Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:05-03-2016 01 Uruchomiony przez Mafia (administrator) MACIEK (28-02-2016 21:22:01) Uruchomiony z C:\Documents and Settings\Mafia\Pulpit\Narzędzia Załadowane profile: Mafia (Dostępne profile: Mafia & Mama & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 6 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Atheros) C:\WINDOWS\system32\acs.exe (CrossLoop) C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\CrossLoop\CrossLoopService.exe (ClanServers Hosting LLC) D:\GTA SA\GameTracker\GSInGameService.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe () C:\WINDOWS\system32\PnkBstrA.exe (Ralink Technology, Corp.) C:\Program Files\ZyXEL\NWD2705DRV\AutoInstallSrv\RaAutoInstSrv.exe (Ralink Technology, Corp.) C:\Program Files\ZyXEL\NWD2705\Utility\RaRegistry.exe (Skype Technologies S.A.) C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Macrovision Corporation) C:\Program Files\UGS\NX 4.0\UGNXFLEXlm\lmgrd.exe (Macrovision Corporation) C:\Program Files\UGS\NX 4.0\UGNXFLEXlm\lmgrd.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe () C:\Program Files\UGS\NX 4.0\UGNXFLEXlm\uglmd.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Realtek Semiconductor Corp.) C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Spotify Ltd) C:\Documents and Settings\Mafia\Dane aplikacji\Spotify\SpotifyWebHelper.exe () C:\WINDOWS\system\cm106eye.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-05] (Avast Software s.r.o.) HKLM\...\Run: [Cm106Sound] => RunDll32 cm106.cpl,CMICtrlWnd HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-02-18] (Realtek Semiconductor Corp.) HKLM\...\Run: [amd_dc_opt] => C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2013-04-11] (ATI Technologies Inc.) HKU\S-1-5-21-2025429265-343818398-682003330-1003\...\Run: [Spotify Web Helper] => C:\Documents and Settings\Mafia\Dane aplikacji\Spotify\SpotifyWebHelper.exe [2346096 2016-02-11] (Spotify Ltd) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-05] (Avast Software s.r.o.) Startup: C:\Documents and Settings\Mama\Menu Start\Programy\Autostart\GamersFirst LIVE!.lnk [2014-09-13] ShortcutTarget: GamersFirst LIVE!.lnk -> C:\Documents and Settings\Mama\Ustawienia lokalne\Dane aplikacji\GamersFirst\LIVE!\Live.exe (GamersFirst) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\..\Interfaces\{D77B060E-0F14-49E6-9E7A-20EF85ACA2BC}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKU\S-1-5-21-2025429265-343818398-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-2025429265-343818398-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: HKU\S-1-5-21-2025429265-343818398-682003330-1003 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= UWAGA SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2025429265-343818398-682003330-1003 -> {0A78407B-83D2-4E2A-83AE-403FFCA7488C} URL = hxxp://search.atlas.cz/?q={searchTerms} SearchScopes: HKU\S-1-5-21-2025429265-343818398-682003330-1003 -> {21299C0D-AB11-4E71-91A9-0C6973799AB3} URL = hxxp://search.microsoft.com/results.aspx?mkt=pl-pl&setlang=pl-pl&q={searchTerms} SearchScopes: HKU\S-1-5-21-2025429265-343818398-682003330-1003 -> {2B6E8B59-607C-4183-A65D-953241E2E787} URL = hxxp://www.ceneo.pl/categories.aspx?search=yes&categoryID=0&searchText={searchTerms}&inDesc=False&minPrice=0&maxPrice=99999999 SearchScopes: HKU\S-1-5-21-2025429265-343818398-682003330-1003 -> {2BE05369-8C8A-4548-B3A8-7E837C1DAF44} URL = hxxp://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKU\S-1-5-21-2025429265-343818398-682003330-1003 -> {34A4DDEB-3D4D-4C67-A440-56B3E5C697D8} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&fr=FP-tab-web-t340&ei=UTF-8&meta=vc%3D SearchScopes: HKU\S-1-5-21-2025429265-343818398-682003330-1003 -> {3503FA73-606C-4422-9909-D1A30C28C993} URL = hxxp://cgi.search.biglobe.ne.jp/cgi-bin/search7?q={searchTerms} SearchScopes: HKU\S-1-5-21-2025429265-343818398-682003330-1003 -> {85FE9B39-09E0-4A70-ACFE-E8E13CC47B76} URL = hxxp://vachercher.lycos.fr/cgi-bin/pursuit?query={searchTerms}&tld=com&family=off&inpcatvalue=loc&cat=loc SearchScopes: HKU\S-1-5-21-2025429265-343818398-682003330-1003 -> {AAC2CB8C-B40F-404D-A2EC-6E9356D7300F} URL = hxxp://search.seznam.cz/searchScreen?w={searchTerms}&mod=f SearchScopes: HKU\S-1-5-21-2025429265-343818398-682003330-1003 -> {AC557BCF-2057-4634-ABE7-5EC31A8CCE1C} URL = hxxp://search.centrum.cz/index.php?charset=utf-8&q={searchTerms}&mt=2&mts=1&sec=mix&kibitz=0 SearchScopes: HKU\S-1-5-21-2025429265-343818398-682003330-1003 -> {D03BF058-FC45-42AD-989E-B7B6819BDDFC} URL = hxxp://pl.wikipedia.org/w/index.php?title=Specjalna:Szukaj&search={searchTerms} SearchScopes: HKU\S-1-5-21-2025429265-343818398-682003330-1003 -> {DB8B1F3C-D1B8-4EE7-8839-B82DAB67A796} URL = hxxp://search.auone.jp/?q={searchTerms}&sr=0401&charset=SJIS SearchScopes: HKU\S-1-5-21-2025429265-343818398-682003330-1003 -> {FC46E8B9-4BC0-4539-AEC0-4E9D4918DBAB} URL = BHO: HistoryTriggerBHO Class -> {21A88CB9-84D2-4020-A2D1-B25A21034884} -> C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll [2011-11-16] (LG Electronics) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-06-04] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-05] (Avast Software s.r.o.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-06-04] (Oracle Corporation) DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232108986312 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.140.0.cab DPF: {82CF9738-0BDA-4AAF-AB08-5AC5875FF3BB} hxxp://www.englishon-line.com/pl/lekcje/localplayer/recording/yrecording.cab DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.66.2.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02] (Skype Technologies S.A.) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1446068732&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=cor&uid=GOODRAMXC50_FF1A07391E9700075851 FireFox: ======== FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [Brak pliku] FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @idsoftware.com/QuakeLive -> C:\Documents and Settings\All Users\Dane aplikacji\id Software\QuakeLive\npquakezero.dll [2012-02-14] (id Software Inc.) FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-04] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-06-04] (Oracle Corporation) FF Plugin: @live.heroesandgenerals.com/npretox -> G:\Heroes and Generals\Heroes & Generals\live\npretoxlive.dll [2012-11-29] (Reto-Moto ApS) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [Brak pliku] FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin HKU\S-1-5-21-2025429265-343818398-682003330-1003: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-07-21] () FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-02-12] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [fe_9.0@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 FF Extension: Brak nazwy - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012-01-13] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-04] FF HKLM\...\Thunderbird\Extensions: [te_9.0@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 FF Extension: Brak nazwy - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012-01-13] [Brak podpisu cyfrowego] Chrome: ======= CHR HomePage: Default -> hxxp://google.pl/ CHR StartupUrls: Default -> "hxxps://www.google.pl/" CHR Plugin: (Widevine Content Decryption Module) - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll => Brak pliku CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll () CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => Brak pliku CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\pdf.dll => Brak pliku CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation) CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.)) CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation) CHR Plugin: (QUAKE LIVE) - C:\Documents and Settings\All Users\Dane aplikacji\id Software\QuakeLive\npquakezero.dll (id Software Inc.) CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll => Brak pliku CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll => Brak pliku CHR Plugin: (Java(TM) Platform SE 7 U40) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll => Brak pliku CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll => Brak pliku CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll => Brak pliku CHR Plugin: (Java Deployment Toolkit 7.0.400.43) - C:\WINDOWS\system32\npDeployJava1.dll => Brak pliku CHR Plugin: (Heroes & Generals live) - G:\Heroes and Generals\Heroes & Generals\live\npretoxlive.dll (Reto-Moto ApS) CHR Profile: C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Adblock Plus) - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-02] CHR Extension: (Avast Online Security) - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-28] CHR Extension: (Skype) - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-18] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-05] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02] StartMenuInternet: chrome.exe - C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ACS; C:\WINDOWS\system32\acs.exe [499796 2010-06-21] (Atheros) [Brak podpisu cyfrowego] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-05] (Avast Software s.r.o.) S3 BRSptStub; C:\Documents and Settings\All Users\Dane aplikacji\BitRaider\BRSptStub.exe [363208 2014-12-25] (BitRaider, LLC) R2 CrossLoopService; C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\CrossLoop\CrossLoopService.exe [569072 2011-09-07] (CrossLoop) S3 Desura Install Service; C:\Program Files\Common Files\Desura\desura_service.exe [131912 2013-11-17] (Desura Pty Ltd) S3 EasyAntiCheat; C:\WINDOWS\system32\EasyAntiCheat.exe [107552 2014-07-13] (EasyAntiCheat Ltd) R2 GS In-Game Service; D:\GTA SA\GameTracker\GSInGameService.exe [1677080 2013-12-19] (ClanServers Hosting LLC) S4 GtDetectSc; C:\Program Files\ERA\GlobeTrotter Connect\GtDetectSc.exe [204915 2007-11-05] (Option) [Brak podpisu cyfrowego] R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1893896 2015-11-12] (LogMeIn Inc.) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-06-04] (Oracle Corporation) R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-11-12] (LogMeIn, Inc.) S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 MSSQL$PLATNIK2005; c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation) S3 npggsvc; C:\WINDOWS\system32\GameMon.des [3549224 2010-06-07] (INCA Internet Co., Ltd.) [Brak podpisu cyfrowego] R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2014-09-13] () R2 RaAutoInstSrv_RT2870; C:\Program Files\ZyXEL\NWD2705DRV\AutoInstallSrv\RaAutoInstSrv.exe [116000 2009-11-19] (Ralink Technology, Corp.) R2 RalinkRegistryWriter; C:\Program Files\ZyXEL\NWD2705\Utility\RaRegistry.exe [372736 2012-01-12] (Ralink Technology, Corp.) [Brak podpisu cyfrowego] R2 Skype C2C Service; C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.) S3 tvnserver; C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\CrossLoop\tvnserver.exe [814080 2010-07-21] (GlavSoft LLC.) [Brak podpisu cyfrowego] R2 Unigraphics License Server (uglmd); C:\Program Files\UGS\NX 4.0\UGNXFLEXlm\lmgrd.exe [962560 2005-10-27] (Macrovision Corporation) [Brak podpisu cyfrowego] S2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [X] S2 lwsvc_1.10.0.14; "C:\Program Files\LinkWiz_1.10.0.14\Service\lwsvc.exe" [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AndNetDiag; C:\WINDOWS\System32\DRIVERS\lgandnetdiag.sys [23040 2011-09-06] (LG Electronics Inc.) S3 ANDNetModem; C:\WINDOWS\System32\DRIVERS\lgandnetmodem.sys [27776 2011-09-06] (LG Electronics Inc.) S3 andnetndis; C:\WINDOWS\System32\DRIVERS\lgandnetndis.sys [70400 2011-09-16] (LG Electronics Inc.) R3 AR9271; C:\WINDOWS\System32\DRIVERS\athuw.sys [1763584 2011-07-29] (Atheros Communications, Inc.) [Brak podpisu cyfrowego] R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24144 2015-07-05] () R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [74976 2015-07-05] (Avast Software s.r.o.) R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-07-05] (Avast Software s.r.o.) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49904 2015-07-05] () R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787760 2015-07-05] (Avast Software s.r.o.) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [428120 2015-07-05] (Avast Software s.r.o.) R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-07-05] (Avast Software s.r.o.) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [209048 2015-07-05] () R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices) R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [279712 2011-03-13] () S3 BRDriver_1_3_3_E02B25FC; C:\Documents and Settings\All Users\Dane aplikacji\BitRaider\support\1.3.3\E02B25FC\BRDriver.sys [66824 2014-12-25] (BitRaider) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) S3 DrvAgent32; C:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2010-05-26] (Phoenix Technologies) [Brak podpisu cyfrowego] S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [13896 2013-03-07] () [Brak podpisu cyfrowego] S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9160 2013-03-07] () [Brak podpisu cyfrowego] S3 GT72NDISIPXP; C:\WINDOWS\System32\DRIVERS\Gt51Ip.sys [95744 2007-07-09] (Option NV) S3 GT72UBUS; C:\WINDOWS\System32\DRIVERS\gt72ubus.sys [51968 2007-06-26] (Option N.V.) S3 GTPTSER; C:\WINDOWS\System32\DRIVERS\gtptser.sys [8064 2007-03-30] (Option N.V.) R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R3 LgBttPort; C:\WINDOWS\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.) R3 lgbusenum; C:\WINDOWS\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.) R3 LGVMODEM; C:\WINDOWS\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.) R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25888 2011-03-13] () R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2016-02-28] (Malwarebytes) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) S3 PAC7302; C:\WINDOWS\System32\DRIVERS\PAC7302.SYS [458112 2007-10-29] (PixArt Imaging Inc.) R2 Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [73728 2001-06-22] (Rainbow Technologies, Inc.) [Brak podpisu cyfrowego] R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [324152 2016-02-28] (Duplex Secure Ltd.) R1 UimBus; C:\WINDOWS\System32\DRIVERS\UimBus.sys [81232 2013-02-18] (Windows (R) 2000 DDK provider) R1 Uim_IM; C:\WINDOWS\System32\Drivers\Uim_IM.sys [452816 2013-02-18] (Paragon) R1 Uim_Vim; C:\WINDOWS\System32\Drivers\Uim_Vim.sys [283600 2013-02-18] (Paragon) R3 USBMULCD; C:\WINDOWS\System32\drivers\CM106.sys [1511936 2009-09-25] (C-Media Electronics Inc) S1 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [31872 2008-04-14] (Microsoft Corporation) S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org) R3 WmBEnum; C:\WINDOWS\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.) S3 WmVirHid; C:\WINDOWS\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.) R3 WmXlCore; C:\WINDOWS\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.) R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [58208 2010-06-21] (Atheros Communications, Inc.) [Brak podpisu cyfrowego] R2 ZDCNDIS5; C:\WINDOWS\system32\ZDCNDIS5.sys [20736 2011-02-23] (ZDC., Inc. (ZDC)) [Brak podpisu cyfrowego] S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [X] S3 GPU-Z; \??\C:\DOCUME~1\Mama\USTAWI~1\Temp\GPU-Z.sys [X] S4 IntelIde; Brak ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-02-28 21:58 - 2016-02-28 21:58 - 00001397 _____ C:\Documents and Settings\All Users\Pulpit\League of Legends.lnk 2016-02-28 21:53 - 2016-02-28 22:00 - 00000000 ____D C:\Documents and Settings\Mafia\Dane aplikacji\Riot Games 2016-02-28 21:44 - 2016-02-28 21:22 - 00000000 ____D C:\Documents and Settings\Mafia\Pulpit\Narzędzia 2016-02-28 21:31 - 2016-02-28 21:31 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Catalyst Control Center 2016-02-28 21:26 - 2016-02-28 21:26 - 00324152 _____ (Duplex Secure Ltd.) C:\WINDOWS\system32\Drivers\sptd.sys 2016-02-28 21:21 - 2016-02-28 21:22 - 00000000 ____D C:\FRST 2016-02-28 21:14 - 2016-02-28 21:14 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\ATI 2016-02-28 21:12 - 2016-02-28 21:11 - 00094208 _____ C:\WINDOWS\Minidump\Mini022816-01.dmp 2016-02-11 21:56 - 2016-02-11 21:56 - 08230080 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-02-28 22:03 - 2012-05-25 19:28 - 00000188 ___SH C:\Documents and Settings\Mama\ntuser.ini 2016-02-28 22:02 - 2009-12-05 21:03 - 00000000 ____D C:\Documents and Settings\Mafia 2016-02-28 22:00 - 2000-01-16 12:20 - 00000000 ____D C:\WINDOWS\system32\DirectX 2016-02-28 21:58 - 2000-01-16 13:11 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2016-02-28 21:56 - 2014-07-03 15:58 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-02-28 21:53 - 2015-10-28 22:46 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\5WMiniPro5 2016-02-28 21:53 - 2009-12-05 21:03 - 00000000 ____D C:\Documents and Settings\Mafia\Dane aplikacji 2016-02-28 21:52 - 2014-09-13 14:39 - 00000000 ____D C:\Documents and Settings\Mama\Ustawienia lokalne\Dane aplikacji\Spotify 2016-02-28 21:44 - 2009-12-05 21:03 - 00000000 ____D C:\Documents and Settings\Mafia\Pulpit 2016-02-28 21:36 - 2013-08-30 21:07 - 00000000 ____D C:\Program Files\Steam 2016-02-28 21:35 - 2014-01-19 18:47 - 00000000 ____D C:\Documents and Settings\Mama\Ustawienia lokalne\temp 2016-02-28 21:31 - 2012-12-19 22:03 - 00000000 ____D C:\Program Files\ATI Technologies 2016-02-28 21:31 - 2000-01-16 13:11 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy 2016-02-28 21:29 - 2009-12-05 21:03 - 00000000 ___RD C:\Documents and Settings\Mafia\Moje dokumenty 2016-02-28 21:27 - 2015-02-18 21:50 - 00032478 _____ C:\WINDOWS\SchedLgU.Txt 2016-02-28 21:27 - 2012-07-02 08:31 - 00524288 _____ C:\WINDOWS\system32\config\ACS.evt 2016-02-28 21:27 - 2009-12-05 21:03 - 00000188 ___SH C:\Documents and Settings\Mafia\ntuser.ini 2016-02-28 21:27 - 2000-01-16 13:02 - 00000000 RSHDC C:\WINDOWS\system32\dllcache 2016-02-28 21:27 - 2000-01-16 12:40 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups 2016-02-28 21:25 - 2014-10-17 17:26 - 00000000 ____D C:\Documents and Settings\Administrator.MACIEK 2016-02-28 21:25 - 2012-05-25 19:28 - 00000000 ____D C:\Documents and Settings\Mama 2016-02-28 21:25 - 2000-01-16 12:38 - 00000000 __SHD C:\Documents and Settings\LocalService 2016-02-28 21:25 - 2000-01-16 12:25 - 00000000 __SHD C:\Documents and Settings\NetworkService 2016-02-28 21:24 - 2014-01-19 18:47 - 00000000 ____D C:\Documents and Settings\Mafia\Ustawienia lokalne\temp 2016-02-28 21:24 - 2012-12-19 22:00 - 00000000 ____D C:\AMD 2016-02-28 21:24 - 2000-01-16 12:19 - 00000000 ____D C:\WINDOWS\Registration 2016-02-28 21:23 - 2012-12-19 21:57 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt 2016-02-28 21:22 - 2015-10-28 22:45 - 00000000 ____D C:\Documents and Settings\Mafia\Dane aplikacji\istartsurf 2016-02-28 21:19 - 2012-11-10 11:34 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job 2016-02-28 21:14 - 2015-05-14 20:43 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-02-28 21:14 - 2015-02-05 18:38 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0416a999a8988.job 2016-02-28 21:14 - 2015-01-19 23:02 - 00000278 _____ C:\WINDOWS\Tasks\Game_Booster_AutoUpdate.job 2016-02-28 21:14 - 2014-03-22 06:05 - 00000222 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2016-02-28 21:14 - 2012-05-25 19:30 - 00000000 ____D C:\Documents and Settings\Mama\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi 2016-02-28 21:14 - 2004-08-04 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl 2016-02-28 21:14 - 2000-01-16 13:09 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2016-02-28 21:14 - 2000-01-16 13:02 - 00000000 ___HD C:\WINDOWS\inf 2016-02-28 21:13 - 2010-03-27 13:17 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-28 21:13 - 2010-03-27 13:17 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-28 21:12 - 2014-09-13 14:38 - 00000000 ____D C:\Documents and Settings\Mama\Dane aplikacji\Spotify 2016-02-28 21:12 - 2010-09-11 22:39 - 00000000 ____D C:\WINDOWS\Minidump 2016-02-28 21:11 - 2014-12-08 20:50 - 00000000 ____D C:\Documents and Settings\LocalService\Dane aplikacji\GameTracker 2016-02-28 21:11 - 2012-11-27 21:47 - 00000000 ____D C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi 2016-02-28 21:11 - 2000-01-16 12:38 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-28 21:11 - 2000-01-16 12:25 - 00000000 ____D C:\Documents and Settings\NetworkService\Ustawienia lokalne\Temp 2016-02-25 21:20 - 2015-02-18 22:05 - 00000000 ____D C:\Documents and Settings\Mama\Ustawienia lokalne\Dane aplikacji\Steam 2016-02-11 21:56 - 2014-06-04 19:20 - 00796864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2016-02-11 21:56 - 2014-06-04 19:20 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2016-02-11 21:52 - 2014-10-20 10:45 - 00000000 ____D C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Spotify 2016-02-11 21:50 - 2014-10-20 10:45 - 00000000 ____D C:\Documents and Settings\Mafia\Dane aplikacji\Spotify 2016-02-11 21:27 - 2011-02-12 10:24 - 00281768 _____ C:\WINDOWS\system32\PnkBstrB.xtr 2016-02-11 21:27 - 2010-11-23 22:17 - 00281768 _____ C:\WINDOWS\system32\PnkBstrB.exe 2016-02-11 21:23 - 2010-11-23 22:17 - 00281768 _____ C:\WINDOWS\system32\PnkBstrB.ex0 2016-02-11 21:23 - 2010-11-23 22:17 - 00139832 _____ C:\WINDOWS\system32\Drivers\PnkBstrK.sys 2016-02-11 21:22 - 2011-07-13 20:47 - 00000000 ____D C:\Program Files\Common Files\Steam 2016-02-11 21:07 - 2009-12-21 19:31 - 00000000 ____D C:\Documents and Settings\Mafia\Dane aplikacji\Skype 2016-02-11 20:59 - 2012-10-12 15:35 - 00029696 _____ C:\Documents and Settings\Mama\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2016-02-02 22:33 - 2012-05-25 19:28 - 00000000 __RHD C:\Documents and Settings\Mama\Dane aplikacji 2016-02-02 22:13 - 2012-05-25 19:28 - 00000000 ___HD C:\Documents and Settings\Mama\Ustawienia lokalne\Dane aplikacji 2016-02-02 22:10 - 2012-05-25 18:37 - 00000000 ____D C:\Documents and Settings\Mama\Dane aplikacji\Skype 2016-02-02 22:01 - 2015-02-18 21:54 - 00000000 ____D C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\Steam ==================== Pliki w katalogu głównym wybranych folderów ======= 2010-01-27 20:04 - 2010-01-27 20:05 - 0037060 _____ () C:\Documents and Settings\Mafia\Dane aplikacji\Bigfoot-RC.cfg 2015-01-19 22:51 - 2015-01-19 22:47 - 0000098 _____ () C:\Documents and Settings\Mafia\Dane aplikacji\LauncherSettings_live.cfg 2010-11-23 22:17 - 2013-11-17 18:52 - 0138056 _____ () C:\Documents and Settings\Mafia\Dane aplikacji\PnkBstrK.sys 2015-01-19 22:32 - 2015-01-19 22:32 - 0008145 _____ () C:\Documents and Settings\Mafia\Dane aplikacji\TheHunterSettings_live.bin 2015-01-19 23:15 - 2015-01-19 23:15 - 0000040 _____ () C:\Documents and Settings\Mafia\Dane aplikacji\TheHunterSettings_steam_live.cfg 2011-10-14 21:20 - 2011-10-15 00:14 - 0029434 _____ () C:\Documents and Settings\Mafia\Dane aplikacji\XFLR5.ini 2010-04-13 15:54 - 2014-06-03 15:06 - 0028160 _____ () C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2011-02-27 13:06 - 2011-02-27 12:54 - 0003864 _____ () C:\Documents and Settings\Mafia\Ustawienia lokalne\Dane aplikacji\unins000.dat 2014-10-17 17:46 - 2014-10-17 18:16 - 0000690 _____ () C:\Documents and Settings\All Users\Dane aplikacji\HirezPipeError.txt 2015-10-28 22:46 - 2015-10-28 22:46 - 0000170 _____ () C:\Documents and Settings\All Users\Dane aplikacji\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Niektóre pliki w TEMP: ==================== C:\Documents and Settings\Mafia\Ustawienia lokalne\temp\CoJBiBLauncher.exe C:\Documents and Settings\Mafia\Ustawienia lokalne\temp\drm_dyndata_7400009.dll C:\Documents and Settings\Mafia\Ustawienia lokalne\temp\Quarantine.exe C:\Documents and Settings\Mafia\Ustawienia lokalne\temp\sqlite3.dll C:\Documents and Settings\Mafia\Ustawienia lokalne\temp\ubiD8.tmp.exe C:\Documents and Settings\Mafia\Ustawienia lokalne\temp\_is4.exe C:\Documents and Settings\Mafia\Ustawienia lokalne\temp\_is5.exe C:\Documents and Settings\Mama\Ustawienia lokalne\temp\drm_dialogs.dll C:\Documents and Settings\Mama\Ustawienia lokalne\temp\drm_dyndata_7330014.dll C:\Documents and Settings\Mama\Ustawienia lokalne\temp\ICReinstall_pobierz_Spolszczenie-GTA_SA.exe C:\Documents and Settings\Mama\Ustawienia lokalne\temp\sanandreas.exe C:\Documents and Settings\Mama\Ustawienia lokalne\temp\SkypeSetup.exe C:\Documents and Settings\Mama\Ustawienia lokalne\temp\_is8.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo ==================== Koniec FRST.txt ============================