Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:31-12-2015 Uruchomiony przez Hubert (administrator) SOLANOWS-6C229C (03-01-2016 16:30:10) Uruchomiony z C:\Documents and Settings\Hubert\Pulpit Załadowane profile: Hubert (Dostępne profile: Hubert & Administrator) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 8 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\Av\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Skype Technologies S.A.) C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Microsoft Corporation) C:\Program Files\Zune\ZuneBusEnum.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe (ZSMCSNAP) C:\WINDOWS\VMSnap3.EXE (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\rapimgr.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM\...\Run: [VMSnap3] => C:\WINDOWS\VMSnap3.EXE [49152 2006-08-30] (ZSMCSNAP) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation) HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3855272 2015-12-09] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [nwiz] => nwiz.exe /installquiet HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Policies\Explorer: [NoCDBurning] 0 HKU\S-1-5-21-1177238915-842925246-839522115-1004\...\Run: [H/PC Connection Agent] => C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation) HKU\S-1-5-21-1177238915-842925246-839522115-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-11-16] (Piriform Ltd) HKU\S-1-5-18\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe -update plugin HKU\S-1-5-18\...\RunOnce: [Del12048296] => cmd.exe /Q /D /c del "C:\WINDOWS\TEMP\0.del" <===== UWAGA HKU\S-1-5-18\...\RunOnce: [Del628125] => cmd.exe /Q /D /c del "C:\WINDOWS\TEMP\0.del" <===== UWAGA ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Brak pliku BootExecute: autocheck autochk * C:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1C675F30-A5E8-4997-9DF5-718047BC2E39}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{2B1EA1A4-7D10-4E81-819A-CC00FD9137F6}: [NameServer] 192.168.0.1,141.219.70.30 Tcpip\..\Interfaces\{7C52C3A8-E06D-4001-A914-96F15B0930F9}: [NameServer] 10.10.10.1,10.10.10.2 Tcpip\..\Interfaces\{BBDC4B4D-2C8E-476E-B7F7-A9DD4F0D0DAD}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-1177238915-842925246-839522115-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-1177238915-842925246-839522115-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} HKU\S-1-5-21-1177238915-842925246-839522115-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl HKU\S-1-5-21-1177238915-842925246-839522115-1004\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-1177238915-842925246-839522115-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= UWAGA SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-1177238915-842925246-839522115-1004 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKU\S-1-5-21-1177238915-842925246-839522115-1004 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKU\S-1-5-21-1177238915-842925246-839522115-1004 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-10-22] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation) Toolbar: HKLM - Brak nazwy - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - Brak pliku DPF: {68282C51-9459-467B-95BF-3C0E89627E55} hxxp://www.mks.com.pl/skaner/SkanerOnline.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Brak pliku FireFox: ======== FF ProfilePath: C:\Documents and Settings\Hubert\Dane aplikacji\Mozilla\Firefox\Profiles\myt0f58r.default FF Homepage: hxxp://google.com/ FF Session Restore: -> [funkcja włączona] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.) FF Plugin: @ganymede/CARDS,version=1.0 -> C:\Program Files\Ganymede\Plugins\CARDS\NPCARDS.dll [2011-07-15] (Ganymede Technologies) FF Plugin: @ganymede/MARBLES,version=1.0 -> C:\Program Files\Ganymede\Plugins\MARBLES\NPMARBLES.dll [2011-07-15] (Ganymede Technologies) FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Program Files\TVUPlayer\npTVUAx.dll [Brak pliku] FF Plugin: @rayv.com/rayvplugin -> C:\Program Files\RayV\RayV\plugins\nprayvplugin.dll [2010-06-07] (RayV) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-03] (Google Inc.) FF Plugin: @veetle.com/vbp;version=0.9.17 -> C:\Program Files\Veetle\VLCBroadcast\npvbp.dll [2010-03-23] (Veetle Inc) FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2010-10-16] (Veetle Inc) FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc) FF Plugin: @videolan.org/vlc;version=0.8.6i -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Brak pliku] FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1177238915-842925246-839522115-1004: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [Brak pliku] FF Plugin HKU\S-1-5-21-1177238915-842925246-839522115-1004: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-19] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-1177238915-842925246-839522115-1004: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Brak pliku] FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPCARDS.dll [2011-07-15] (Ganymede Technologies) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npganymedenet.dll [2008-11-24] ( ) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPMAHJONG.dll [2008-06-24] (Ganymede Technologies) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPMARBLES.dll [2011-07-15] (Ganymede Technologies) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-03-07] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-03-07] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-03-07] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-03-07] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-03-07] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npVividasPlayer.dll [2011-03-16] ( ) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npVividasPlayer.dll [2011-03-16] ( ) FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Hubert\Dane aplikacji\mozilla\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-31] [Brak podpisu cyfrowego] FF Extension: Avira Browser Safety - C:\Documents and Settings\Hubert\Dane aplikacji\Mozilla\Firefox\Profiles\myt0f58r.default\Extensions\abs@avira.com [2016-01-01] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-12-29] [Brak podpisu cyfrowego] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-12-29] [Brak podpisu cyfrowego] FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-12-29] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF ExtraCheck: C:\Program Files\mozilla firefox\ED0842AB360CDC3288945CD18982F4F6ED08 [2015-11-23] <==== UWAGA Chrome: ======= CHR Profile: C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-21] CHR Extension: (Google Drive) - C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-21] CHR Extension: (YouTube) - C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-21] CHR Extension: (Google Search) - C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-21] CHR Extension: (Avast Online Security) - C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-21] CHR Extension: (Skype Click to Call) - C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-21] CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-21] CHR Extension: (Gmail) - C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-21] CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\DOCUME~1\Hubert\USTAWI~1\Temp\crx4EC.tmp CHR HKLM\...\Chrome\Extension: [bildoibdboopgomcbiplincneeicgipj] - C:\Program Files\StartSearch plugin\startsplg.crx CHR HKLM\...\Chrome\Extension: [edcbaedcbaedcbaedcbaedcbaedcbajk] - C:\Program Files\vShare.tv plugin\vshareplg.crx CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02] StartMenuInternet: chrome.exe - Chrome.exe ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [615584 2015-12-09] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3857272 2015-12-09] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [862632 2015-11-12] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [579776 2015-12-09] (AVG Technologies CZ, s.r.o.) R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2006-09-24] (Hewlett-Packard Company) [Brak podpisu cyfrowego] S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 Skype C2C Service; C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.) R2 ZuneBusEnum; c:\Program Files\Zune\ZuneBusEnum.exe [57056 2011-08-05] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43520 2006-07-01] (Advanced Micro Devices) S3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [470048 2005-12-21] (Atheros Communications, Inc.) [Brak podpisu cyfrowego] S3 AR9271; C:\WINDOWS\System32\DRIVERS\athuw.sys [1763584 2011-07-28] (Atheros Communications, Inc.) [Brak podpisu cyfrowego] R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [23936 1997-12-23] (Adaptec) R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [278984 2008-05-20] () R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [149936 2015-11-06] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [243120 2015-11-06] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [231344 2015-08-20] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [193968 2015-11-06] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [36784 2015-08-10] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) S3 cpuz137; C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys [26856 2014-02-17] (CPUID) S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan) [Brak podpisu cyfrowego] S3 gdrv; C:\WINDOWS\gdrv.sys [15600 2008-04-16] (Windows (R) 2000 DDK provider) R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25416 2008-05-20] () R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) S0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [105472 2006-10-18] (NVIDIA Corporation) R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [70912 2010-03-04] (NVIDIA Corporation) R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [168040 2010-04-08] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [13824 2010-03-04] (NVIDIA Corporation) R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [112096 2012-02-09] (Power Software Ltd) S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation) S3 vmfilter303; C:\WINDOWS\System32\drivers\vmfilter303.sys [428160 2006-04-25] (Vimicro Corporation) S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation) S3 ZSMC303; C:\WINDOWS\System32\Drivers\usbVM303.sys [392122 2006-12-01] (Vimicro Corporation) R2 zumbus; C:\WINDOWS\System32\DRIVERS\zumbus.sys [41472 2011-08-05] (Microsoft Corporation) S3 Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS [X] S3 cpuz134; \??\C:\DOCUME~1\Hubert\USTAWI~1\Temp\cpuz134\cpuz134_x32.sys [X] S3 HDAudBus; system32\DRIVERS\HDAudBus.sys [X] S3 IntcAzAudAddService; system32\drivers\RtkHDAud.sys [X] S4 IntelIde; Brak ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) U1 WS2IFSL; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-01-03 16:30 - 2016-01-03 16:30 - 00021397 _____ C:\Documents and Settings\Hubert\Pulpit\FRST.txt 2016-01-03 15:19 - 2016-01-03 16:30 - 00000000 ____D C:\FRST 2016-01-03 15:14 - 2016-01-03 15:14 - 00380416 _____ C:\Documents and Settings\Hubert\Pulpit\njp0u3lr.exe 2016-01-03 15:13 - 2016-01-03 15:13 - 01721856 _____ (Farbar) C:\Documents and Settings\Hubert\Pulpit\FRST.exe 2016-01-02 20:30 - 2016-01-02 20:30 - 00000000 ____D C:\Program Files\Realtek 2016-01-02 20:30 - 2012-05-25 11:06 - 01706640 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll 2016-01-02 20:26 - 2010-03-22 05:28 - 00600680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvuSMB.exe 2016-01-02 20:26 - 2010-03-03 18:49 - 00600680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvunrm.exe 2016-01-02 19:58 - 2010-03-22 05:28 - 00215656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NVCOSMB.DLL 2016-01-02 19:58 - 2010-03-04 11:05 - 00944640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\fdco1ins.dll 2016-01-02 19:58 - 2010-03-04 11:05 - 00944640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\fdco1.dll 2016-01-02 19:58 - 2010-03-04 11:05 - 00011264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\bdco1ins.dll 2016-01-02 19:58 - 2010-03-04 11:05 - 00011264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\bdco1.dll 2016-01-02 19:58 - 2010-03-04 11:02 - 00212224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvnrm.sys 2016-01-02 19:58 - 2010-03-04 11:02 - 00070912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NVENETFD.sys 2016-01-02 19:58 - 2010-03-04 11:02 - 00013824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvnetbus.sys 2016-01-02 19:58 - 2010-03-03 18:49 - 00207464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvconrm.dll 2016-01-02 19:55 - 2016-01-03 15:58 - 00020032 _____ C:\WINDOWS\SchedLgU.Txt 2016-01-02 13:02 - 2016-01-02 13:07 - 00000000 ____D C:\Program Files\Driver Cleaner 2016-01-02 13:02 - 2016-01-02 13:02 - 00001602 _____ C:\Documents and Settings\Administrator\Pulpit\Driver Cleaner 3.lnk 2016-01-02 13:02 - 2016-01-02 13:02 - 00000130 _____ C:\WINDOWS\ntbtlog.txt 2016-01-02 13:02 - 2016-01-02 13:02 - 00000000 ____D C:\Documents and Settings\Administrator\Menu Start\Programy\Driver Cleaner 3 2016-01-02 02:18 - 2008-09-24 10:40 - 04122368 ____R (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\alcxwdm.sys 2016-01-02 02:18 - 2006-08-01 15:02 - 00049152 _____ C:\WINDOWS\system32\ChCfg.exe 2016-01-02 02:16 - 2016-01-02 02:16 - 00000000 ____D C:\Program Files\Realtek AC97 2016-01-02 01:21 - 2016-01-02 01:13 - 01745920 _____ C:\Documents and Settings\Hubert\Pulpit\adwcleaner_5.027.exe 2016-01-02 00:40 - 2016-01-02 20:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-01-02 00:40 - 2010-03-04 11:05 - 00755200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\cohelper.dll 2016-01-02 00:40 - 2010-02-22 00:45 - 00010084 _____ C:\WINDOWS\system32\Drivers\nvphy.bin 2016-01-02 00:07 - 2016-01-02 00:07 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\AVG 2016-01-02 00:06 - 2016-01-02 13:07 - 00000188 ___SH C:\Documents and Settings\Administrator\ntuser.ini 2016-01-02 00:06 - 2016-01-02 13:07 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp 2016-01-02 00:06 - 2016-01-02 13:02 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy 2016-01-02 00:06 - 2016-01-02 13:02 - 00000000 ____D C:\Documents and Settings\Administrator\Pulpit 2016-01-02 00:06 - 2016-01-02 12:59 - 00000000 ____D C:\Documents and Settings\Administrator 2016-01-02 00:06 - 2016-01-02 00:06 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Avg 2016-01-02 00:06 - 2013-12-25 15:15 - 00000000 __RHD C:\Documents and Settings\Administrator\Dane aplikacji 2016-01-02 00:06 - 2013-03-19 18:21 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia 2016-01-02 00:06 - 2010-09-14 10:04 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache 2016-01-02 00:06 - 2008-04-17 04:09 - 00000000 __SHD C:\Documents and Settings\Administrator\Ustawienia lokalne\Historia 2016-01-02 00:06 - 2008-04-17 04:09 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart 2016-01-02 00:06 - 2008-04-17 04:09 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start 2016-01-02 00:06 - 2008-04-17 04:09 - 00000000 ___HD C:\Documents and Settings\Administrator\Ustawienia lokalne 2016-01-02 00:06 - 2008-04-17 04:09 - 00000000 ____D C:\Documents and Settings\Administrator\Ulubione 2016-01-02 00:06 - 2008-04-17 04:09 - 00000000 ____D C:\Documents and Settings\Administrator\Moje dokumenty 2016-01-02 00:06 - 2008-04-16 20:17 - 00001599 _____ C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk 2016-01-02 00:06 - 2008-04-16 20:17 - 00000792 _____ C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk 2016-01-02 00:06 - 2008-04-16 20:17 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria 2016-01-02 00:06 - 2008-04-16 20:17 - 00000000 ___HD C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji 2016-01-02 00:06 - 2008-04-16 20:14 - 00000000 ___HD C:\Documents and Settings\Administrator\Szablony 2016-01-01 23:48 - 2010-04-08 19:30 - 00168040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvgts.sys 2016-01-01 23:48 - 2010-03-15 16:52 - 01097728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi.dll 2016-01-01 23:48 - 2006-10-18 15:31 - 00363008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\idecoiins.dll 2016-01-01 23:47 - 2010-03-11 18:31 - 00004527 _____ C:\WINDOWS\system32\nvsmb.nvu 2016-01-01 23:47 - 2010-03-03 18:35 - 00008824 _____ C:\WINDOWS\system32\nvnrm.nvu 2016-01-01 23:27 - 2016-01-01 23:27 - 00000813 _____ C:\Documents and Settings\Hubert\Pulpit\PC Wizard 2013.lnk 2016-01-01 23:27 - 2016-01-01 23:27 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\CPUID 2016-01-01 23:27 - 2012-02-14 12:49 - 00114176 _____ (CPUID) C:\WINDOWS\system32\PCWizard.cpl 2016-01-01 23:26 - 2016-01-01 23:26 - 00000000 ____D C:\Program Files\CPUID 2016-01-01 22:59 - 2016-01-02 20:34 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\NVIDIA Corporation 2016-01-01 22:58 - 2010-03-15 16:52 - 14757888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglnt.dll 2016-01-01 22:58 - 2010-03-15 16:52 - 11640832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2016-01-01 22:58 - 2010-03-15 16:52 - 10232352 ____C (NVIDIA Corporation) C:\WINDOWS\system32\dllcache\nv4_mini.sys 2016-01-01 22:58 - 2010-03-15 16:52 - 10232352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nv4_mini.sys 2016-01-01 22:58 - 2010-03-15 16:52 - 06432128 ____C (NVIDIA Corporation) C:\WINDOWS\system32\dllcache\nv4_disp.dll 2016-01-01 22:58 - 2010-03-15 16:52 - 06432128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv4_disp.dll 2016-01-01 22:58 - 2010-03-15 16:52 - 04075520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2016-01-01 22:58 - 2010-03-15 16:52 - 02646632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll 2016-01-01 22:58 - 2010-03-15 16:52 - 02183470 _____ C:\WINDOWS\system32\nvdata.bin 2016-01-01 22:58 - 2010-03-15 16:52 - 02030184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2016-01-01 22:58 - 2010-03-15 16:52 - 00215656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcodins.dll 2016-01-01 22:58 - 2010-03-15 16:52 - 00215656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcod.dll 2016-01-01 22:58 - 2010-03-15 16:52 - 00061440 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2016-01-01 22:58 - 2010-03-15 16:52 - 00009046 _____ C:\WINDOWS\system32\nvinfo.pb 2015-12-29 20:33 - 2015-12-29 20:33 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2015-12-29 20:32 - 2015-12-29 20:32 - 00000000 ___HD C:\$AVG 2015-12-29 20:31 - 2016-01-03 14:44 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\MFAData 2015-12-29 20:31 - 2015-12-29 20:31 - 00000685 _____ C:\Documents and Settings\All Users\Pulpit\AVG.lnk 2015-12-29 20:31 - 2015-12-29 20:31 - 00000000 ____D C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\MFAData 2015-12-29 20:31 - 2015-12-29 20:31 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\AVG Zen 2015-12-29 20:29 - 2015-12-29 20:32 - 00000000 ____D C:\Program Files\AVG 2015-12-29 20:27 - 2015-12-29 20:34 - 00000000 ____D C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Avg 2015-12-29 20:27 - 2015-12-29 20:30 - 00000000 ____D C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\AvgSetupLog 2015-12-29 18:19 - 2015-12-29 18:19 - 19607232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe 2015-12-29 17:54 - 2015-12-29 18:25 - 00000000 ____D C:\Program Files\Mozilla Firefox 2015-12-29 16:57 - 2015-12-29 16:57 - 00658136 _____ (Microsoft Corporation) C:\Documents and Settings\Hubert\Pulpit\KB835221.exe 2015-12-17 23:58 - 2010-04-08 19:30 - 00372840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvraiins.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00372840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvraidco.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00018024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoPtb.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00018024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoIt.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00018024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoFr.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00018024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoEsm.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00018024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoEs.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00018024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoDe.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00017512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoSv.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00017512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoRu.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00017512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoNo.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00017512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoNl.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00017512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoFi.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00017512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoDa.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00017000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoENU.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00017000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoEng.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00015464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoKo.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00015464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoJa.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00014952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoZht.dll 2015-12-17 23:58 - 2010-04-08 19:30 - 00014952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRCoZhc.dll 2015-12-17 23:13 - 2015-12-17 23:13 - 00000767 _____ C:\Documents and Settings\Hubert\Pulpit\EVEREST Home Edition.lnk 2015-12-17 23:13 - 2015-12-17 23:13 - 00000000 ____D C:\Program Files\Lavalys 2015-12-17 23:13 - 2015-12-17 23:13 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Lavalys 2015-12-17 23:09 - 2015-12-17 23:09 - 00031832 _____ (Phoenix Technologies) C:\WINDOWS\system32\Drivers\DrvAgent32.sys 2015-12-17 23:05 - 2016-01-01 19:34 - 00000079 _____ C:\Documents and Settings\Hubert\Pulpit\Huntersoft Free Download.url 2015-12-17 22:36 - 2015-12-17 22:36 - 00000682 _____ C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk 2015-12-07 10:47 - 2015-12-07 10:47 - 00000000 ____D C:\avrescue ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-01-03 16:30 - 2008-04-16 20:28 - 00000000 ____D C:\Documents and Settings\Hubert\Ustawienia lokalne\Temp 2016-01-03 16:30 - 2008-04-16 20:28 - 00000000 ____D C:\Documents and Settings\Hubert\Pulpit 2016-01-03 16:25 - 2010-07-27 13:42 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-03 16:19 - 2013-03-19 20:08 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-01-03 16:00 - 2015-11-23 11:24 - 00000418 _____ C:\WINDOWS\Tasks\Kit Diner.job 2016-01-03 16:00 - 2013-07-01 16:38 - 00000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2016-01-03 16:00 - 2010-03-16 03:37 - 00276202 _____ C:\WINDOWS\system32\NvApps.xml 2016-01-03 16:00 - 2007-01-01 00:29 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-01-03 15:59 - 2014-03-12 21:14 - 00000224 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2016-01-03 15:59 - 2013-03-19 17:59 - 00000280 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1177238915-842925246-839522115-1004.job 2016-01-03 15:59 - 2010-07-27 13:42 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-03 15:59 - 2008-04-16 20:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-03 15:58 - 2008-04-17 04:01 - 00000000 ____D C:\WINDOWS\Connection Wizard 2016-01-03 15:56 - 2014-02-14 11:56 - 00000432 _____ C:\WINDOWS\Tasks\At3.job 2016-01-03 15:19 - 2008-04-17 04:01 - 00000000 ____D C:\WINDOWS 2016-01-02 20:39 - 2008-04-17 04:01 - 00000000 ___HD C:\WINDOWS\inf 2016-01-02 20:35 - 2008-04-17 04:01 - 00000000 ____D C:\WINDOWS\Help 2016-01-02 20:35 - 2008-04-16 20:28 - 00000188 ___SH C:\Documents and Settings\Hubert\ntuser.ini 2016-01-02 20:34 - 2008-04-17 04:01 - 00000000 RSHDC C:\WINDOWS\system32\dllcache 2016-01-02 20:30 - 2008-04-16 20:31 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2016-01-02 20:29 - 2015-11-23 11:20 - 00000992 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-01-02 20:28 - 2006-03-02 13:00 - 00011878 _____ C:\WINDOWS\system32\wpa.dbl 2016-01-02 20:26 - 2008-04-16 20:30 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups 2016-01-02 13:00 - 2008-04-17 04:09 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2016-01-02 12:55 - 2008-04-16 20:28 - 00000000 ___RD C:\Documents and Settings\Hubert\Menu Start\Programy 2016-01-02 12:54 - 2008-04-17 04:09 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2016-01-02 12:54 - 2008-04-16 20:28 - 00000000 __RHD C:\Documents and Settings\Hubert\Dane aplikacji 2016-01-02 12:53 - 2008-04-17 04:07 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2016-01-02 12:53 - 2008-04-16 20:28 - 00000000 ___HD C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji 2016-01-02 12:51 - 2008-11-23 11:59 - 00000000 ____D C:\Program Files\NAPI-PROJEKT 2016-01-02 12:51 - 2008-11-23 11:59 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\NAPI-PROJEKT 2016-01-02 12:48 - 2008-08-30 14:40 - 00000000 ____D C:\Program Files\MarBit 2016-01-02 02:14 - 2008-04-17 11:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB941644$ 2016-01-02 01:25 - 2008-04-16 20:28 - 00000000 ____D C:\Documents and Settings\Hubert 2016-01-02 01:22 - 2014-03-06 15:46 - 00000000 ____D C:\AdwCleaner 2016-01-02 01:18 - 2015-03-16 10:49 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome 2016-01-02 01:18 - 2011-12-30 20:02 - 00000730 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk 2016-01-02 01:18 - 2008-04-16 20:28 - 00000000 ___RD C:\Documents and Settings\Hubert\Moje dokumenty 2016-01-02 00:33 - 2010-12-08 12:35 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat 2016-01-02 00:22 - 2012-11-14 18:16 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard 2016-01-02 00:21 - 2008-04-17 04:09 - 01091238 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-01-02 00:21 - 2006-03-02 13:00 - 00491756 _____ C:\WINDOWS\system32\perfh015.dat 2016-01-02 00:21 - 2006-03-02 13:00 - 00084666 _____ C:\WINDOWS\system32\perfc015.dat 2016-01-02 00:06 - 2008-04-17 04:06 - 00000000 ____D C:\Documents and Settings 2016-01-01 22:57 - 2008-04-17 10:31 - 00011878 ____C C:\WINDOWS\system32\wpa.bak 2016-01-01 19:23 - 2008-12-20 16:29 - 00000000 ____D C:\Program Files\K-Lite Codec Pack 2015-12-29 21:28 - 2008-04-21 15:04 - 00000000 ____D C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Ahead 2015-12-29 20:34 - 2014-01-17 18:59 - 00000000 ____D C:\Documents and Settings\Hubert\Dane aplikacji\AVG 2015-12-29 20:32 - 2014-01-17 18:59 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\AVG 2015-12-29 19:28 - 2012-04-26 19:54 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-12-29 19:00 - 2011-07-22 20:04 - 00000256 _____ C:\WINDOWS\Tasks\RMSchedule.job 2015-12-29 18:25 - 2015-12-03 21:10 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Package Cache 2015-12-29 18:23 - 2014-10-05 20:28 - 00731520 _____ C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat 2015-12-29 18:23 - 2008-04-16 20:28 - 00000000 ___HD C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji 2015-12-29 18:19 - 2013-03-19 20:08 - 00796864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-12-29 18:19 - 2012-03-09 18:27 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-12-29 18:15 - 2008-04-21 15:37 - 00000116 _____ C:\WINDOWS\NeroDigital.ini 2015-12-29 18:15 - 2008-04-17 18:40 - 00020480 _____ C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-12-29 18:09 - 2013-03-19 17:59 - 00000288 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1177238915-842925246-839522115-1004.job 2015-12-29 17:21 - 2015-12-03 21:10 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Avira 2015-12-17 23:32 - 2013-08-14 09:03 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-12-17 23:24 - 2008-04-17 11:16 - 137798368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-12-17 22:41 - 2008-08-30 14:41 - 00000000 ____D C:\Program Files\DivX 2015-12-17 22:36 - 2013-12-25 15:17 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\CCleaner 2015-12-17 22:29 - 2014-10-16 08:51 - 00000000 ____D C:\Documents and Settings\Hubert\Moje dokumenty\Pobrane 2015-12-17 22:29 - 2008-07-22 15:01 - 00000000 ____D C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\Adobe 2015-12-07 10:43 - 2015-12-03 21:17 - 00000000 ____D C:\WINDOWS\system32\NtmsData 2015-12-07 08:21 - 2008-04-16 20:15 - 00000000 ____D C:\WINDOWS\Registration 2015-12-04 15:57 - 2015-11-16 17:34 - 00000000 ____D C:\Program Files\Mobipocket.com ==================== Pliki w katalogu głównym wybranych folderów ======= 2008-04-21 15:36 - 2012-01-07 14:09 - 3414528 _____ (Karol Winnicki) C:\Program Files\BESTplayer.exe 2008-07-22 14:23 - 2008-05-23 14:59 - 6794496 ____C () C:\Program Files\Foxit Reader.exe 2015-11-22 16:52 - 2015-11-22 16:52 - 50063360 _____ () C:\Program Files\GUT3A1.tmp 2010-01-22 17:19 - 2010-01-22 17:19 - 0000040 ____C () C:\Program Files\path2.ini 2010-01-25 09:29 - 2015-01-04 15:18 - 0000040 ____C () C:\Program Files\path3.ini 2010-01-25 09:33 - 2010-01-25 09:33 - 0000060 ____C () C:\Program Files\path4.ini 2009-06-18 14:44 - 2009-06-18 14:44 - 0000060 ____C () C:\Program Files\path5.ini 2007-07-09 09:27 - 2007-07-09 09:27 - 0004657 ____C () C:\Program Files\Save.swf 2010-01-30 12:57 - 2010-01-30 12:57 - 0002528 ____C () C:\Documents and Settings\Hubert\Dane aplikacji\$_hpcst$.hpc 2012-07-20 19:30 - 2015-02-25 16:46 - 0000170 _____ () C:\Documents and Settings\Hubert\Dane aplikacji\a_flipping_good_save_1586 2008-09-18 12:54 - 2008-12-01 15:50 - 0000003 ____C () C:\Documents and Settings\Hubert\Dane aplikacji\dxva_sig.txt 2008-12-26 10:55 - 2010-04-27 15:23 - 0308082 ____C () C:\Documents and Settings\Hubert\Dane aplikacji\Noddy2_NL_prefs.cst 2013-12-01 00:56 - 2014-01-25 12:54 - 0000135 _____ () C:\Documents and Settings\Hubert\Dane aplikacji\WB.CFG 2013-12-01 00:56 - 2014-01-25 12:54 - 0000005 _____ () C:\Documents and Settings\Hubert\Dane aplikacji\WBPU-TTL.DAT 2008-04-17 18:40 - 2015-12-29 18:15 - 0020480 _____ () C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2011-02-14 16:22 - 2011-02-14 16:22 - 0000094 ____C () C:\Documents and Settings\Hubert\Ustawienia lokalne\Dane aplikacji\GLFAA.tmp 2012-07-20 19:29 - 2015-02-25 16:46 - 0000016 _____ () C:\Documents and Settings\All Users\Dane aplikacji\flipping_good_time_settings Pliki do przeniesienia lub usunięcia: ==================== C:\Windows\Tasks\At3.job ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo ==================== Koniec FRST.txt ============================