Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja: 06-06-2020 Uruchomiony przez Pati (administrator) PATI-KOMPUTER (SAMSUNG ELECTRONICS CO., LTD. R540/R580/R780/SA41/E452/E852) (12-06-2020 19:33:09) Uruchomiony z C:\Users\Pati\Downloads Załadowane profile: Pati & NeroMediaHomeUser.4 Platform: Windows 7 Home Premium Service Pack 1 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files (x86)\Tor\tor.exe () [Brak podpisu cyfrowego] C:\Windows\SysWOW64\Rezip.exe (Advanced Micro Devices Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) [Brak podpisu cyfrowego] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Bluestack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Bluestack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (Bluestack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (Huawei Technologies Co., Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\blueconnect\DataCardMonitor.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (McAfee, Inc. -> ) C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\Pati\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <2> (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <5> (Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Samsung Electronics CO., LTD. -> SEC) [Brak podpisu cyfrowego] C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (Samsung Electronics Co., Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.) [Brak podpisu cyfrowego] C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (SAMSUNG Electronics) [Brak podpisu cyfrowego] C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-07] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [2703752 2010-03-25] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178496 2018-04-19] (ESET, spol. s r.o. -> ESET) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-07-06] (Advanced Micro Devices, Inc.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5174568 2010-03-08] (Nero AG -> Nero AG) HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\ssmmgr.exe [618496 2010-06-07] () [Brak podpisu cyfrowego] HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\blueconnect\DataCardMonitor.exe [249856 2012-09-11] (Huawei Technologies Co., Ltd.) [Brak podpisu cyfrowego] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [839384 2014-09-16] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.) HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5174568 2010-03-08] (Nero AG -> Nero AG) HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\Run: [Eaogok] => C:\Users\Pati\AppData\Roaming\Eaogok.exe HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\Run: [Windows Login access] => C:\Users\Pati\AppData\Roaming\web2net.exe HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-06-20] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\Run: [BingSvc] => C:\Users\Pati\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (Microsoft Corporation -> © 2015 Microsoft Corporation) HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\Run: [ChomikBox] => C:\Program Files (x86)\ChomikBox\chomikbox.exe HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: G - G:\HiSuiteDownLoader.exe HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {2d45c892-fbf6-11e1-b581-000b6b651b3d} - G:\AutoRun.exe HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {2d45c897-fbf6-11e1-b581-000b6b651b3d} - G:\AutoRun.exe HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {3cf513e8-bdfc-11e1-89f2-000b6b651b3d} - G:\AutoRun.exe HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {9ef5003e-bdff-11e1-93b0-000b6b651b3d} - G:\AutoRun.exe HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {a220eb41-fbee-11e1-a878-000b6b651b3d} - G:\AutoRun.exe HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {a220eb48-fbee-11e1-a878-000b6b651b3d} - G:\AutoRun.exe HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {ce7ff863-d323-11e0-9411-000b6b651b3d} - G:\LGAutoRun.exe HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {e49ac23b-6453-11e4-aa9c-000b6b651b3d} - G:\Startme.exe HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {eb36b07c-a328-11e0-bffa-000b6b651b3d} - F:\AutoRun.exe HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {eb36b082-a328-11e0-bffa-000b6b651b3d} - F:\AutoRun.exe HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {f8a3958b-a2fe-11e9-a874-000b6b651b3d} - G:\HiSuiteDownLoader.exe HKU\S-1-5-21-425697130-2423384976-1920107721-1000\...\MountPoints2: {fcfd0a29-5aad-11e7-a334-000b6b651b3d} - G:\HiSuiteDownLoader.exe HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\SSP7MPC: C:\Windows\System32\spool\prtprocs\x64\ssp7mpc.dll [33792 2009-08-10] (Windows (R) Server 2003 DDK provider) [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\CUSTPDF Writer Monitor x86: C:\Windows\system32\custmon64i.dll [87552 2011-10-04] () [Brak podpisu cyfrowego] HKLM\...\Print\Monitors\SSP7M Langmon: C:\Windows\system32\ssp7ml6.dll [27648 2009-08-10] () [Brak podpisu cyfrowego] HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-10] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2010-04-29] (Broadcom Corporation -> Broadcom Corporation.) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-06-21] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.) ==================== Zaplanowane zadania (filtrowane) ============ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {19610CA3-48D1-467D-8EA5-E3ABDAED180D} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe Task: {1AD177E9-A356-4DCE-BBA7-B70C6411AD5A} - \AdobeFlashPlayerUpdate 2 -> Brak pliku <==== UWAGA Task: {1CEF1903-A239-4716-932C-73A4C616DBCB} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2201192 2010-01-19] (Samsung Electronics CO., LTD. -> SEC) [Brak podpisu cyfrowego] Task: {1E4DDEBF-2A7A-4502-A0AA-94DF3E4FA586} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {2A2E234A-F85B-403C-9A68-BBE8D89D9E9F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {47015032-DC23-42E1-A3AC-A705341F0C3C} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {47BF0302-D0CA-43A5-912C-A44D9098D396} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [847360 2010-06-08] (Samsung Electronics Co., Ltd.) [Brak podpisu cyfrowego] Task: {4FEA1C6F-1563-411B-ABDC-7E0834E6D84E} - System32\Tasks\{5083AD46-2029-4429-9FAF-23124CF0C906} => C:\Windows\system32\pcalua.exe -a C:\Users\Pati\Downloads\Nero-7.9.6.0_plk_trial(DobrePliki.pl).exe -d C:\Users\Pati\Downloads Task: {7F2DA135-47E4-431E-BA02-8313A83401E8} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-11] (Mozilla Corporation -> Mozilla Foundation) Task: {8DB39D44-643E-4DDA-9EF5-3A3E667C95F7} - \AdobeFlashPlayerUpdate -> Brak pliku <==== UWAGA Task: {A9E28B6C-D887-4827-A66E-ECB2B07E9DA1} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [1749504 2010-05-06] (SAMSUNG Electronics) [Brak podpisu cyfrowego] Task: {B62C3473-2818-4DF5-8D8A-85689FED7F58} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [6644736 2010-06-01] (Samsung Electronics. Co. Ltd.) [Brak podpisu cyfrowego] Task: {C8E97ADE-91EF-4873-966F-DDC47DFF897E} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [356352 2010-03-29] (SAMSUNG Electronics co., LTD.) [Brak podpisu cyfrowego] Task: {D690AF97-5FA1-4109-9362-55FB7698CBC4} - System32\Tasks\NodEnabler => c:\nodNodEnabler.exe <==== UWAGA Task: {ECC89F17-841D-49A3-962D-4CB28F075E82} - System32\Tasks\EasySpeedUpManager => Command(1): "%programfiles(x86)%\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe" -> /s Task: {ECC89F17-841D-49A3-962D-4CB28F075E82} - System32\Tasks\EasySpeedUpManager => Command(2): C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [719360 [719360 2010-02-10]] (Samsung Electronics Co., Ltd.) [Brak podpisu cyfrowego] (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{8C7EC1FB-1023-4C7F-B871-484617D467BA}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-425697130-2423384976-1920107721-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-425697130-2423384976-1920107721-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = SearchScopes: HKU\S-1-5-21-425697130-2423384976-1920107721-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-425697130-2423384976-1920107721-1000 -> {759BAE1A-1D16-4449-85D5-FD4C58ED355A} URL = hxxp://www.bing.com/search?FORM=MSNTLB&PC=MSNTDF&q={searchTerms}&src=IE-SearchBox BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2009-01-29] (McAfee, Inc. -> ) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll => Brak pliku BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-08-28] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-22] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies SA -> Skype Technologies S.A.) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2009-01-29] (McAfee, Inc. -> ) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-08-28] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2009-01-29] (McAfee, Inc. -> ) Toolbar: HKLM - Brak nazwy - {32099AAC-C132-4136-9E9A-4E364A424E17} - Brak pliku Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2009-01-29] (McAfee, Inc. -> ) Toolbar: HKLM-x32 - Brak nazwy - {32099AAC-C132-4136-9E9A-4E364A424E17} - Brak pliku Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2009-01-29] (McAfee, Inc. -> ) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2009-01-29] (McAfee, Inc. -> ) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08] (Skype Technologies SA -> Skype Technologies S.A.) FireFox: ======== FF DefaultProfile: c0py85rr.default FF ProfilePath: C:\Users\Pati\AppData\Roaming\Mozilla\Firefox\Profiles\c0py85rr.default [2020-06-12] FF user.js: detected! => C:\Users\Pati\AppData\Roaming\Mozilla\Firefox\Profiles\c0py85rr.default\user.js [2020-06-11] FF NewTab: Mozilla\Firefox\Profiles\c0py85rr.default -> FF HKLM-x32\...\Firefox\Extensions: [{B7082FAA-CB62-4872-9106-E42DD88EDE45}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-06-30] [Przestarzałe] [Brak podpisu cyfrowego] FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension => nie znaleziono FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => nie znaleziono FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll [2013-02-25] (Adobe Systems Incorporated -> ) FF Plugin: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll [2013-02-25] (Adobe Systems Incorporated -> ) FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-08-28] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-08-28] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Brak pliku] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-22] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-425697130-2423384976-1920107721-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pati\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-11] (Unity Technologies ApS -> Unity Technologies ApS) Chrome: ======= CHR Profile: C:\Users\Pati\AppData\Local\Google\Chrome\User Data\Default [2020-06-12] CHR Notifications: Default -> hxxps://inpost.pl; hxxps://player.pl; hxxps://www.bzwbk.pl CHR Extension: (Prezentacje) - C:\Users\Pati\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18] CHR Extension: (Dokumenty) - C:\Users\Pati\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18] CHR Extension: (Dysk Google) - C:\Users\Pati\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17] CHR Extension: (YouTube) - C:\Users\Pati\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-13] CHR Extension: (Dokumenty Google offline) - C:\Users\Pati\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-11] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Pati\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Gmail) - C:\Users\Pati\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-28] CHR Extension: (Chrome Media Router) - C:\Users\Pati\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-11] CHR HKU\S-1-5-21-425697130-2423384976-1920107721-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203264 2010-07-07] (Microsoft Windows Hardware Compatibility Publisher -> AMD) S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-09-16] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-09-16] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-09-16] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-19] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-19] (ESET, spol. s r.o. -> ESET) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2012-02-26] () [Brak podpisu cyfrowego] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [203280 2009-01-23] (McAfee, Inc. -> ) R2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2010-03-08] (Nero AG -> Nero AG) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-20] (Electronic Arts, Inc. -> Electronic Arts) R2 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] () [Brak podpisu cyfrowego] R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-24] () [Brak podpisu cyfrowego] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.) S2 AOLserver-projop; "C:\project-open\bin\nsd.exe" -S -s projop -t "c:\project-open\servers\projop\etc\config.tcl" S2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [X] S2 pgsql-8.2; "C:\Program Files (x86)\PostgreSQL\8.2\bin\pg_ctl.exe" runservice -w -N "pgsql-8.2" -D "C:\Program Files (x86)\PostgreSQL\8.2\data\" ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [7195648 2010-07-07] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.) R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [265728 2010-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R3 AtiHdmiService; C:\Windows\System32\drivers\AtiHdmi.sys [116736 2010-01-29] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies, Inc.) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-09-16] (Bluestack Systems, Inc. -> BlueStack Systems) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [137928 2018-04-12] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [110432 2018-04-12] (ESET, spol. s r.o. -> ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [196112 2018-04-12] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50136 2018-04-12] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82816 2018-04-12] (ESET, spol. s r.o. -> ESET) R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [64656 2018-04-12] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [108320 2018-04-12] (ESET, spol. s r.o. -> ESET) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-06-12] (Malwarebytes Corporation -> Malwarebytes) R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [136192 2010-04-01] (Microsoft Windows Hardware Compatibility Publisher -> ELAN Microelectronics Corp.) U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [133632 2008-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [115328 2008-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2020-06-12] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2020-06-12] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2020-06-12] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2020-06-12] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [106344 2020-06-12] (Malwarebytes Corporation -> Malwarebytes) S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-03-08] (Realtek Semiconductor Corp -> Windows (R) 2003 DDK 3790 provider) R1 SABI; C:\Windows\system32\Drivers\SABI.sys [13824 2010-03-31] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2012-02-26] ( () [Brak podpisu cyfrowego]) [Plik w użyciu ] S2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-07-29] (Samsung Electronics CO., LTD. -> Samsung Electronics) R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] (Microsoft Windows Hardware Compatibility Publisher -> ) U3 afbkhznu; C:\Windows\System32\Drivers\afbkhznu.sys [0 0000-00-00] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder) S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X] S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-06-12 19:33 - 2020-06-12 19:34 - 000032709 _____ C:\Users\Pati\Downloads\FRST.txt 2020-06-12 18:47 - 2020-06-12 18:47 - 000014260 _____ C:\Users\Pati\Desktop\Eset.txt 2020-06-12 16:53 - 2020-06-12 18:21 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2020-06-12 16:53 - 2020-06-12 16:53 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2020-06-12 16:53 - 2020-06-12 16:53 - 000106344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2020-06-12 16:51 - 2020-06-12 18:19 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2020-06-12 16:38 - 2020-06-12 16:48 - 000000000 ____D C:\AdwCleaner 2020-06-12 16:37 - 2020-06-12 16:38 - 008402608 _____ (Malwarebytes) C:\Users\Pati\Downloads\AdwCleaner.exe 2020-06-12 09:50 - 2020-06-12 09:50 - 000000000 ____D C:\Users\Pati\AppData\Local\mbamtray 2020-06-12 09:27 - 2020-06-12 09:27 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2020-06-11 19:32 - 2020-06-11 19:32 - 000000000 ____D C:\Users\Pati\AppData\Local\mbam 2020-06-11 19:29 - 2020-06-12 09:26 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2020-06-11 19:29 - 2020-06-11 19:29 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-06-11 19:29 - 2020-06-11 19:29 - 000001867 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2020-06-11 19:29 - 2020-06-11 19:29 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2020-06-11 19:29 - 2020-06-11 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2020-06-11 19:28 - 2020-06-11 19:28 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-06-11 19:28 - 2020-06-11 19:28 - 000000000 ____D C:\Program Files\Malwarebytes 2020-06-11 19:26 - 2020-06-12 09:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2020-06-11 18:12 - 2020-06-12 19:21 - 000000000 ____D C:\Users\Pati\AppData\LocalLow\Mozilla 2020-06-11 16:08 - 2020-06-12 19:33 - 000000000 ____D C:\FRST 2020-06-11 16:08 - 2020-06-11 16:08 - 002289152 _____ (Farbar) C:\Users\Pati\Downloads\FRST64.exe 2020-06-11 15:32 - 2020-06-11 15:32 - 000000000 ____D C:\ProgramData\SystemAcCrux 2020-06-11 15:31 - 2020-06-11 15:31 - 000001029 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard.lnk 2020-06-11 15:31 - 2020-06-11 15:31 - 000001029 _____ C:\ProgramData\Desktop\EaseUS Data Recovery Wizard.lnk 2020-06-11 15:31 - 2020-06-11 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 2020-06-11 15:31 - 2020-06-11 15:31 - 000000000 ____D C:\Program Files\EaseUS ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-06-12 18:29 - 2011-07-14 17:54 - 000000000 ____D C:\Program Files (x86)\ALLPlayer 2020-06-12 18:29 - 2009-07-14 06:45 - 000014144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-06-12 18:29 - 2009-07-14 06:45 - 000014144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-06-12 18:23 - 2011-10-22 13:49 - 000000000 ____D C:\Users\Pati\AppData\Local\ESET 2020-06-12 18:16 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-06-12 16:49 - 2013-04-18 21:29 - 000000000 ____D C:\Program Files (x86)\Delta 2020-06-12 09:52 - 2020-03-29 20:15 - 000000000 ____D C:\Windows\system32\MRT 2020-06-12 09:20 - 2014-03-28 17:20 - 000000000 ____D C:\project-open 2020-06-12 09:20 - 2012-08-21 22:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-06-12 03:03 - 2020-03-29 20:15 - 120636720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2020-06-11 23:20 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache 2020-06-11 22:02 - 2011-06-25 16:20 - 000003982 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{4EC4E476-C5DB-4EA3-929F-9E2A508BD543} 2020-06-11 21:05 - 2011-07-13 15:12 - 000000000 ____D C:\Users\Pati\Documents\Youcam 2020-06-11 20:59 - 2012-07-29 15:16 - 000000000 ____D C:\Program Files (x86)\Ashampoo_PO 2020-06-11 20:59 - 2011-10-22 13:26 - 000000000 ____D C:\Program Files (x86)\TNod User & Password Finder 2020-06-11 20:59 - 2011-07-13 15:17 - 000000000 ____D C:\Users\Pati\Desktop\programy 2020-06-11 19:34 - 2018-05-12 13:39 - 000000000 ____D C:\Users\Pati\AppData\Local\CrashDumps 2020-06-11 19:26 - 2012-08-21 22:35 - 000000000 ____D C:\Users\Pati\AppData\Roaming\Mozilla 2020-06-11 19:26 - 2012-08-21 22:34 - 000000000 ____D C:\ProgramData\Mozilla 2020-06-11 17:40 - 2010-11-25 06:30 - 000000000 ____D C:\Program Files (x86)\Bing Bar Installer 2020-06-10 19:57 - 2020-01-18 21:44 - 000000000 ____D C:\Users\Pati\Desktop\pulpit 2020-06-10 19:29 - 2011-07-07 15:26 - 000002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-06-10 19:29 - 2011-07-07 15:26 - 000002149 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-06-10 19:29 - 2011-07-07 15:26 - 000002149 _____ C:\ProgramData\Desktop\Google Chrome.lnk ==================== Pliki w katalogu głównym wybranych folderów ======== 2011-09-01 15:08 - 2012-07-29 15:37 - 000001892 _____ () C:\Program Files (x86)\INSTALL.LOG 2011-09-01 15:07 - 1998-04-30 14:56 - 000129024 _____ () C:\Program Files (x86)\UNWISE.EXE 2011-10-16 13:07 - 2011-10-16 13:07 - 000000000 ____H () C:\Users\Pati\AppData\Roaming\Hej8FIL77Eh7 2013-12-19 19:08 - 2017-12-14 19:08 - 000000323 _____ () C:\Users\Pati\AppData\Roaming\WB.CFG 2011-10-16 13:04 - 2011-10-16 13:04 - 000000000 _____ () C:\Users\Pati\AppData\Local\{017713EC-4DD1-4D54-872B-87F57AFA4E41} 2011-11-18 20:33 - 2011-11-18 20:33 - 000000000 _____ () C:\Users\Pati\AppData\Local\{2742A24C-7A85-4AB3-86BC-EE516A3C78C5} 2011-08-28 12:54 - 2011-08-28 12:55 - 000000000 _____ () C:\Users\Pati\AppData\Local\{3342FD3E-FE97-4504-9833-4010476E5273} 2014-09-05 22:58 - 2014-09-05 22:58 - 000000000 _____ () C:\Users\Pati\AppData\Local\{5AB1BC3C-D9E5-42FC-A733-ED23C23F28A3} 2011-11-18 21:00 - 2011-11-18 21:01 - 000000000 _____ () C:\Users\Pati\AppData\Local\{60D35849-EF15-4BCF-9A3A-ACF99CF6FAAD} 2011-07-30 14:08 - 2011-07-30 14:08 - 000000000 _____ () C:\Users\Pati\AppData\Local\{68F1F850-B947-4198-AF38-E3D5906F99AA} 2011-08-12 16:57 - 2011-08-12 16:57 - 000000000 _____ () C:\Users\Pati\AppData\Local\{85954DC2-B0ED-4722-99C9-2037E6E97ECA} 2011-08-04 22:29 - 2011-08-04 22:29 - 000000000 _____ () C:\Users\Pati\AppData\Local\{874CA239-9283-4922-9F5A-B1606BBF671C} 2011-07-31 13:57 - 2011-07-31 13:57 - 000000000 _____ () C:\Users\Pati\AppData\Local\{A051F34D-FAAB-45DB-B62C-735DE09A45CB} 2011-07-31 13:54 - 2011-07-31 13:54 - 000000000 _____ () C:\Users\Pati\AppData\Local\{B7C7E8FF-7E05-496F-AA74-272E24077CDD} ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== BCD ================================ Mened�er rozruchu systemu Windows --------------------------------- Identyfikator {bootmgr} device partition=\Device\HarddiskVolume2 description Windows Boot Manager locale pl-PL inherit {globalsettings} default {current} resumeobject {abfb786d-f804-11df-9e8c-002454b0077b} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Modu� �aduj�cy rozruchu systemu Windows --------------------------------------- Identyfikator {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale pl-PL inherit {bootloadersettings} recoverysequence {abfb786f-f804-11df-9e8c-002454b0077b} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {abfb786d-f804-11df-9e8c-002454b0077b} nx OptIn numproc 2 Modu� �aduj�cy rozruchu systemu Windows --------------------------------------- Identyfikator {abfb786f-f804-11df-9e8c-002454b0077b} device ramdisk=[C:]\Recovery\abfb786f-f804-11df-9e8c-002454b0077b\Winre.wim,{abfb7870-f804-11df-9e8c-002454b0077b} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\abfb786f-f804-11df-9e8c-002454b0077b\Winre.wim,{abfb7870-f804-11df-9e8c-002454b0077b} systemroot \windows nx OptIn winpe Yes Wznawianie ze stanu hibernacji ------------------------------ Identyfikator {abfb786d-f804-11df-9e8c-002454b0077b} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale pl-PL inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Modu� testuj�cy pami�� systemu Windows -------------------------------------- Identyfikator {memdiag} device partition=\Device\HarddiskVolume2 path \boot\memtest.exe description Windows Memory Diagnostic locale pl-PL inherit {globalsettings} badmemoryaccess Yes Ustawienia us�ug EMS -------------------- Identyfikator {emssettings} bootems Yes Ustawienia debugera ------------------- Identyfikator {dbgsettings} debugtype Serial debugport 1 baudrate 115200 Uszkodzenia pami�ci RAM ----------------------- Identyfikator {badmemory} Ustawienia globalne ------------------- Identyfikator {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Ustawienia modu�u �aduj�cego rozruchu ------------------------------------- Identyfikator {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Ustawienia funkcji hypervisor ----------------------------- Identyfikator {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Ustawienia modu�u �aduj�cego wznawiania --------------------------------------- Identyfikator {resumeloadersettings} inherit {globalsettings} Opcje urz�dzenia ---------------- Identyfikator {abfb7870-f804-11df-9e8c-002454b0077b} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\abfb786f-f804-11df-9e8c-002454b0077b\boot.sdi LastRegBack: 2020-06-11 23:10 ==================== Koniec FRST.txt ========================