Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:08-10-2015 Uruchomiony przez barbara (administrator) LENOVO (13-10-2015 15:11:27) Uruchomiony z C:\ Załadowane profile: barbara (Dostępne profile: barbara & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 8 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Lenovo) C:\WINDOWS\system32\ibmpmsvc.exe (Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Lenovo Group Limited) C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Ltd.) C:\PROGRA~1\ThinkPad\UTILIT~1\EZEJMNAP.EXE (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Lenovo Group Limited) C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.EXE (Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Google Inc.) C:\Documents and Settings\barbara\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) C:\PROGRA~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE (Lenovo Group Limited) C:\WINDOWS\system32\IPSSVC.EXE (Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe () C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe (InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo.) C:\WINDOWS\system32\TPHDEXLG.exe (IBM) C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe () C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe () C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe () C:\Program Files\Common Files\Lenovo\Logger\logmon.exe (Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe (Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (Lenovo ) C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe (Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SynTPLpr] => C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [110592 2007-07-05] (Synaptics, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [512000 2007-07-05] (Synaptics, Inc.) HKLM\...\Run: [PWRMGRTR] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor HKLM\...\Run: [BLOG] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog HKLM\...\Run: [TPFNF7] => C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [58416 2007-04-09] (Lenovo Group Limited) HKLM\...\Run: [TPHOTKEY] => C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [66176 2007-03-09] (Lenovo Group Limited) HKLM\...\Run: [EZEJMNAP] => C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE [243248 2007-03-28] (Lenovo Group Ltd.) HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1015808 2007-04-09] (Analog Devices, Inc.) HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [839680 2007-04-03] (Analog Devices, Inc.) HKLM\...\Run: [AwaySch] => C:\Program Files\Lenovo\AwayTask\AwaySch.EXE [91688 2006-11-07] (Lenovo Group Limited) HKLM\...\Run: [LPManager] => C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE [120368 2007-04-26] (Lenovo Group Limited) HKLM\...\Run: [ACTray] => C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [413696 2007-07-05] (Lenovo ) HKLM\...\Run: [TVT Scheduler Proxy] => C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [487424 2008-03-04] (Lenovo Group Limited) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-30] (AVAST Software) Winlogon\Notify\ACNotify: C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll [2007-07-05] (Lenovo ) Winlogon\Notify\psfus: C:\WINDOWS\system32\psqlpwd.dll [2007-03-14] (UPEK Inc.) Winlogon\Notify\tpfnf2: C:\Program Files\Lenovo\HOTKEY\notifyf2.dll [2006-09-06] () Winlogon\Notify\tphotkey: C:\Program Files\Lenovo\HOTKEY\tphklock.dll [2006-12-14] () HKLM\...\Policies\Explorer: [NoCDBurning] 0 HKU\S-1-5-21-556579389-2633179073-3079579657-1008\...\Run: [Google Update] => C:\Documents and Settings\barbara\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe [144200 2015-10-09] (Google Inc.) HKU\S-1-5-21-556579389-2633179073-3079579657-1008\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd) HKU\S-1-5-21-556579389-2633179073-3079579657-1008\...\Run: [Mobile Partner] => C:\Program Files\PLAY Web partner\PLAY Web partner HKU\S-1-5-21-556579389-2633179073-3079579657-1008\...\Run: [Avast-Browser-Cleanup] => C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe [1503712 2015-09-04] (AVAST Software) HKU\S-1-5-21-556579389-2633179073-3079579657-1008\...\MountPoints2: {0ee2a5e2-24d4-11e2-a0ea-001c26d742a1} - F:\Gazeta.exe Lsa: [Notification Packages] scecli ACGina psqlpwd ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-09-30] (AVAST Software) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\barbara\Dane aplikacji\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\barbara\Dane aplikacji\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\barbara\Dane aplikacji\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\barbara\Dane aplikacji\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BTTray.lnk [2007-11-21] ShortcutTarget: BTTray.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [94208 2006-02-28] (Apple Computer, Inc.) Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-07] (AVAST Software) BHO: CPwmIEBrowserHelper Object -> {F040E541-A427-4CF7-85D8-75E3E0F476C5} -> C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2007-08-03] (Lenovo Group Limited) DPF: {CAFEEFAC-0018-0000-0060-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_60-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab FireFox: ======== FF Plugin HKU\S-1-5-21-556579389-2633179073-3079579657-1008: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\barbara\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-09] (Google Inc.) FF Plugin HKU\S-1-5-21-556579389-2633179073-3079579657-1008: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\barbara\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-09] (Google Inc.) Chrome: ======= CHR Plugin: (Widevine Content Decryption Module) - C:\Documents and Settings\barbara\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.) CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll () CHR Profile: C:\Documents and Settings\barbara\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Documents and Settings\barbara\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-15] CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AcPrfMgrSvc; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [65536 2007-07-05] (Lenovo ) [Brak podpisu cyfrowego] R2 AcSvc; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [184320 2007-07-05] (Lenovo ) [Brak podpisu cyfrowego] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-30] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-09-30] (AVAST Software) S4 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Brak podpisu cyfrowego] R2 btwdins; C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe [266295 2007-02-27] (Broadcom Corporation.) [Brak podpisu cyfrowego] R2 Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [622700 2006-05-23] (Diskeeper Corporation) [Brak podpisu cyfrowego] R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [647168 2007-04-16] (Intel Corporation) [Brak podpisu cyfrowego] S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-04-19] (Macrovision Europe Ltd.) [Brak podpisu cyfrowego] R2 HWDeviceService.exe; C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe [271712 2011-03-14] () S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 IPSSVC; C:\WINDOWS\system32\IPSSVC.EXE [108080 2007-01-30] (Lenovo Group Limited) S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation) R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-04-16] (Intel Corporation) [Brak podpisu cyfrowego] R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [983040 2007-04-16] (Intel Corporation ) [Brak podpisu cyfrowego] R2 SUService; c:\program files\lenovo\system update\suservice.exe [28672 2011-07-26] (Lenovo Group Limited) [Brak podpisu cyfrowego] R2 TSSCoreService; C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [722232 2007-08-03] (IBM) S2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1699168 2012-10-15] (TuneUp Software) R2 TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [569344 2007-02-08] () [Brak podpisu cyfrowego] R2 TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [950272 2007-02-08] (Lenovo Group Limited) [Brak podpisu cyfrowego] R2 TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [1122304 2008-03-04] (Lenovo Group Limited) [Brak podpisu cyfrowego] R2 tvtnetwk; C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe [45056 2007-02-08] () [Brak podpisu cyfrowego] S3 WMConnectCDS; C:\Program Files\Windows Media Connect 2\wmccds.exe [856064 2005-10-06] (Microsoft Corporation) [Brak podpisu cyfrowego] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation) S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation) R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21393 2007-11-21] (Cisco Systems, Inc.) R1 ANC; C:\WINDOWS\System32\drivers\ANC.SYS [11520 2005-11-08] (IBM Corp.) [Brak podpisu cyfrowego] R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-09-30] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26096 2015-09-30] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [76000 2015-09-30] (AVAST Software) R0 aswNdis; C:\WINDOWS\System32\DRIVERS\aswNdis.sys [12112 2013-03-13] (ALWIL Software) R0 aswNdis2; C:\WINDOWS\system32\Drivers\aswNdis2.sys [256160 2015-09-30] (AVAST Software) R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-09-30] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-09-30] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [789296 2015-09-30] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [434184 2015-09-30] (AVAST Software) R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [157888 2015-09-30] (AVAST Software) S3 aswTap; C:\WINDOWS\System32\DRIVERS\aswTap.sys [35144 2014-07-12] (The OpenVPN Project) S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-09-30] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [208664 2015-09-30] (AVAST Software) R3 atmeltpm; C:\WINDOWS\System32\DRIVERS\atmeltpm.sys [15872 2005-05-17] (Atmel, Inc.) R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [530861 2007-01-24] (Broadcom Corporation.) R3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [30459 2006-10-09] (Broadcom Corporation.) R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [868042 2007-02-27] (Broadcom Corporation.) R3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [149123 2006-10-15] (Broadcom Corporation.) R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [67960 2007-01-24] (Broadcom Corporation.) R2 DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [25628 2006-02-02] (Sonic Solutions) [Brak podpisu cyfrowego] R1 DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [5660 2005-11-18] (Sonic Solutions) [Brak podpisu cyfrowego] R2 DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2496 2006-02-02] (Sonic Solutions) [Brak podpisu cyfrowego] R2 DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [86652 2006-02-02] (Sonic Solutions) [Brak podpisu cyfrowego] R2 DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [14684 2006-02-02] (Sonic Solutions) [Brak podpisu cyfrowego] R2 DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [6364 2006-02-02] (Sonic Solutions) [Brak podpisu cyfrowego] R1 DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [22684 2005-11-18] (Sonic Solutions) [Brak podpisu cyfrowego] R2 DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [94332 2006-02-02] (Sonic Solutions) [Brak podpisu cyfrowego] R2 DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [87036 2006-02-02] (Sonic Solutions) [Brak podpisu cyfrowego] R0 DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [89472 2006-03-01] (Sonic Solutions) [Brak podpisu cyfrowego] R2 DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [40544 2005-11-18] (Sonic Solutions) [Brak podpisu cyfrowego] R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [242240 2012-11-02] (DT Soft Ltd) S3 filtertdidriver; C:\WINDOWS\System32\drivers\ewfiltertdidriver.sys [7552 2009-02-27] (Huawei Technologies Co., Ltd.) [Brak podpisu cyfrowego] S3 G400; C:\WINDOWS\System32\DRIVERS\G400m.sys [322432 2001-10-26] (Matrox Graphics Inc.) R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-22] (Conexant Systems, Inc.) R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-22] (Conexant Systems, Inc.) S3 huawei_cdcacm; C:\WINDOWS\System32\DRIVERS\ew_jucdcacm.sys [89856 2011-09-09] (Huawei Technologies Co., Ltd.) S3 huawei_cdcecm; C:\WINDOWS\System32\DRIVERS\ew_jucdcecm.sys [66688 2011-09-09] (Huawei Technologies Co., Ltd.) S3 huawei_ext_ctrl; C:\WINDOWS\System32\DRIVERS\ew_juextctrl.sys [26624 2011-09-09] (Huawei Technologies Co., Ltd.) R1 IBMTPCHK; C:\WINDOWS\system32\Drivers\IBMBLDID.sys [4224 2007-04-02] () [Brak podpisu cyfrowego] R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [21060 2003-09-11] (InterVideo, Inc.) [Brak podpisu cyfrowego] R3 NETw4x32; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2206976 2007-04-30] (Intel Corporation) R2 pmem; C:\WINDOWS\System32\drivers\pmemnt.sys [7012 2007-11-21] (Microsoft Corporation) [Brak podpisu cyfrowego] R2 PROCDD; C:\WINDOWS\System32\DRIVERS\PROCDD.SYS [12080 2006-11-06] (Lenovo Group Limited) R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12416 2007-03-29] (Intel Corporation) [Brak podpisu cyfrowego] R2 smihlp; C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [11152 2007-03-14] (UPEK Inc.) R1 TPHKDRV; C:\WINDOWS\System32\DRIVERS\TPHKDRV.sys [17778 2006-10-23] (IBM Corporation) R1 TPPWRIF; C:\WINDOWS\System32\drivers\Tppwrif.sys [4442 2007-09-05] () [Brak podpisu cyfrowego] R1 TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [12848 2007-04-09] () S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-09-19] (TuneUp Software) R3 TVTPktFilter; C:\WINDOWS\System32\DRIVERS\tvtpktfilter.sys [17664 2007-02-08] (Lenovo Group Limited) U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [79232 2008-04-13] (Microsoft Corporation) U1 WS2IFSL; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-10-09 12:11 - 2015-10-09 12:11 - 00000810 _____ C:\Documents and Settings\Administrator\Menu Start\Programy\Internet Explorer.lnk 2015-10-09 12:11 - 2015-10-09 12:11 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\AVAST Software 2015-10-09 12:10 - 2015-10-09 12:10 - 00000793 _____ C:\Documents and Settings\Administrator\Pulpit\Windows Media Player.lnk 2015-10-09 12:10 - 2015-10-09 12:10 - 00000247 _____ C:\WINDOWS\wmsetup.log 2015-10-09 12:10 - 2015-10-09 12:10 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache 2015-10-09 12:10 - 2015-10-09 12:10 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google 2015-10-09 12:10 - 2015-10-09 12:10 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\Intel 2015-10-05 09:15 - 2015-10-09 12:12 - 00000000 ____D C:\FRST-OlderVersion 2015-10-05 08:33 - 2012-07-05 22:06 - 00772544 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll 2015-10-05 08:33 - 2012-07-05 22:06 - 00687544 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll 2015-10-02 09:09 - 2015-10-02 09:09 - 00084556 _____ C:\Shortcut.txt 2015-10-02 09:07 - 2015-10-09 12:14 - 00061899 _____ C:\Addition.txt 2015-10-02 09:06 - 2015-10-13 15:11 - 00010912 _____ C:\FRST.txt 2015-10-02 09:06 - 2015-10-13 15:11 - 00000000 ____D C:\FRST 2015-10-02 09:05 - 2015-10-09 12:12 - 01698304 _____ (Farbar) C:\FRST.exe 2015-10-02 09:05 - 2015-10-02 08:59 - 00380416 _____ C:\kwbs6gk4.exe 2015-09-30 20:40 - 2015-10-09 12:22 - 00074835 _____ C:\WINDOWS\setupapi.log 2015-09-30 20:39 - 2015-09-30 20:39 - 00313472 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2015-09-30 20:39 - 2015-09-30 20:39 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2015-09-30 16:20 - 2011-10-24 17:31 - 00239488 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbnet.sys 2015-09-30 16:20 - 2011-09-09 12:50 - 00089856 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcacm.sys 2015-09-30 16:20 - 2011-09-09 12:50 - 00073984 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys 2015-09-30 16:20 - 2011-09-09 12:50 - 00066688 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcecm.sys 2015-09-30 16:20 - 2011-09-09 12:50 - 00026624 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juextctrl.sys 2015-09-30 16:20 - 2011-08-16 18:17 - 00195200 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys 2015-09-30 16:20 - 2010-10-08 17:55 - 00025856 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys 2015-09-30 16:20 - 2010-09-26 19:09 - 00019200 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwupgrade.sys 2015-09-30 16:20 - 2010-08-06 08:42 - 00861696 _____ (DiBcom SA) C:\WINDOWS\system32\Drivers\mod7700.sys 2015-09-30 16:20 - 2010-07-27 10:52 - 00102784 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwusbdev.sys 2015-09-30 16:20 - 2010-03-20 13:06 - 00011136 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbenumfilter.sys 2015-09-30 16:20 - 2005-05-13 17:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccid.sys ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-10-13 15:11 - 2012-09-15 17:39 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job 2015-10-13 15:11 - 2008-02-27 18:56 - 00000000 ____D C:\Documents and Settings\barbara\Ustawienia lokalne\Temp 2015-10-13 15:09 - 2010-02-10 10:36 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-13 15:06 - 2007-11-21 17:49 - 01280846 _____ C:\WINDOWS\WindowsUpdate.log 2015-10-13 15:05 - 2007-11-21 17:48 - 00002278 _____ C:\WINDOWS\system32\wpa.dbl 2015-10-13 15:05 - 2007-07-27 08:37 - 00025269 _____ C:\WINDOWS\system32\PROCDB.INI 2015-10-13 15:04 - 2007-11-21 17:49 - 00000159 _____ C:\WINDOWS\wiadebug.log 2015-10-13 15:04 - 2007-11-21 17:49 - 00000050 _____ C:\WINDOWS\wiaservc.log 2015-10-13 15:04 - 2007-11-21 10:14 - 00000316 _____ C:\WINDOWS\Tasks\PMTask.job 2015-10-13 15:04 - 2007-07-27 08:37 - 00000380 _____ C:\WINDOWS\system32\IPSCtrl.INI 2015-10-13 15:03 - 2014-04-01 07:10 - 00000226 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2015-10-13 15:03 - 2010-02-10 10:36 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-13 15:02 - 2007-11-21 17:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-10-13 15:02 - 2007-11-21 10:20 - 00042876 _____ C:\TPHKLOCK.TXT 2015-10-13 11:34 - 2008-02-27 18:56 - 00000188 ___SH C:\Documents and Settings\barbara\ntuser.ini 2015-10-13 11:34 - 2008-02-27 18:56 - 00000000 ____D C:\Documents and Settings\barbara 2015-10-13 11:34 - 2007-11-21 17:49 - 00032306 _____ C:\WINDOWS\SchedLgU.Txt 2015-10-13 11:30 - 2007-11-21 10:35 - 00000000 ____D C:\SWSHARE 2015-10-13 11:29 - 2011-04-02 08:07 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-556579389-2633179073-3079579657-1008UA.job 2015-10-09 12:23 - 2011-04-02 08:07 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-556579389-2633179073-3079579657-1008Core.job 2015-10-09 12:19 - 2012-08-26 14:47 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-10-09 12:18 - 2007-11-21 17:49 - 00000188 ___SH C:\Documents and Settings\Administrator\ntuser.ini 2015-10-09 12:17 - 2007-11-21 17:48 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp 2015-10-09 12:11 - 2007-11-21 17:49 - 00000745 _____ C:\Documents and Settings\Administrator\Menu Start\Programy\Outlook Express.lnk 2015-10-09 12:11 - 2007-11-21 17:48 - 00000000 __RHD C:\Documents and Settings\Administrator\Dane aplikacji 2015-10-09 12:11 - 2007-11-21 17:48 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy 2015-10-09 12:11 - 2007-11-21 10:32 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\Adobe 2015-10-09 12:10 - 2007-11-21 17:49 - 00000799 _____ C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk 2015-10-09 12:10 - 2007-11-21 17:48 - 00000000 __SHD C:\Documents and Settings\Administrator\Ustawienia lokalne\Historia 2015-10-09 12:10 - 2007-11-21 17:48 - 00000000 ___RD C:\Documents and Settings\Administrator\Ulubione 2015-10-09 12:10 - 2007-11-21 17:48 - 00000000 ___RD C:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy 2015-10-09 12:10 - 2007-11-21 17:48 - 00000000 ___RD C:\Documents and Settings\Administrator\Moje dokumenty\Moja muzyka 2015-10-09 12:10 - 2007-11-21 17:48 - 00000000 ___RD C:\Documents and Settings\Administrator\Moje dokumenty 2015-10-09 12:10 - 2007-11-21 17:48 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria 2015-10-09 12:10 - 2007-11-21 17:48 - 00000000 ___HD C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji 2015-10-09 12:10 - 2007-11-21 17:48 - 00000000 ____D C:\Documents and Settings\Administrator\Pulpit 2015-10-09 12:10 - 2007-11-21 17:48 - 00000000 ____D C:\Documents and Settings\Administrator 2015-10-09 12:08 - 2007-11-21 10:19 - 01045312 _____ C:\WINDOWS\system32\TPAPSLOG.LOG 2015-10-09 11:19 - 2007-11-21 17:48 - 00000000 ____D C:\Documents and Settings\NetworkService\Ustawienia lokalne\Temp 2015-10-05 09:35 - 2008-02-27 18:56 - 00000000 ____D C:\Documents and Settings\barbara\Pulpit 2015-10-05 08:47 - 2008-02-27 18:56 - 00000000 __SHD C:\Documents and Settings\barbara\Ustawienia lokalne\Historia 2015-10-05 08:47 - 2007-11-21 17:48 - 00000000 __SHD C:\Documents and Settings\NetworkService\Ustawienia lokalne\Historia 2015-10-05 08:45 - 2007-11-21 17:48 - 00000000 __SHD C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia 2015-10-05 08:40 - 2011-09-11 13:21 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Walor 3 2015-10-05 08:40 - 2008-11-21 19:33 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Tarbonus 2015-10-05 08:40 - 2008-02-27 18:56 - 00000732 _____ C:\Documents and Settings\barbara\Menu Start\Programy\Internet Explorer.lnk 2015-10-05 08:40 - 2008-02-27 18:56 - 00000000 __RHD C:\Documents and Settings\barbara\Dane aplikacji 2015-10-05 08:40 - 2008-02-27 18:56 - 00000000 ___RD C:\Documents and Settings\barbara\Menu Start\Programy 2015-10-05 08:40 - 2007-11-21 17:48 - 00000000 __SHD C:\Documents and Settings\Default User\Ustawienia lokalne\Historia 2015-10-05 08:40 - 2007-11-21 17:48 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2015-10-05 08:40 - 2007-11-21 17:48 - 00000000 ____D C:\Documents and Settings\LocalService\Ustawienia lokalne\Temp 2015-10-05 08:40 - 2007-11-21 17:48 - 00000000 ____D C:\Documents and Settings\Default User\Ustawienia lokalne\Temp 2015-10-05 08:34 - 2008-07-16 12:19 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Symantec 2015-10-05 08:34 - 2008-07-16 12:18 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared 2015-10-05 08:33 - 2007-11-21 17:48 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2015-10-05 08:33 - 2007-11-21 10:23 - 00000000 ____D C:\Program Files\Java 2015-10-05 08:33 - 2007-11-21 10:23 - 00000000 ____D C:\Program Files\Common Files\Java 2015-10-05 08:19 - 2008-02-27 18:56 - 00000000 ____D C:\Documents and Settings\barbara\Ustawienia lokalne\Dane aplikacji\Adobe 2015-10-05 08:19 - 2007-11-21 17:48 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2015-10-05 08:19 - 2007-11-21 10:27 - 00000000 ____D C:\Program Files\Common Files\Adobe 2015-10-05 08:19 - 2007-11-21 10:27 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Adobe 2015-10-02 08:29 - 2007-11-21 17:49 - 01363592 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-10-02 08:29 - 2007-11-21 17:48 - 00588890 _____ C:\WINDOWS\system32\perfh015.dat 2015-10-02 08:29 - 2007-11-21 17:48 - 00127176 _____ C:\WINDOWS\system32\perfc015.dat 2015-10-01 12:52 - 2008-02-27 18:56 - 00000000 ___HD C:\Documents and Settings\barbara\Ustawienia lokalne\Dane aplikacji 2015-09-30 20:43 - 2015-08-07 16:05 - 00268244 _____ C:\WINDOWS\Wdf01009Inst.log 2015-09-30 20:39 - 2015-08-07 16:04 - 00157888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys 2015-09-30 20:39 - 2014-05-18 21:42 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2015-09-30 20:39 - 2013-03-24 16:03 - 00208664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2015-09-30 20:39 - 2013-03-24 16:03 - 00076000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2015-09-30 20:39 - 2013-03-24 16:03 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2015-09-30 20:39 - 2012-09-15 17:39 - 00434184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2015-09-30 20:39 - 2012-09-15 17:39 - 00057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys 2015-09-30 20:39 - 2012-09-15 17:39 - 00055200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys 2015-09-30 20:38 - 2013-05-12 00:06 - 00256160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdis2.sys 2015-09-30 20:38 - 2013-05-12 00:06 - 00026096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2015-09-30 20:38 - 2012-09-15 17:39 - 00789296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2015-09-30 16:41 - 2015-08-07 16:05 - 01697173 _____ C:\WINDOWS\setupapi.log.7.old 2015-09-30 16:41 - 2015-02-19 21:08 - 00514025 _____ C:\WINDOWS\setupact.log 2015-09-27 19:10 - 2015-02-15 20:09 - 00001826 _____ C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2015-09-26 18:19 - 2015-08-12 19:19 - 18306248 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe 2015-09-26 18:19 - 2012-08-26 14:47 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-09-26 18:19 - 2012-08-26 14:47 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-09-13 12:05 - 2008-03-21 14:50 - 00000000 ____D C:\Documents and Settings\barbara\Ustawienia lokalne\Dane aplikacji\Google ==================== Pliki w katalogu głównym wybranych folderów ======= 2009-06-20 20:53 - 2012-11-18 12:22 - 0009216 _____ () C:\Documents and Settings\barbara\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2008-02-27 18:56 - 2010-03-01 12:00 - 0000132 _____ () C:\Documents and Settings\barbara\Ustawienia lokalne\Dane aplikacji\fusioncache.dat ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo ==================== Koniec FRST.txt ============================