C:\WINDOWS\system32\perfc015.dat 2016-03-18 20:57 - 2014-03-18 10:53 - 00865450 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-03-18 20:57 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf 2016-03-18 20:52 - 2015-05-14 22:51 - 00000000 __RDO C:\Users\Joanna\OneDrive 2016-03-18 20:52 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2016-03-18 20:51 - 2015-11-28 14:23 - 00001072 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-03-18 20:50 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-05-14 22:15 - 2016-03-18 20:52 - 0679809 _____ () C:\Users\Joanna\AppData\Local\BTServer.log 2014-12-02 20:57 - 2014-12-02 20:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Niektóre pliki w TEMP: ==================== C:\Users\Joanna\AppData\Local\Temp\oct1810.tmp.exe C:\Users\Joanna\AppData\Local\Temp\oct3FFA.tmp.exe C:\Users\Joanna\AppData\Local\Temp\oct9A12.tmp.exe C:\Users\Joanna\AppData\Local\Temp\oct9F86.tmp.exe C:\Users\Joanna\AppData\Local\Temp\octAFC7.tmp.exe C:\Users\Joanna\AppData\Local\Temp\octDD78.tmp.exe C:\Users\Joanna\AppData\Local\Temp\{01CA419C-AC57-4FFF-9BEC-0B72A050B433}.dll C:\Users\Joanna\AppData\Local\Temp\{036A70A4-BF61-489A-80B9-6BA8C8DAA40F}.dll C:\Users\Joanna\AppData\Local\Temp\{03F3481D-36C8-46E2-9A74-A63E7CE6180C}.dll C:\Users\Joanna\AppData\Local\Temp\{052C1923-BD71-486B-8194-C68862FD026D}.dll C:\Users\Joanna\AppData\Local\Temp\{05E6FAFF-7794-4B61-923C-6544B160B8D5}.dll C:\Users\Joanna\AppData\Local\Temp\{06D5D1AE-DE44-4223-9692-E295E3880DE9}.dll C:\Users\Joanna\AppData\Local\Temp\{0730AC66-DACE-4AD9-AA48-35FDF829F6C2}.dll C:\Users\Joanna\AppData\Local\Temp\{0AFC3CF1-03CB-4B1B-B863-065E8073A016}.dll C:\Users\Joanna\AppData\Local\Temp\{0C56CBA0-2B05-4037-8E73-DADF7D65644D}.dll C:\Users\Joanna\AppData\Local\Temp\{1185B2CA-0B84-4018-A0C9-E0AD173675C7}.dll C:\Users\Joanna\AppData\Local\Temp\{135100B8-1A1E-4673-8E17-C7353B4F2CA4}.dll C:\Users\Joanna\AppData\Local\Temp\{13F2F9BA-6018-4895-A92C-93CAE29B7DBF}.dll C:\Users\Joanna\AppData\Local\Temp\{15BBB546-1C28-4972-8EEC-DA3EAA1F4747}.dll C:\Users\Joanna\AppData\Local\Temp\{17DAF7A2-C9AF-4144-B038-37154D368A90}.dll C:\Users\Joanna\AppData\Local\Temp\{1B636338-4AE1-4B41-BF7C-6C37FD5AC2AA}.dll C:\Users\Joanna\AppData\Local\Temp\{207F781E-1506-4CE3-A81D-E4F014C53D3F}.dll C:\Users\Joanna\AppData\Local\Temp\{20A46D5D-435E-41A4-A135-C7936E31E57B}.dll C:\Users\Joanna\AppData\Local\Temp\{21F3A330-4A06-42D8-8E65-C4DA3FF05CAC}.dll C:\Users\Joanna\AppData\Local\Temp\{30C3C882-3277-467E-A751-770C76065448}.dll C:\Users\Joanna\AppData\Local\Temp\{31F658A1-D864-43D2-BF03-B8C550813477}.dll C:\Users\Joanna\AppData\Local\Temp\{3253F94A-FD8F-44C1-B139-89D1C2CC028F}.dll C:\Users\Joanna\AppData\Local\Temp\{353366FF-0497-48DF-94D8-61A0044BEBD5}.dll C:\Users\Joanna\AppData\Local\Temp\{35DA6494-828C-4588-A352-21106226039C}.dll C:\Users\Joanna\AppData\Local\Temp\{3AAB9BD9-76D0-4186-A506-CA388A5361C5}.dll C:\Users\Joanna\AppData\Local\Temp\{3B171577-3165-43CD-BCAF-1894DF12CE99}.dll C:\Users\Joanna\AppData\Local\Temp\{3CD19A3F-76E3-40B3-9FE6-3EB2D4DB0677}.dll C:\Users\Joanna\AppData\Local\Temp\{3D696CEB-93E2-4DED-90E4-6F8DB8D7CC6C}.dll C:\Users\Joanna\AppData\Local\Temp\{3E52918B-3B97-426B-8DCD-B7DBA150B5B8}.dll C:\Users\Joanna\AppData\Local\Temp\{438BC140-3AC0-4C5B-97E9-CC6A2280097E}.dll C:\Users\Joanna\AppData\Local\Temp\{44DC4741-BCDF-4BF0-8EC0-2B70DE2FBC2C}.dll C:\Users\Joanna\AppData\Local\Temp\{4AEA2EB1-DE22-4CA4-BCFF-EE127523C88B}.dll C:\Users\Joanna\AppData\Local\Temp\{4C78D708-D82C-4C1E-9C44-15C6714D58EC}.dll C:\Users\Joanna\AppData\Local\Temp\{5020A1E2-270C-448F-935E-E4DD9BC7E556}.dll C:\Users\Joanna\AppData\Local\Temp\{52B7D956-C908-4AFD-BE92-29EEF9674717}.dll C:\Users\Joanna\AppData\Local\Temp\{56F2ED8A-28A3-4D7F-919B-72CFCE680DF9}.dll C:\Users\Joanna\AppData\Local\Temp\{584386AC-B8FD-403D-9848-9FA4A7B26848}.dll C:\Users\Joanna\AppData\Local\Temp\{5B9443D5-557D-4AA5-BA87-B3A87DD6CC13}.dll C:\Users\Joanna\AppData\Local\Temp\{5CAD52FB-3976-4FE7-B7F7-6D5E3B914CD1}.dll C:\Users\Joanna\AppData\Local\Temp\{64B8E419-256D-4583-A947-B401E5C77DDE}.dll C:\Users\Joanna\AppData\Local\Temp\{66C0EBB1-0250-430C-B306-996B158E8907}.dll C:\Users\Joanna\AppData\Local\Temp\{689604FE-01AE-4DD6-A8E6-AD44FBBDF30C}.dll C:\Users\Joanna\AppData\Local\Temp\{68B6E61E-7AF5-482F-B8B7-4B2E4F14D4E8}.dll C:\Users\Joanna\AppData\Local\Temp\{70CE61E9-EFE4-48CB-84FA-A30345B5D1C7}.dll C:\Users\Joanna\AppData\Local\Temp\{70EBD87B-ABE4-4E64-A120-C3E7B01F7461}.dll C:\Users\Joanna\AppData\Local\Temp\{724BD760-94C3-47DE-A754-652F046A9802}.dll C:\Users\Joanna\AppData\Local\Temp\{734A0A37-9D5D-444C-B504-0495BDA81505}.dll C:\Users\Joanna\AppData\Local\Temp\{7ADFD7B2-092B-4515-98C1-7E3E4160A0E6}.dll C:\Users\Joanna\AppData\Local\Temp\{7D216B60-F2E0-42D2-A3F8-59D9FB28845D}.dll C:\Users\Joanna\AppData\Local\Temp\{81D1FDAA-9493-4CBB-A4E0-141438EBF451}.dll C:\Users\Joanna\AppData\Local\Temp\{824456BE-D49E-42A4-9BCB-867B309E235F}.dll C:\Users\Joanna\AppData\Local\Temp\{83463DF7-DA53-47D7-8C3C-3F97CB6BDE84}.dll C:\Users\Joanna\AppData\Local\Temp\{85929E99-9240-4A52-ABCF-CBBA9E3FD647}.dll C:\Users\Joanna\AppData\Local\Temp\{85B6AFA6-69FA-47D8-AA22-AFE6A4814A74}.dll C:\Users\Joanna\AppData\Local\Temp\{88C8CFE5-880A-488C-905D-DF1B32532818}.dll C:\Users\Joanna\AppData\Local\Temp\{890103CC-0DDB-4800-96AA-C644735F541A}.dll C:\Users\Joanna\AppData\Local\Temp\{892DB2F1-8E21-41B4-ABAB-196FA5F17C20}.dll C:\Users\Joanna\AppData\Local\Temp\{8B631FD8-B0AD-440E-9413-157F362F202C}.dll C:\Users\Joanna\AppData\Local\Temp\{8FC1277D-FE30-4A62-9D29-ED6B41344D60}.dll C:\Users\Joanna\AppData\Local\Temp\{8FE9FF93-DD67-4725-9F89-C78A5BD2A209}.dll C:\Users\Joanna\AppData\Local\Temp\{94A08310-2366-4B85-9E4D-8260248A19EF}.dll C:\Users\Joanna\AppData\Local\Temp\{94C8A44C-1C09-4A41-B98A-A731A12F4905}.dll C:\Users\Joanna\AppData\Local\Temp\{95FD2269-E56C-4BC2-A668-429097598A1A}.dll C:\Users\Joanna\AppData\Local\Temp\{99407C10-25E3-4FD9-9CBD-E3CC4440B6C0}.dll C:\Users\Joanna\AppData\Local\Temp\{9C29B5B2-23DB-4412-AD92-E2758C58777C}-48.0.2564.103_chrome_installer.exe C:\Users\Joanna\AppData\Local\Temp\{A4ACAEFB-FB37-4DF6-AE59-2E13D71977FD}.dll C:\Users\Joanna\AppData\Local\Temp\{AA0D7E3E-F675-4EDD-B53E-D2ACDDB1BEFE}.dll C:\Users\Joanna\AppData\Local\Temp\{AF8F963C-5987-4A25-A4E1-71A913BC8DE1}.dll C:\Users\Joanna\AppData\Local\Temp\{B0FD137E-C7BA-44A2-A47F-DEF1077DFCBB}.dll C:\Users\Joanna\AppData\Local\Temp\{BC669B6C-177C-49EF-8D5E-99489B05B6D6}.dll C:\Users\Joanna\AppData\Local\Temp\{BD885C88-5D71-4170-B18B-1742D9783EE6}.dll C:\Users\Joanna\AppData\Local\Temp\{BF67895D-E552-4AEF-B9E5-F0ECB8916853}.dll C:\Users\Joanna\AppData\Local\Temp\{C5A13336-9D5F-43A6-BCA6-F4BE9B28743C}.dll C:\Users\Joanna\AppData\Local\Temp\{C5FA7D90-9A91-4E43-8D75-FDBA9022CBD0}.dll C:\Users\Joanna\AppData\Local\Temp\{CC3A3676-ECA8-478A-9A5F-9C40B79943CC}.dll C:\Users\Joanna\AppData\Local\Temp\{D036F6D1-7927-4329-B645-AB3860A9BADB}.dll C:\Users\Joanna\AppData\Local\Temp\{D241F599-D346-4DAA-8531-9F0D18E70B86}.dll C:\Users\Joanna\AppData\Local\Temp\{D2456FD7-24F8-4AB7-9B33-8357EB2FAA9A}.dll C:\Users\Joanna\AppData\Local\Temp\{D2BD48B5-C5D0-457D-9B49-4915C5AA8FF8}.dll C:\Users\Joanna\AppData\Local\Temp\{D3917D45-037E-43D6-81D9-7BDC413EE067}.dll C:\Users\Joanna\AppData\Local\Temp\{D6698626-71C4-4F25-9767-8246957AB7F7}.dll C:\Users\Joanna\AppData\Local\Temp\{D6ECF2BC-EFD4-4F55-A1B0-D3C5D3529E91}.dll C:\Users\Joanna\AppData\Local\Temp\{D8610D91-72FD-47BF-A352-CE39C88EB7D1}.dll C:\Users\Joanna\AppData\Local\Temp\{D86817E7-FD8C-48E5-A3B0-AC9C915D551F}.dll C:\Users\Joanna\AppData\Local\Temp\{D888F803-CDBF-4AE6-ABE6-BC41990C96F7}.dll C:\Users\Joanna\AppData\Local\Temp\{DD33BCC4-725A-4667-A801-38237A998464}.dll C:\Users\Joanna\AppData\Local\Temp\{E00F728D-F8C6-403D-845B-9EFA40E9DA4B}.dll C:\Users\Joanna\AppData\Local\Temp\{E020C12C-F85C-4E9B-9614-80CC66D5CF84}.dll C:\Users\Joanna\AppData\Local\Temp\{E9B5B659-8C4E-4639-A1C4-C340D0B5364E}.dll C:\Users\Joanna\AppData\Local\Temp\{EA91560E-59EC-451C-95A8-5FB6448306E1}.dll C:\Users\Joanna\AppData\Local\Temp\{ECBAC528-8CFE-4B3F-A37F-595CD8DE90B1}.dll C:\Users\Joanna\AppData\Local\Temp\{EE34AE6E-E0F0-4A2C-8FC5-F22FF536C666}.dll C:\Users\Joanna\AppData\Local\Temp\{F0EEE208-0A5F-4B17-88D9-99CF28665930}.dll C:\Users\Joanna\AppData\Local\Temp\{F97E51C1-FFDF-4BBA-BCC4-B626BBD2A758}.dll C:\Users\Joanna\AppData\Local\Temp\{FA11CB53-0D8E-4F18-A680-52B8A031BB7C}.dll ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\wininit.exe => Plik podpisany cyfrowo C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-12-01 16:44 ==================== Koniec FRST.txt ============================