Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 22-01-2020 01 Uruchomiony przez Rafał (administrator) RAFA-CC39328158 (24-01-2020 18:30:52) Uruchomiony z C:\Documents and Settings\Rafał\Pulpit Załadowane profile: Rafał (Dostępne profile: Rafał & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 8 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) () [Brak podpisu cyfrowego] C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe () [Brak podpisu cyfrowego] C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe () [Brak podpisu cyfrowego] C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe () [Brak podpisu cyfrowego] C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe (Canon Inc.) [Brak podpisu cyfrowego] C:\Program Files\Canon\CAL\CALMAIN.exe (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [Brak podpisu cyfrowego] C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [Brak podpisu cyfrowego] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Intel Corporation -> ) C:\Program Files\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation -> Intel Corporation) C:\WINDOWS\system32\IPROSetMonitor.exe (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Windows Component Publisher -> Microsoft Corporation) C:\WINDOWS\system32\alg.exe (Microsoft Windows Component Publisher -> Microsoft Corporation) C:\WINDOWS\system32\snmp.exe (Microsoft Windows Component Publisher -> Microsoft Corporation) C:\WINDOWS\system32\tcpsvcs.exe (Microsoft Windows Component Publisher -> Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Nero AG) [Brak podpisu cyfrowego] C:\Program Files\Ahead\InCD\InCD.exe (Nero AG) [Brak podpisu cyfrowego] C:\Program Files\Ahead\InCD\InCDsrv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe (Portrait Displays, Inc. -> ) C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe (Portrait Displays, Inc. -> ) C:\Program Files\Portrait Displays\Pivot Pro Plugin\Floater.exe (Portrait Displays, Inc. -> ) C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpCtrl.exe (Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (Visicom Media Inc. -> Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filtering.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe ==================== Rejestr (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [PivotSoftware] => C:\Program Files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [110192 2010-05-13] (Portrait Displays, Inc. -> ) HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) [Brak podpisu cyfrowego] HKLM\...\Run: [InCD] => C:\Program Files\Ahead\InCD\InCD.exe [1397760 2005-07-25] (Nero AG) [Brak podpisu cyfrowego] HKLM\...\Run: [DT PLP] => C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [121456 2010-05-17] (Portrait Displays, Inc. -> ) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc. -> Apple Inc.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.) [Brak podpisu cyfrowego] HKLM\...\Run: [SW20] => C:\WINDOWS\system32\sw20.exe [208896 2006-09-07] () [Brak podpisu cyfrowego] HKLM\...\Run: [SW24] => C:\WINDOWS\system32\sw24.exe [69632 2006-09-07] () [Brak podpisu cyfrowego] HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20065384 2011-12-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation -> Intel Corporation) HKLM\...\Run: [NvCplDaemon] => C:\WINDOWS\system32\NvCpl.dll [15517984 2013-03-21] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [Panda Security URL Filtering] => C:\Program Files\Panda Security URL Filtering\Panda_URL_Filtering.exe [254448 2016-11-22] (Visicom Media Inc. -> Visicom Media Inc.) HKLM\...\Run: [SpeedTouch USB Diagnostics] => C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [888832 2004-03-23] (THOMSON Telecom Belgium) [Brak podpisu cyfrowego] HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent HKLM\...\Run: [BtTray] => C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [229888 2008-07-09] () [Brak podpisu cyfrowego] HKLM\...\Run: [PSUAMain] => C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [165120 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.) HKU\S-1-5-21-1960408961-1993962763-839522115-1003\...\Policies\Explorer: [NoDriveAutoRun] ffffffff HKU\S-1-5-21-1960408961-1993962763-839522115-1003\...\MountPoints2: J - J:\HiSuiteDownLoader.exe HKU\S-1-5-21-1960408961-1993962763-839522115-1003\...\MountPoints2: {3f8696f6-3f22-11e7-8325-a14f09512653} - J:\HiSuiteDownLoader.exe HKU\S-1-5-21-1960408961-1993962763-839522115-1003\...\MountPoints2: {76dfa5b9-80dd-11e6-818c-f14d13cc5653} - J:\HiSuiteDownLoader.exe HKU\S-1-5-21-1960408961-1993962763-839522115-1003\...\MountPoints2: {ee801e58-5269-11e4-b8a6-0018f322d88e} - D:\AutoRun.exe HKU\S-1-5-21-1960408961-1993962763-839522115-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\MA2_6.scr [2936832 2006-02-28] () [Brak podpisu cyfrowego] HKLM\Software\Microsoft\Active Setup\Installed Components: [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] -> C:\WINDOWS\system32\ieudinit.exe [2009-03-08] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINDOWS\inf\unregmp2.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> C:\WINDOWS\system32\shmgrate.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> C:\WINDOWS\system32\advpack.dll [2009-03-08] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> C:\WINDOWS\system32\advpack.dll [2009-03-08] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINDOWS\system32\advpack.dll [2009-03-08] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{7790769C-0471-11d2-AF11-00C04FA35D02}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-08-26] (Google Inc -> Google Inc.) HKLM\Software\...\Winlogon\GPExtensions: [{C631DF4C-088F-4156-B058-4375F0853CD8}] -> C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\HP Digital Imaging Monitor.lnk [2014-10-08] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk [2009-11-24] ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) [Brak podpisu cyfrowego] GroupPolicy: Ograniczenia ? <==== UWAGA GroupPolicyScripts: Ograniczenia <==== UWAGA ==================== Zaplanowane zadania============================= (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\..\Interfaces\{419B4B24-9B3B-4ACF-BAAE-D6BCF5EA9A5C}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{F0F6E310-7F23-4632-B04E-C8775FA5B884}: [NameServer] 8.8.8.8,8.8.4.4 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-1960408961-1993962763-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.pl/ HKU\S-1-5-21-1960408961-1993962763-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: [S-1-5-21-1960408961-1993962763-839522115-1003] UWAGA => Brak domyślnego URLSearchHook URLSearchHook: HKU\S-1-5-21-1960408961-1993962763-839522115-1003 - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll (Visicom Media Inc. -> ) SearchScopes: HKLM -> DefaultScope - brak wartości SearchScopes: HKU\S-1-5-21-1960408961-1993962763-839522115-1003 -> {9CFBDF21-F597-4A52-8F98-F1AB77BE4F8B} URL = hxxps://isearch.avg.com/search?cid={05BAF39F-BA2F-4F3D-BFD1-549D33AA4EB6}&mid=04b8bc702a7247d0900bd151b5c6317d-df641cc7267e03f5e3e514a97d5d9a4aaa18934d&lang=pl&ds=AVG&pr=fr&d=2012-09-01 22:10:14&v=12.2.0.5&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-1960408961-1993962763-839522115-1003 -> {AB79D3B4-AEDB-428a-B504-BAC00521A1C7} URL = hxxp://www.google-feed.net/results.php?q={searchTerms}&cx=002904446094441487865%3Ate-nlsbrcdy&cof=FORID%3A10&ie=UTF-8&said=&do=search&empty=0&from=1&CID=2&PID=STV BHO: IE7Pro BHO -> {00011268-E188-40DF-A514-835FCD78B1BF} -> C:\Program Files\IEPro\iepro.dll [2009-09-02] (GlobalNet Limited -> IE7Pro.com) [Brak podpisu cyfrowego] BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-08] (Oracle America, Inc. -> Oracle Corporation) BHO: Brak nazwy -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Brak pliku BHO: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files\pandasecuritytb\pandasecurityDx.dll [2017-03-30] (Visicom Media Inc. -> ) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-08] (Oracle America, Inc. -> Oracle Corporation) BHO: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll [2011-02-09] (ALLCinema Ltd.) [Brak podpisu cyfrowego] Toolbar: HKLM - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\pandasecuritytb\pandasecurityDx.dll [2017-03-30] (Visicom Media Inc. -> ) Toolbar: HKU\S-1-5-21-1960408961-1993962763-839522115-1003 -> Brak nazwy - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Brak pliku DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} hxxp://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://195.140.237.241/activex/AMC.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,5936/mcfscan.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll [2007-08-27] (Skype Technologies SA -> Skype Technologies) FireFox: ======== FF ProfilePath: C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default [2020-01-24] FF Homepage: C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default -> www.google.pl FF NetworkProxy: C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default -> autoconfig_url.previous.ProxyList", "-" FF Extension: (Emoji Keyboard - Emojis For Firefox) - C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default\Extensions\@emojikeyboard.xpi [2019-05-11] FF Extension: (anonymoX) - C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default\Extensions\client@anonymox.net.xpi [2015-12-23] [Przestarzałe] FF Extension: (Reverso Translate in Context) - C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default\Extensions\context@reverso.net.xpi [2019-08-21] FF Extension: (proxylist) - C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default\Extensions\jid0-so24C3b5b4J8nKyRUBfhz5QehWU@jetpack.xpi [2016-06-19] [Przestarzałe] FF Extension: (One Click Proxy) - C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default\Extensions\jid0-zXo3XFGyiDalgkeEO4UYJTUwo2I@jetpack.xpi [2015-08-25] [Przestarzałe] FF Extension: (Linky) - C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default\Extensions\linky@gemal.dk.xpi [2016-05-22] [Przestarzałe] FF Extension: (Siepomaga) - C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default\Extensions\rozszerzenie@siepomaga.pl.xpi [2016-06-19] [Przestarzałe] FF Extension: (Text to Voice) - C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default\Extensions\text2voice@vik.josh.xpi [2016-04-11] [Przestarzałe] FF Extension: (Session Manager) - C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2017-02-20] [Przestarzałe] FF Extension: (Quick Translator) - C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2015-05-29] [Przestarzałe] FF Extension: (Showcase) - C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default\Extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}.xpi [2016-06-19] [Przestarzałe] FF Extension: (Search by Image for Google) - C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi [2016-06-19] [Przestarzałe] FF Extension: (Video DownloadHelper) - C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-12] [Przestarzałe] FF Extension: (Adblock Plus - darmowy adblocker) - C:\Documents and Settings\Rafał\Dane aplikacji\Mozilla\Firefox\Profiles\q0ejc3oi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-12-29] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-04-02] [Przestarzałe] [Brak podpisu cyfrowego] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_303.dll [2020-01-05] (Adobe Inc. -> ) [Brak podpisu cyfrowego] FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-08] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-08] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc. -> RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.) [Brak podpisu cyfrowego] FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-19] (Google LLC -> Google LLC) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-19] (Google LLC -> Google LLC) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default [2020-01-22] CHR Extension: (Prezentacje) - C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-26] CHR Extension: (Dokumenty) - C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-26] CHR Extension: (Dysk Google) - C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-08-26] CHR Extension: (YouTube) - C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-26] CHR Extension: (Arkusze) - C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-26] CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-08-26] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06] CHR Extension: (Gmail) - C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-26] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] ==================== Usługi (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [775168 2008-07-09] () [Brak podpisu cyfrowego] R3 BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [69735 2008-06-04] () [Brak podpisu cyfrowego] R2 BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [143467 2008-06-04] () [Brak podpisu cyfrowego] R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96334 2009-09-08] (Canon Inc.) [Brak podpisu cyfrowego] R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2571704 2012-12-03] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) R2 DTSRVC; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [121456 2010-05-17] (Portrait Displays, Inc. -> ) R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-06-04] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-06-04] (Hewlett-Packard Co.) [Brak podpisu cyfrowego] R2 InCDsrv; C:\Program Files\Ahead\InCD\InCDsrv.exe [876032 2005-07-25] (Nero AG) [Brak podpisu cyfrowego] S2 InCDsrvR; C:\Program Files\Ahead\InCD\InCDsrv.exe [876032 2005-07-25] (Nero AG) [Brak podpisu cyfrowego] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [458464 2012-02-02] (Intel® Upgrade Service -> Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] (Intel Corporation -> ) R2 Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [132768 2011-11-09] (Intel Corporation -> Intel Corporation) R2 Iprip; C:\WINDOWS\System32\iprip.dll [35328 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation -> Intel Corporation) R2 NanoServiceMain; C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [109536 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.) R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [Brak podpisu cyfrowego] S3 p2pgasvc; C:\WINDOWS\system32\p2pgasvc.dll [105472 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R2 PandaAgent; C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.) R2 PdiService; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [109168 2010-04-16] (Portrait Displays, Inc. -> Portrait Displays, Inc.) R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [Brak podpisu cyfrowego] R2 PSUAService; C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [48784 2019-10-16] (Panda Security S.L. -> Panda Security, S.L.) S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{B4B551DA-6485-4CCE-82EF-E124D36ADB11} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) ===================== Sterowniki (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 alcan5wn; C:\WINDOWS\System32\DRIVERS\alcan5wn.sys [53600 2003-12-08] (Microsoft Windows Hardware Compatibility Publisher -> THOMSON) S3 alcaudsl; C:\WINDOWS\System32\DRIVERS\alcaudsl.sys [70688 2003-12-08] (Microsoft Windows Hardware Compatibility Publisher -> THOMSON) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative Labs Inc -> Creative) R1 AsrAppCharger; C:\WINDOWS\System32\DRIVERS\AsrAppCharger.sys [15656 2011-05-10] (ASROCK Incorporation -> Windows (R) Win 7 DDK provider) U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33800 2008-03-06] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) R3 BT; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [14600 2008-01-21] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) R3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [38920 2008-03-06] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) R0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [21512 2008-01-21] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) R3 e1cexpress; C:\WINDOWS\System32\DRIVERS\e1c5132.sys [239784 2012-03-15] (Intel Corporation -> Intel Corporation) R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [Brak podpisu cyfrowego] R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Microsoft Windows Component Publisher -> Windows (R) Server 2003 DDK provider) R0 hotcore3; C:\WINDOWS\System32\DRIVERS\hotcore3.sys [40496 2008-12-13] (Paragon Technologie GmbH -> Paragon Software Group) S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-03-08] (Microsoft Windows Hardware Compatibility Publisher -> HP) S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-03-08] (Microsoft Windows Hardware Compatibility Publisher -> HP) S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-03-08] (Microsoft Windows Hardware Compatibility Publisher -> HP) R4 InCDfs; C:\Windows\System32\Drivers\InCDfs.sys [101504 2005-07-25] (Nero AG) [Brak podpisu cyfrowego] R1 InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [29696 2005-07-25] (Nero AG) [Brak podpisu cyfrowego] U1 InCDrec; C:\Windows\System32\Drivers\InCDrec.sys [8704 2005-07-25] (Nero AG) [Brak podpisu cyfrowego] R1 incdrm; C:\Windows\System32\Drivers\incdrm.sys [28672 2005-07-25] (Nero AG) [Brak podpisu cyfrowego] R3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [26248 2008-01-21] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) R3 MEI; C:\WINDOWS\System32\DRIVERS\HECI.sys [46080 2011-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Labs Inc -> Creative Technology Ltd.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 nm; C:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 NNSALPC; C:\WINDOWS\System32\DRIVERS\NNSAlpc.sys [103840 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSDNS; C:\WINDOWS\System32\DRIVERS\NNSDns.sys [105656 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSHTTP; C:\WINDOWS\System32\DRIVERS\NNSHttp.sys [212776 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSHTTPS; C:\WINDOWS\System32\DRIVERS\NNSHttps.sys [125104 2019-03-06] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSIDS; C:\WINDOWS\System32\DRIVERS\NNSIds.sys [141712 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R3 NNSNAHS; C:\WINDOWS\System32\DRIVERS\NNSNAHS.sys [64656 2017-10-10] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPICC; C:\WINDOWS\System32\DRIVERS\NNSPicc.sys [143888 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPIHS; C:\WINDOWS\System32\DRIVERS\NNSPihs.sys [64840 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPOP3; C:\WINDOWS\System32\DRIVERS\NNSPop3.sys [130888 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPROT; C:\WINDOWS\System32\DRIVERS\NNSProt.sys [326576 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSPRV; C:\WINDOWS\System32\DRIVERS\NNSPrv.sys [242384 2019-05-30] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSSMTP; C:\WINDOWS\System32\DRIVERS\NNSSmtp.sys [118016 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSSTRM; C:\WINDOWS\System32\DRIVERS\NNSStrm.sys [276368 2019-05-30] (Panda Security S.L. -> Panda Security, S.L.) R1 NNSTLSC; C:\WINDOWS\System32\DRIVERS\NNSTlsc.sys [116992 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.) R3 PdiPorts; C:\WINDOWS\System32\Drivers\PdiPorts.sys [17136 2010-04-16] (Portrait Displays, Inc. -> Portrait Displays, Inc.) S1 Pivot; C:\WINDOWS\System32\drivers\pivot.sys [17465 2010-05-13] (Portrait Displays, Inc.) [Brak podpisu cyfrowego] S3 pivotmou; C:\WINDOWS\System32\drivers\pivotmou.sys [11323 2010-05-13] (Portrait Displays, Inc.) [Brak podpisu cyfrowego] R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [251096 2019-06-06] (Panda Security S.L. -> Panda Security, S.L.) R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [133848 2019-06-04] (Panda Security S.L. -> Panda Security, S.L.) R1 PSINKNC; C:\WINDOWS\System32\DRIVERS\psinknc.sys [188504 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.) R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133848 2019-06-04] (Panda Security S.L. -> Panda Security, S.L.) R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [145496 2019-06-06] (Panda Security S.L. -> Panda Security, S.L.) R2 PSINReg; C:\WINDOWS\System32\DRIVERS\PSINReg.sys [119000 2019-06-04] (Panda Security S.L. -> Panda Security, S.L.) R3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [60592 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.) R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2001-08-18] (Microsoft Windows Component Publisher -> Parallel Technologies, Inc.) S3 qcusbser; C:\WINDOWS\System32\DRIVERS\qcusbser.sys [216632 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated) S3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys [83968 2006-06-16] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation ) S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Microsoft Windows Component Publisher -> Realtek Semiconductor Corporation) U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation) S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Microsoft Windows Component Publisher -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider) [Brak podpisu cyfrowego] R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Windows Component Publisher -> Microsoft Corporation) R1 UimBus; C:\WINDOWS\System32\DRIVERS\UimBus.sys [32056 2008-12-13] (Paragon Technologie GmbH -> Windows (R) 2000 DDK provider) R1 Uim_IM; C:\WINDOWS\System32\Drivers\Uim_IM.sys [129896 2008-12-13] (Paragon Technologie GmbH -> Paragon) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Brak podpisu cyfrowego] S3 usbet; C:\WINDOWS\System32\DRIVERS\ETdrv.sys [166272 2010-04-29] (Etron) [Brak podpisu cyfrowego] S3 VComm; C:\WINDOWS\System32\DRIVERS\VComm.sys [14856 2008-01-21] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) R3 VcommMgr; C:\WINDOWS\System32\Drivers\VcommMgr.sys [29960 2008-01-21] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) R0 videX32; C:\WINDOWS\System32\DRIVERS\videX32.sys [9728 2006-02-23] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.) R0 xfilt; C:\WINDOWS\System32\DRIVERS\xfilt.sys [11264 2006-02-23] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies,Inc) S3 ALCXWDM; system32\drivers\ALCXWDM.SYS [X] S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X] S4 IntelIde; Brak ImagePath U1 WS2IFSL; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) =================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-01-24 18:30 - 2020-01-24 18:35 - 000034766 _____ C:\Documents and Settings\Rafał\Pulpit\FRST.txt 2020-01-24 18:28 - 2020-01-24 18:28 - 000000000 ____D C:\Documents and Settings\Rafał\Pulpit\FRST-OlderVersion 2020-01-24 18:14 - 2020-01-24 18:14 - 068436456 _____ C:\Documents and Settings\Rafał\Pulpit\Couples Yoga Challenge _ Couple of champs.mp4 2020-01-24 17:58 - 2020-01-24 17:58 - 000000000 ____H C:\Documents and Settings\All Users\Dane aplikacji\cm-lock 2020-01-22 13:59 - 2020-01-22 13:59 - 039673734 _____ C:\Documents and Settings\Rafał\Pulpit\yoga challenge.mp4 2020-01-22 12:24 - 2020-01-24 18:34 - 000000000 ____D C:\FRST 2020-01-22 12:17 - 2020-01-24 18:28 - 002311168 _____ (Farbar) C:\Documents and Settings\Rafał\Pulpit\FRST.exe 2020-01-22 00:15 - 2020-01-22 00:15 - 000307014 _____ C:\Documents and Settings\Rafał\Moje dokumenty\cc_20200122_001521.reg 2020-01-22 00:06 - 2020-01-22 00:06 - 000000000 ____D C:\Documents and Settings\Rafał\Pulpit\foty mniejsze 2020-01-22 00:02 - 2020-01-22 00:12 - 000000000 __SHD C:\Documents and Settings\Rafał\UserData 2020-01-19 21:55 - 2020-01-19 21:55 - 000000938 _____ C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job 2020-01-11 17:40 - 2017-05-22 11:29 - 000060592 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys 2020-01-09 17:34 - 2020-01-23 23:17 - 000065536 _____ C:\WINDOWS\system32\config\Nano.evt 2020-01-09 17:33 - 2020-01-09 17:36 - 000002005 _____ C:\Documents and Settings\All Users\Pulpit\Panda Dome.lnk 2020-01-09 17:33 - 2020-01-09 17:33 - 000000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Panda Dome 2020-01-09 17:13 - 2020-01-09 17:13 - 001969632 _____ (Panda Security, S.L.) C:\Documents and Settings\Rafał\Pulpit\uninstaller.exe 2020-01-05 01:13 - 2020-01-05 01:13 - 000206755 _____ C:\Documents and Settings\Rafał\Pulpit\Panoramiczny dach odsuwany - sprawdzanie, czyszczenie i smarowanie.pdf 2020-01-05 01:13 - 2020-01-05 01:13 - 000171199 _____ C:\Documents and Settings\Rafał\Pulpit\Dach odsuwany, podnoszony - czyszczenie i smarowanie.pdf 2020-01-05 00:21 - 2020-01-05 00:21 - 000842296 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerApp.exe 2020-01-05 00:21 - 2020-01-05 00:21 - 000175160 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2020-01-03 01:41 - 2020-01-22 01:26 - 000000000 ____D C:\Documents and Settings\Rafał\Pulpit\Lift and carry galore 2020-01-03 01:41 - 2020-01-07 23:52 - 000000000 ____D C:\Documents and Settings\Rafał\Pulpit\Lift and carry galore filmy ==================== Jeden miesiąc (zmodyfikowane) ================== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2020-01-24 18:35 - 2009-11-23 14:40 - 000000000 ____D C:\Documents and Settings\Rafał\Ustawienia lokalne\Temp 2020-01-24 18:30 - 2009-11-23 14:40 - 000000000 ____D C:\Documents and Settings\Rafał\Pulpit 2020-01-24 18:06 - 2009-11-24 13:29 - 000000116 _____ C:\WINDOWS\NeroDigital.ini 2020-01-24 18:05 - 2012-07-11 21:04 - 000000000 ____D C:\Documents and Settings\Rafał\Pulpit\forowe 2020-01-24 17:58 - 2019-08-26 02:56 - 000001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2020-01-24 17:58 - 2015-12-23 15:39 - 000000816 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2020-01-24 17:58 - 2014-08-08 23:17 - 000000053 _____ C:\biosinfo 2020-01-24 17:58 - 2009-11-23 15:22 - 000000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2020-01-24 17:58 - 2009-11-23 14:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-01-24 17:58 - 2008-07-09 19:51 - 000000976 _____ C:\WINDOWS\system32\bscs.ini 2020-01-24 17:58 - 2001-07-22 01:17 - 000002206 _____ C:\WINDOWS\system32\wpa.dbl 2020-01-23 23:17 - 2017-12-22 02:24 - 005677542 _____ C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1960408961-1993962763-839522115-1003-0.dat 2020-01-23 23:17 - 2017-12-22 02:24 - 000200714 _____ C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat 2020-01-23 23:17 - 2009-11-23 14:37 - 000032292 _____ C:\WINDOWS\SchedLgU.Txt 2020-01-23 23:16 - 2009-11-23 14:40 - 000000292 ___SH C:\Documents and Settings\Rafał\ntuser.ini 2020-01-23 23:16 - 2009-11-23 14:40 - 000000000 ____D C:\Documents and Settings\Rafał 2020-01-23 22:50 - 2009-11-28 21:30 - 000923396 _____ C:\Documents and Settings\Rafał\Pulpit\Dawne.txt 2020-01-23 22:39 - 2019-08-26 02:56 - 000001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2020-01-23 20:19 - 2017-06-12 12:53 - 000000000 ____D C:\Documents and Settings\Rafał\Pulpit\fucky3 2020-01-22 15:16 - 2010-05-27 14:20 - 000001324 _____ C:\WINDOWS\system32\d3d9caps.dat 2020-01-22 01:36 - 2019-07-02 00:02 - 000004572 _____ C:\WINDOWS\system32\LOCALSERVICE.INI 2020-01-22 01:32 - 2019-07-02 00:02 - 000000107 _____ C:\WINDOWS\system32\LOCALDEVICE.INI 2020-01-22 00:15 - 2009-11-23 14:40 - 000000000 ___RD C:\Documents and Settings\Rafał\Moje dokumenty 2020-01-22 00:07 - 2009-11-24 03:14 - 000000000 ____D C:\Documents and Settings\Administrator 2020-01-22 00:07 - 2009-11-23 14:37 - 000000000 __SHD C:\Documents and Settings\NetworkService 2020-01-22 00:07 - 2009-11-23 14:37 - 000000000 __SHD C:\Documents and Settings\LocalService 2020-01-22 00:07 - 2009-11-23 14:31 - 000000000 ____D C:\WINDOWS\Registration 2020-01-22 00:06 - 2014-08-28 14:09 - 000000000 ____D C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\Adobe 2020-01-22 00:06 - 2009-11-23 14:32 - 000000000 ____D C:\WINDOWS\system32\Macromed 2020-01-22 00:03 - 2009-11-26 14:29 - 000000000 ____D C:\Documents and Settings\Rafał\Dane aplikacji\Media Player Classic 2020-01-14 21:21 - 2013-05-19 02:45 - 000000000 ____D C:\Documents and Settings\Rafał\Pulpit\mp3 2020-01-13 21:53 - 2010-01-09 13:06 - 000002487 _____ C:\Documents and Settings\Rafał\Pulpit\Wzrok.txt 2020-01-12 23:20 - 2009-11-25 20:33 - 000000000 ____D C:\Program Files\LCHESS30 2020-01-12 17:55 - 2013-05-22 00:23 - 000496128 ___SH C:\Documents and Settings\Rafał\Pulpit\Thumbs.db 2020-01-11 00:21 - 2009-11-23 15:22 - 000204120 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-01-11 00:21 - 2009-11-23 14:40 - 000000000 ___HD C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji 2020-01-10 00:42 - 2012-03-11 19:32 - 000000000 ____D C:\Documents and Settings\Rafał\dwhelper 2020-01-09 17:37 - 2017-12-22 00:19 - 000000000 ____D C:\Program Files\Panda Security 2020-01-09 17:37 - 2017-12-21 23:48 - 000000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Panda Security 2020-01-09 17:36 - 2009-11-23 17:14 - 000036816 _____ C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2020-01-09 17:36 - 2009-11-23 15:16 - 000000000 ___HD C:\WINDOWS\inf 2020-01-09 17:35 - 2017-12-22 00:21 - 000000000 ____D C:\Documents and Settings\Rafał\Dane aplikacji\Panda Security 2020-01-09 17:33 - 2009-11-23 15:22 - 000000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2020-01-09 17:33 - 2009-11-23 15:22 - 000000000 ____D C:\Documents and Settings\All Users\Pulpit 2020-01-09 16:16 - 2015-12-23 15:39 - 000000818 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2020-01-08 02:29 - 2017-01-24 17:29 - 000019602 _____ C:\Documents and Settings\Rafał\Pulpit\GNmatings.pgn 2020-01-08 02:05 - 2009-11-23 14:40 - 000000000 ___RD C:\Documents and Settings\Rafał\Moje dokumenty\Moja muzyka 2020-01-08 02:04 - 2016-02-19 14:08 - 003413510 _____ C:\Documents and Settings\Rafał\Pulpit\Kurnik towarzyskie kurnik.pgn 2020-01-04 02:20 - 2009-11-24 13:29 - 000055808 _____ C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== Pliki w katalogu głównym wybranych folderów ======== 2010-01-18 02:53 - 2010-01-18 02:53 - 000000001 _____ () C:\Documents and Settings\Rafał\BZAORZ.DAT 2013-06-27 01:58 - 2014-06-23 12:28 - 000003728 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml 2009-11-24 13:29 - 2020-01-04 02:20 - 000055808 _____ () C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2008-02-05 13:28 - 2008-02-05 13:28 - 000000051 _____ () C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\setup.txt 2019-12-09 01:53 - 2019-12-09 01:53 - 000000147 _____ () C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\temp_runbat.vbs 2015-12-22 17:30 - 2015-12-22 17:30 - 000000003 _____ () C:\Documents and Settings\Rafał\Ustawienia lokalne\Dane aplikacji\user_data.ini 2017-12-21 22:05 - 2017-12-21 22:05 - 000014311 _____ () C:\Documents and Settings\All Users\Dane aplikacji\agent.1513890329.bdinstall.bin 2020-01-24 17:58 - 2020-01-24 17:58 - 000000000 ____H () C:\Documents and Settings\All Users\Dane aplikacji\cm-lock 2009-11-23 17:06 - 2016-01-12 14:37 - 000009207 _____ () C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log 2014-06-02 20:25 - 2014-06-02 20:25 - 000000340 _____ () C:\Documents and Settings\All Users\Dane aplikacji\SMRResults410.dat ==================== SigCheck ============================ (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) ==================== Koniec FRST.txt ========================