Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:10-06-2016 Uruchomiony przez Kuba (administrator) HP-PC (11-06-2016 22:47:12) Uruchomiony z C:\Users\Kuba\Downloads Załadowane profile: Kuba (Dostępne profile: hp & Kuba) Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Język: Polski (Polska) Internet Explorer Wersja 9 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe (IDT, Inc.) C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe (Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe (Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe (Hewlett-Packard Corporation) C:\WINDOWS\System32\hpservice.exe (Validity Sensors, Inc.) C:\WINDOWS\System32\vfsFPService.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe (Andrea Electronics Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe () C:\Program Files\SMINST\BLService.exe () C:\Program Files\CyberLink\Shared files\RichVideo.exe (Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (CyberLink Corp.) C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.) C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink) C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe (Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\WINDOWS\System32\conime.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512 2008-01-18] (Synaptics, Inc.) HKLM\...\Run: [DVDAgent] => C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2008-09-26] (CyberLink Corp.) HKLM\...\Run: [TSMAgent] => C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1152296 2008-09-25] (CyberLink Corp.) HKLM\...\Run: [CLMLServer for HP TouchSmart] => C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-09-25] (CyberLink) HKLM\...\Run: [UCam_Menu] => C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.) HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [912688 2008-09-23] (Hewlett-Packard) HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.) HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-09-26] (CyberLink Corp.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.) HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.) HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-16] (Hewlett-Packard) HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2009-01-12] (CyberLink Corp.) HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-01-12] (Hewlett-Packard) HKLM\...\Run: [DpAgent] => C:\Program Files\DigitalPersona\Bin\dpagent.exe [842816 2009-12-01] (DigitalPersona, Inc.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\Update\realsched.exe [295072 2013-02-14] (RealNetworks, Inc.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [446556 2008-09-11] (IDT, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.) HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre1.8.0_77\bin\jusched.exe" HKU\S-1-5-21-3867825075-2707210963-1107574752-1001\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-03-19] (Hewlett-Packard Company) Lsa: [Notification Packages] scecli DPPWDFLT ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku Startup: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-07-21] ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () Startup: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk [2011-02-15] ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 217.172.224.160 89.231.1.206 Tcpip\..\Interfaces\{03E9ABE6-9AA6-4C9A-BF55-471D7465E951}: [DhcpNameServer] 217.172.224.160 89.231.1.206 Tcpip\..\Interfaces\{0F9BBBDB-8112-4283-97A4-E135A51D2FF3}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/?ilc=8 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com/?ilc=8 HKU\S-1-5-21-3867825075-2707210963-1107574752-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=91&bd=Pavilion&pf=cnnb HKU\S-1-5-21-3867825075-2707210963-1107574752-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_pl&c=91&bd=Pavilion&pf=cnnb SearchScopes: HKLM -> DefaultScope {1CD70448-63CB-417C-A9C7-06C73258A54B} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcnnbie7-pl-pl SearchScopes: HKLM -> {1CD70448-63CB-417C-A9C7-06C73258A54B} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1602&query={searchTerms}&invocationType=tb50hpcnnbie7-pl-pl BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll [2013-08-07] (Yahoo! Inc.) BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29] (RealDownloader) BHO: DigitalPersona Personal Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-12-01] (DigitalPersona, Inc.) BHO: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll [2008-07-02] (AOL LLC) BHO: Brak nazwy -> {7E853D72-626A-48EC-A868-BA8D5E23E045} -> Brak pliku BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-09] (Oracle Corporation) BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll [2011-10-06] (Yahoo! Inc) Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\Pasek narzędzi AOL 5.0\aoltb.dll [2008-07-02] (AOL LLC) Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll [2013-08-07] (Yahoo! Inc.) DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_77-windows-i586.cab DPF: {CAFEEFAC-0018-0000-0077-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_77-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_77-windows-i586.cab Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll [2007-01-19] (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll [2007-01-19] (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-04-08] (Skype Technologies) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-04-06] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2008-08-06] (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] () FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2013-04-02] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\system32\npDeployJava1.dll [2012-07-05] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_77\bin\new_plugin\npjp2.dll [Brak pliku] FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-09] (Oracle Corporation) FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2010-06-01] (Yahoo! Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=16.0.0.282 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2013-02-14] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2012-11-29] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2012-11-29] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2012-11-29] (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=16.0.0.282 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2013-02-14] (RealPlayer) FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2012-11-29] (RealDownloader) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-09] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-09] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2013-02-14] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2013-02-14] (RealPlayer) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-09-07] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\FirefoxExt FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\FirefoxExt [2011-06-19] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-01-26] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKU\S-1-5-21-3867825075-2707210963-1107574752-1001\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\firefoxext FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-09-09] Chrome: ======= CHR Profile: C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-10] CHR Extension: (Google Docs) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-11] CHR Extension: (Google Drive) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-11] CHR Extension: (YouTube) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-11] CHR Extension: (Google Sheets) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-10] CHR Extension: (Google Docs Offline) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-11] CHR Extension: (RealDownloader) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2016-06-10] CHR Extension: (Chrome Web Store Payments) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-10] CHR Extension: (Gmail) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-11] CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 DpHost; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [322624 2009-12-01] (DigitalPersona, Inc.) [Brak podpisu cyfrowego] R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [Brak podpisu cyfrowego] R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-16] (Hewlett-Packard) [Brak podpisu cyfrowego] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2010-03-19] (Hewlett-Packard Company) [Brak podpisu cyfrowego] R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] () R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-10-06] () R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-06-30] () [Brak podpisu cyfrowego] S3 usnjsvc; C:\Program Files\MSN Messenger\usnsvc.exe [97136 2007-01-19] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) S2 Norton Internet Security; "C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2014-09-13] (Sony Mobile Communications) S3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [27632 2010-11-16] (Sony Ericsson Mobile Communications) [Brak podpisu cyfrowego] S3 seusbser; C:\Windows\System32\DRIVERS\seusbser.sys [113008 2010-11-16] (QUALCOMM Incorporated) S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2014-08-16] (Apple, Inc.) [Brak podpisu cyfrowego] R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263}; C:\Program Files\HP\QuickPlay\000.fcl [87536 2009-01-12] (CyberLink Corp.) R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl [59376 2008-09-26] (Cyberlink Corp.) S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] U2 wuaserv; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-06-11 22:47 - 2016-06-11 22:47 - 00021821 _____ C:\Users\Kuba\Downloads\FRST.txt 2016-06-11 22:40 - 2016-06-11 22:47 - 00000000 ____D C:\FRST 2016-06-11 22:34 - 2016-06-11 22:34 - 01735680 _____ (Farbar) C:\Users\Kuba\Downloads\FRST.exe 2016-06-11 22:33 - 2016-06-11 22:34 - 00380928 _____ C:\Users\Kuba\Downloads\9eltpkwu.exe 2016-06-11 21:49 - 2012-07-05 22:06 - 00772544 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll 2016-06-11 21:49 - 2012-07-05 22:06 - 00687544 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll 2016-06-11 21:47 - 2016-04-09 15:50 - 00191552 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2016-06-11 21:47 - 2016-04-09 15:50 - 00191040 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2016-06-11 21:19 - 2016-06-11 21:19 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Macromedia 2016-06-11 21:19 - 2016-06-11 21:19 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Adobe 2016-06-11 17:30 - 2016-06-11 17:32 - 00364494 _____ C:\Windows\ntbtlog.txt 2016-06-10 19:40 - 2016-06-10 19:40 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Sun 2016-06-10 19:40 - 2016-06-10 19:40 - 00000000 ____D C:\Users\Kuba\AppData\LocalLow\Sun 2016-06-10 19:40 - 2016-06-10 19:40 - 00000000 ____D C:\Users\Kuba\.oracle_jre_usage 2016-06-10 19:37 - 2016-06-11 21:17 - 00027136 _____ C:\Users\Kuba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-06-10 19:35 - 2016-06-10 19:35 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Macrovision 2016-06-10 19:35 - 2016-06-10 19:35 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\DigitalPersona 2016-06-10 19:35 - 2016-06-10 19:35 - 00000000 ____D C:\Users\Kuba\AppData\Local\Hewlett-Packard 2016-06-10 19:35 - 2016-06-10 19:35 - 00000000 ____D C:\Users\Kuba\AppData\Local\DigitalPersona 2016-06-10 19:35 - 2016-06-10 19:35 - 00000000 ____D C:\Users\Kuba\AppData\Local\Apple Computer 2016-06-10 19:35 - 2016-06-10 19:35 - 00000000 _____ C:\Users\Kuba\AppData\Local\QSwitch.txt 2016-06-10 19:35 - 2016-06-10 19:35 - 00000000 _____ C:\Users\Kuba\AppData\Local\DSwitch.txt 2016-06-10 19:35 - 2016-06-10 19:35 - 00000000 _____ C:\Users\Kuba\AppData\Local\AtStart.txt 2016-06-10 19:34 - 2016-06-10 19:35 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Apple Computer 2016-06-10 19:34 - 2016-06-10 19:34 - 00081840 _____ C:\Users\Kuba\AppData\Local\GDIPFONTCACHEV1.DAT 2016-06-10 19:34 - 2016-06-10 19:34 - 00000951 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-06-10 19:34 - 2016-06-10 19:34 - 00000946 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-06-10 19:34 - 2016-06-10 19:34 - 00000917 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk 2016-06-10 19:34 - 2016-06-10 19:34 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Real 2016-06-10 19:34 - 2016-06-10 19:34 - 00000000 ____D C:\Users\Kuba\AppData\Local\Google 2016-06-10 19:33 - 2016-06-10 19:40 - 00000000 ____D C:\Users\Kuba 2016-06-10 19:33 - 2016-06-10 19:34 - 00000000 ____D C:\Users\Kuba\AppData\Local\VirtualStore 2016-06-10 19:33 - 2016-06-10 19:33 - 00000020 ___SH C:\Users\Kuba\ntuser.ini 2016-06-10 19:33 - 2016-06-10 19:33 - 00000000 _SHDL C:\Users\Kuba\Ustawienia lokalne 2016-06-10 19:33 - 2016-06-10 19:33 - 00000000 _SHDL C:\Users\Kuba\Szablony 2016-06-10 19:33 - 2016-06-10 19:33 - 00000000 _SHDL C:\Users\Kuba\Moje dokumenty 2016-06-10 19:33 - 2016-06-10 19:33 - 00000000 _SHDL C:\Users\Kuba\Menu Start 2016-06-10 19:33 - 2016-06-10 19:33 - 00000000 _SHDL C:\Users\Kuba\Documents\Moje wideo 2016-06-10 19:33 - 2016-06-10 19:33 - 00000000 _SHDL C:\Users\Kuba\Documents\Moje obrazy 2016-06-10 19:33 - 2016-06-10 19:33 - 00000000 _SHDL C:\Users\Kuba\Documents\Moja muzyka 2016-06-10 19:33 - 2016-06-10 19:33 - 00000000 _SHDL C:\Users\Kuba\Dane aplikacji 2016-06-10 19:33 - 2016-06-10 19:33 - 00000000 _SHDL C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2016-06-10 19:33 - 2016-06-10 19:33 - 00000000 _SHDL C:\Users\Kuba\AppData\Local\Historia 2016-06-10 19:33 - 2016-06-10 19:33 - 00000000 _SHDL C:\Users\Kuba\AppData\Local\Dane aplikacji 2016-06-10 19:33 - 2010-09-12 22:09 - 00000000 ____D C:\Users\Kuba\AppData\Local\Microsoft Help 2016-06-10 19:33 - 2009-12-14 20:01 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite 2016-06-10 19:33 - 2009-12-14 19:58 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP 2016-06-10 19:33 - 2006-11-02 14:37 - 00000000 ____D C:\Users\Kuba\AppData\Roaming\Media Center Programs 2016-06-10 19:31 - 2016-06-10 19:31 - 00001666 _____ C:\Users\Public\Desktop\iTunes.lnk 2016-06-10 19:31 - 2016-06-10 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-06-10 19:30 - 2016-06-10 19:30 - 00000000 ____D C:\Program Files\iPod 2016-06-10 19:29 - 2016-06-10 19:31 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB 2016-06-10 19:29 - 2016-06-10 19:31 - 00000000 ____D C:\Program Files\iTunes 2016-06-10 19:20 - 2016-06-10 19:20 - 00000000 ____D C:\Program Files\Apple Software Update ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-06-11 22:33 - 2012-09-12 19:29 - 00000916 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3867825075-2707210963-1107574752-1000UA.job 2016-06-11 22:06 - 2012-04-01 16:30 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-06-11 21:57 - 2008-11-18 11:43 - 00714932 _____ C:\Windows\system32\perfh015.dat 2016-06-11 21:57 - 2008-11-18 11:43 - 00151772 _____ C:\Windows\system32\perfc015.dat 2016-06-11 21:57 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf 2016-06-11 21:57 - 2006-11-02 12:33 - 01616158 _____ C:\Windows\system32\PerfStringBackup.INI 2016-06-11 21:52 - 2014-01-26 18:43 - 00001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-11 21:48 - 2008-11-18 05:03 - 00000000 ____D C:\Program Files\Common Files\Java 2016-06-11 21:47 - 2013-10-06 17:58 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-06-11 21:37 - 2011-02-15 21:35 - 00000220 _____ C:\ProgramData\hpqp.ini 2016-06-11 21:37 - 2010-08-30 20:50 - 00031586 _____ C:\ProgramData\nvModes.001 2016-06-11 21:36 - 2014-01-26 18:43 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-06-11 21:36 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-06-11 21:36 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2016-06-11 21:36 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2016-06-11 19:33 - 2012-09-12 19:29 - 00000894 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3867825075-2707210963-1107574752-1000Core.job 2016-06-11 17:29 - 2009-12-14 20:27 - 00009055 _____ C:\Windows\bthservsdp.dat 2016-06-11 17:29 - 2006-11-02 15:01 - 00032610 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-06-10 19:43 - 2010-09-14 19:25 - 00000000 ____D C:\Users\hp\AppData\Local\CrashDumps 2016-06-10 19:30 - 2014-06-29 19:20 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-06-10 19:29 - 2014-06-29 19:26 - 00000000 ____D C:\ProgramData\Apple Computer 2016-06-10 19:22 - 2009-12-14 20:11 - 00000000 ____D C:\Users\hp 2016-06-10 19:20 - 2014-06-29 19:25 - 00001830 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk ==================== Pliki w katalogu głównym wybranych folderów ======= 2013-12-22 22:12 - 2013-12-22 22:12 - 49940480 _____ () C:\Program Files\GUTE169.tmp 2016-06-10 19:35 - 2016-06-10 19:35 - 0000000 _____ () C:\Users\Kuba\AppData\Local\AtStart.txt 2016-06-10 19:37 - 2016-06-11 21:17 - 0027136 _____ () C:\Users\Kuba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-06-10 19:35 - 2016-06-10 19:35 - 0000000 _____ () C:\Users\Kuba\AppData\Local\DSwitch.txt 2016-06-10 19:35 - 2016-06-10 19:35 - 0000000 _____ () C:\Users\Kuba\AppData\Local\QSwitch.txt 2011-02-15 21:35 - 2016-06-11 21:37 - 0000220 _____ () C:\ProgramData\hpqp.ini 2010-08-30 20:50 - 2016-06-11 21:37 - 0031586 _____ () C:\ProgramData\nvModes.001 2010-08-30 20:44 - 2010-11-12 18:57 - 0031586 _____ () C:\ProgramData\nvModes.dat 2009-12-14 20:01 - 2009-12-14 20:01 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log 2008-11-18 04:40 - 2008-11-18 04:40 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2009-12-14 20:00 - 2009-12-14 20:00 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log 2008-11-18 04:34 - 2008-11-18 04:35 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2009-12-14 19:59 - 2009-12-14 19:59 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log 2009-12-14 20:01 - 2009-12-14 20:01 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log 2008-11-18 04:33 - 2008-11-18 04:34 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2008-11-18 04:36 - 2008-11-18 04:39 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log 2009-12-14 20:01 - 2009-12-14 20:01 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log Niektóre pliki w TEMP: ==================== C:\Users\hp\AppData\Local\Temp\.exe C:\Users\hp\AppData\Local\Temp\ApnStub.exe C:\Users\hp\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp39zgum.dll C:\Users\hp\AppData\Local\Temp\ICReinstall_VuuPC_Setup.exe C:\Users\hp\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe C:\Users\hp\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe C:\Users\hp\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\hp\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe C:\Users\hp\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\hp\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\hp\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe C:\Users\hp\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe C:\Users\hp\AppData\Local\Temp\jre-8u77-windows-au.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2016-06-11 21:42 ==================== Koniec FRST.txt ============================