Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:30-04-2016 Uruchomiony przez admin (administrator) MAREKL (02-05-2016 16:52:07) Uruchomiony z C:\WINDOWS\wirus Załadowane profile: admin (Dostępne profile: admin) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 6 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\Av\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe (Lenovo.) C:\WINDOWS\system32\ibmpmsvc.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe () C:\Program Files\Lexmark 7100 Series\lxbxmon.exE () C:\Program Files\Lexmark 7100 Series\ezprint.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe (Skillbrains) C:\Program Files\Skillbrains\lightshot\5.3.0.0\Lightshot.exe (Oki Data Corporation) C:\Program Files\Okidata\ActKey\Network Configuration.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe (Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Huawei Technologies Co., Ltd.) C:\Documents and Settings\admin\Dane aplikacji\T-Mobile Internet Manager\ouc.exe (Intel Corporation) C:\WINDOWS\system32\igfxext.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo.) C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE (SEIKO EPSON CORPORATION) C:\Program Files\EPSON Projector\EMP NS Connection V2\EMP_NSWLSV.exe (FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManagerService32.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Setup\avgsetupx.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (The Firebird Project) C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe () C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe (Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe () C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe (Lenovo Group Limited) C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe () C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe (Lenovo Group Limited) C:\Program Files\ThinkPad\Utilities\PWMEWSVC.exe (AVG Technologies CZ, s.r.o.) C:\Documents and Settings\All Users\Dane aplikacji\Avg\Setup\_Temp\7b916916-0687-47cc-8867-d155f9e69f49\avgsetupwrkx.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Lexmark International, Inc.) C:\WINDOWS\system32\lxbxcoms.exe (The Firebird Project) C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe (Lenovo Group Limited) C:\PROGRA~1\ThinkPad\UTILIT~1\SCHTASK.EXE (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgmfapx.exe (Microsoft Corporation) C:\WINDOWS\system32\WISPTIS.EXE ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [LenovoAutoScrollUtility] => C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe [101440 2011-10-20] (Lenovo Group Limited) HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1044480 2007-12-19] (Analog Devices, Inc.) HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [884736 2007-12-12] (Analog Devices, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2350392 2012-09-10] (Synaptics Incorporated) HKLM\...\Run: [PWRMGRTR] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor HKLM\...\Run: [TVT Scheduler Proxy] => C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [1093632 2010-12-10] (Lenovo Group Limited) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3930384 2016-04-06] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKLM\...\Run: [lxbxmon.exe] => C:\Program Files\Lexmark 7100 Series\lxbxmon.exe [196608 2005-01-18] () HKLM\...\Run: [FaxCenterServer4_in_1] => C:\Program Files\Lexmark 7100 Series\fm3032.exe [286720 2004-12-06] () HKLM\...\Run: [EzPrint] => C:\Program Files\Lexmark 7100 Series\ezprint.exe [61440 2004-09-17] () HKLM\...\Run: [LXBXCATS] => rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBXtime.dll,_RunDLLEntry@16 HKLM\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [1667072 2012-02-28] (iSkySoft) HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [186640 2016-04-14] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [Network Configuration] => C:\Program Files\Okidata\ActKey\Network Configuration.exe [728640 2014-09-15] (Oki Data Corporation) HKU\S-1-5-21-117609710-854245398-725345543-1003\...\Run: [LightShot] => C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Skillbrains\lightshot\Lightshot.exe HKU\S-1-5-21-117609710-854245398-725345543-1003\...\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] => C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.) HKU\S-1-5-21-117609710-854245398-725345543-1003\...\MountPoints2: {21e20ec0-a8fa-11e3-baf6-001cbf0276ba} - H:\LaunchU3.exe -a HKU\S-1-5-21-117609710-854245398-725345543-1003\...\MountPoints2: {9c762c41-2cbc-11e2-81d6-001c26e86ab6} - H:\AutoRun.exe HKU\S-1-5-21-117609710-854245398-725345543-1003\...\MountPoints2: {9c762c44-2cbc-11e2-81d6-001c26e86ab6} - H:\AutoRun.exe HKU\S-1-5-21-117609710-854245398-725345543-1003\...\MountPoints2: {9cb90f45-f1f2-11e3-bdc5-001cbf0276ba} - H:\AutoRun.exe HKU\S-1-5-21-117609710-854245398-725345543-1003\...\MountPoints2: {d33a0f40-6ce7-11e4-ad43-001cbf0276ba} - H:\AutoRun.exe HKU\S-1-5-21-117609710-854245398-725345543-1003\...\MountPoints2: {d33a0f42-6ce7-11e4-ad43-001cbf0276ba} - H:\AutoRun.exe HKU\S-1-5-21-117609710-854245398-725345543-1003\...\MountPoints2: {f0fc2ec1-f5f8-11e3-9b36-001cbf0276ba} - H:\AutoRun.exe HKU\S-1-5-21-117609710-854245398-725345543-1003\...\MountPoints2: {fd9c2a40-7136-11e4-accf-001cbf0276ba} - H:\AutoRun.exe HKU\S-1-5-21-117609710-854245398-725345543-1003\...\MountPoints2: {fd9c2a42-7136-11e4-accf-001cbf0276ba} - H:\AutoRun.exe Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BTTray.lnk [2012-11-07] ShortcutTarget: BTTray.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) BootExecute: autocheck autochk * C:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart GroupPolicyScripts: Ograniczenia <======= UWAGA GroupPolicyScripts\User: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 0.0.0.0 0.0.0.0 Tcpip\..\Interfaces\{90AFBC31-4AB6-487B-9266-A48D2BF132C1}: [DhcpNameServer] 10.0.0.1 0.0.0.0 0.0.0.0 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-117609710-854245398-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-117609710-854245398-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM -> DefaultScope - brak wartości SearchScopes: HKU\S-1-5-21-117609710-854245398-725345543-1003 -> {17286B16-0E22-4FD0-9E75-A9D20B24D80E} URL = hxxp://www.google.com/search?hl=pl&q={searchTerms} BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 2010\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation) Toolbar: HKU\S-1-5-21-117609710-854245398-725345543-1003 -> Brak nazwy - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Brak pliku DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\waym27it.default FF Homepage: google.pl FF NetworkProxy: "backup.ftp", "127.0.0.1" FF NetworkProxy: "backup.ftp_port", 9050 FF NetworkProxy: "backup.socks", "127.0.0.1" FF NetworkProxy: "backup.socks_port", 9050 FF NetworkProxy: "backup.ssl", "127.0.0.1" FF NetworkProxy: "backup.ssl_port", 9050 FF NetworkProxy: "ftp", "37.247.48.250" FF NetworkProxy: "ftp_port", 993 FF NetworkProxy: "http", "37.247.48.250" FF NetworkProxy: "http_port", 993 FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "socks", "37.247.48.250" FF NetworkProxy: "socks_port", 993 FF NetworkProxy: "ssl", "37.247.48.250" FF NetworkProxy: "ssl_port", 993 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_286.dll [Brak pliku] FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll [Brak pliku] FF Plugin: @Cabrilog.com/Cabri 3D -> C:\Program Files\Cabri\Cabri 3D Plug-in 2.1\bin\npcabri3d.dll [2011-08-23] (Cabrilog S.A.S.) FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [Brak pliku] FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Brak pliku] FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MI7967~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MI7967~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [Brak pliku] FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [Brak pliku] FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [Brak pliku] FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Brak pliku] FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Brak pliku] FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-117609710-854245398-725345543-1003: @cntv.cn/Live2 -> C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\waym27it.default\extensions\CNTVLive2@www.cntv.cn\plugins\npCNTVLive2.dll [Brak pliku] FF Plugin HKU\S-1-5-21-117609710-854245398-725345543-1003: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [Brak pliku] FF Plugin HKU\S-1-5-21-117609710-854245398-725345543-1003: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\admin\Dane aplikacji\Mozilla\plugins\npgoogletalk.dll [Brak pliku] FF Plugin HKU\S-1-5-21-117609710-854245398-725345543-1003: @talk.google.com/O1DPlugin -> C:\Documents and Settings\admin\Dane aplikacji\Mozilla\plugins\npo1d.dll [Brak pliku] FF Plugin HKU\S-1-5-21-117609710-854245398-725345543-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.29.5\npGoogleUpdate3.dll [Brak pliku] FF Plugin HKU\S-1-5-21-117609710-854245398-725345543-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.29.5\npGoogleUpdate3.dll [Brak pliku] FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npVividasPlayer.dll [2011-09-16] ( ) FF Extension: Auto Refresh - C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\waym27it.default\Extensions\autorefresh@plugin.xpi [2016-04-28] FF Extension: Add-on Compatibility Reporter - C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\waym27it.default\Extensions\compatibility@addons.mozilla.org.xpi [2016-04-27] FF Extension: Firebug - C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\waym27it.default\Extensions\firebug@software.joehewitt.com.xpi [2016-03-31] FF Extension: FoxyProxy Standard - C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\waym27it.default\Extensions\foxyproxy@eric.h.jung [2016-02-17] FF Extension: SQLite Manager - C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\waym27it.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2016-04-27] FF Extension: Video DownloadHelper - C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\waym27it.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-04-13] FF Extension: BetterPrivacy - C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\waym27it.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-11-27] FF Extension: PriceMInuus - C:\Documents and Settings\admin\Dane aplikacji\Mozilla\Firefox\Profiles\tzd2h352.Tomek\Extensions\Ve3eI@EtigO.com [2016-01-11] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-11-03] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon FF Extension: Bytemobile Optimization Client - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2012-11-12] [Brak podpisu cyfrowego] Chrome: ======= CHR dev: Chrome dev build wykryto! <======= UWAGA ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3993088 2016-04-06] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [886032 2016-04-14] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [593880 2016-04-06] (AVG Technologies CZ, s.r.o.) R2 EMP_NSWLSV; C:\Program Files\EPSON Projector\EMP NS Connection V2\EMP_NSWLSV.exe [98304 2008-05-09] (SEIKO EPSON CORPORATION) [Brak podpisu cyfrowego] R2 FileOpenManagerService; C:\Program Files\FileOpen\Services\FileOpenManagerService32.exe [213432 2012-11-07] (FileOpen Systems Inc.) R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [65536 2007-01-31] (The Firebird Project) [Brak podpisu cyfrowego] R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [1527893 2007-01-31] (The Firebird Project) [Brak podpisu cyfrowego] R2 HWDeviceService.exe; C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe [276048 2013-02-06] () R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-12-18] (Oracle Corporation) S2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [101736 2011-07-12] (Lenovo Group Limited) R3 lxbx_device; C:\WINDOWS\system32\lxbxcoms.exe [462848 2005-01-07] (Lexmark International, Inc.) S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 NFService; C:\Program Files\Fastream IQ Web FTP Server Engine\IQWebFTPServerEngine.exe [3221504 2008-10-14] (Fastream Technologies) [Brak podpisu cyfrowego] R2 Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [1645568 2012-09-24] () [Brak podpisu cyfrowego] R2 PwmEWSvc; C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE [1664064 2012-09-24] (Lenovo Group Limited) R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [2613200 2015-10-12] (Paramount Software UK Ltd) R2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [131432 2011-07-12] (Lenovo Group Limited) R2 TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [1118208 2010-12-10] () [Brak podpisu cyfrowego] R2 TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [1425408 2010-12-10] (Lenovo Group Limited) [Brak podpisu cyfrowego] R2 TVT Scheduler; C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [1171456 2010-12-10] (Lenovo Group Limited) [Brak podpisu cyfrowego] S3 wampapache; c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe [22016 2013-06-23] (Apache Software Foundation) [Brak podpisu cyfrowego] S3 wampmysqld; c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe [10923520 2013-06-23] () [Brak podpisu cyfrowego] S2 Apache2.2; "C:\xampp\apache\bin\httpd.exe" -k runservice [X] S3 AvgAMPS; "C:\Program Files\AVG\Av\avgamps.exe" [X] S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 Amfilter; C:\WINDOWS\System32\DRIVERS\Amfilter.sys [8704 2007-01-24] (A4Tech Co.,Ltd.) [Brak podpisu cyfrowego] S3 Amusbprt; C:\WINDOWS\System32\DRIVERS\Amusbprt.sys [14336 2007-03-13] (A4Tech Co.,Ltd.) [Brak podpisu cyfrowego] R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134944 2016-02-16] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [235808 2016-03-07] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [207792 2016-01-26] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [229296 2015-10-21] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [189216 2016-03-07] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [37296 2015-12-04] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231856 2015-10-08] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-11-10] (AVG Technologies) S3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [533152 2009-09-18] (Broadcom Corporation.) R3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [37160 2008-02-04] (Broadcom Corporation.) R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [993576 2010-09-23] (Broadcom Corporation.) S3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [156816 2008-07-24] (Broadcom Corporation.) S3 btwmodem; C:\WINDOWS\System32\DRIVERS\btwmodem.sys [37032 2008-02-04] (Broadcom Corporation.) S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [51752 2010-09-16] (Broadcom Corporation.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R3 dfmirage; C:\WINDOWS\System32\DRIVERS\dfmirage.sys [31896 2011-11-16] (DemoForge, LLC) R3 EboardTouch; C:\WINDOWS\System32\DRIVERS\eboard_touch.sys [16128 2011-06-16] (e@Board) R1 EMP_MAP; C:\WINDOWS\System32\DRIVERS\EMP_Map.sys [6400 2008-04-08] () [Brak podpisu cyfrowego] S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [13896 2013-03-07] () [Brak podpisu cyfrowego] S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9160 2013-03-07] () [Brak podpisu cyfrowego] S3 filtertdidriver; C:\WINDOWS\System32\drivers\ewfiltertdidriver.sys [7552 2009-02-27] (Huawei Technologies Co., Ltd.) [Brak podpisu cyfrowego] R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [217016 2010-06-02] (Conexant Systems, Inc.) R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [993464 2010-06-02] (Conexant Systems, Inc.) S3 huawei_cdcacm; C:\WINDOWS\System32\DRIVERS\ew_jucdcacm.sys [101248 2013-03-04] (Huawei Technologies Co., Ltd.) S3 huawei_cdcecm; C:\WINDOWS\System32\DRIVERS\ew_jucdcecm.sys [70528 2013-03-04] (Huawei Technologies Co., Ltd.) S3 huawei_ext_ctrl; C:\WINDOWS\System32\DRIVERS\ew_juextctrl.sys [27776 2013-03-04] (Huawei Technologies Co., Ltd.) S3 k750bus; C:\WINDOWS\System32\DRIVERS\k750bus.sys [55216 2005-07-07] (MCCI) S3 k750mdfl; C:\WINDOWS\System32\DRIVERS\k750mdfl.sys [6576 2005-07-07] (MCCI) S3 k750mdm; C:\WINDOWS\System32\DRIVERS\k750mdm.sys [89872 2005-07-07] (MCCI) S3 k750mgmt; C:\WINDOWS\System32\DRIVERS\k750mgmt.sys [81728 2005-07-07] (MCCI) S3 k750obex; C:\WINDOWS\System32\DRIVERS\k750obex.sys [79488 2005-07-07] (MCCI) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [98520 2016-01-04] (Malwarebytes Corporation) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) S3 Ndisprot; C:\WINDOWS\System32\DRIVERS\EP_NSWD.sys [19584 2008-04-08] (Windows (R) 2000 DDK provider) [Brak podpisu cyfrowego] R3 NETwLx32; C:\WINDOWS\System32\DRIVERS\NETwLx32.sys [6609920 2010-10-07] (Intel Corporation) R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-14] (Microsoft Corporation) R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2006-03-02] (Microsoft Corporation) R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2006-03-02] (Microsoft Corporation) R2 pmem; C:\WINDOWS\System32\drivers\pmemnt.sys [7012 2012-10-31] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 PSMounterEx; C:\WINDOWS\system32\drivers\psmounterex.sys [156048 2015-10-12] (Windows (R) Win 7 DDK provider) R0 pssnap; C:\WINDOWS\System32\DRIVERS\pssnap.sys [16016 2015-10-12] (Windows (R) Win 7 DDK provider) R0 sfdrv01a; C:\WINDOWS\System32\drivers\sfdrv01a.sys [63352 2006-07-05] (Protection Technology (StarForce)) R0 sfsync04; C:\WINDOWS\System32\drivers\sfsync04.sys [59776 2006-08-11] (Protection Technology (StarForce)) R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [466008 2012-11-09] (Duplex Secure Ltd.) R3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) R1 tcpipBM; C:\WINDOWS\system32\drivers\tcpipBM.sys [24192 2009-12-15] (Bytemobile, Inc.) [Brak podpisu cyfrowego] R1 TPHKDRV; C:\WINDOWS\System32\DRIVERS\TPHKDRV.sys [17844 2008-05-12] (Lenovo Group Limited) R1 TPPWRIF; C:\WINDOWS\System32\drivers\Tppwrif.sys [13936 2012-09-24] (Lenovo Group Limited) R3 vdisp; C:\WINDOWS\System32\DRIVERS\EMP_Vd1.sys [7680 2008-04-08] (Windows (R) 2000 DDK provider) S3 VNUSB; C:\WINDOWS\System32\DRIVERS\VNUSB.sys [38496 2006-04-07] (OLYMPUS IMAGING CORP.) [Brak podpisu cyfrowego] S3 WsAudio_DeviceS(1); C:\WINDOWS\System32\drivers\WsAudio_DeviceS(1).sys [25704 2011-12-09] (Wondershare) S3 WsAudio_DeviceS(2); C:\WINDOWS\System32\drivers\WsAudio_DeviceS(2).sys [25704 2011-12-09] (Wondershare) S3 WsAudio_DeviceS(3); C:\WINDOWS\System32\drivers\WsAudio_DeviceS(3).sys [25704 2011-12-09] (Wondershare) S3 WsAudio_DeviceS(4); C:\WINDOWS\System32\drivers\WsAudio_DeviceS(4).sys [25704 2011-12-09] (Wondershare) S3 WsAudio_DeviceS(5); C:\WINDOWS\System32\drivers\WsAudio_DeviceS(5).sys [25704 2011-12-09] (Wondershare) U3 alze95qd; C:\WINDOWS\system32\Drivers\alze95qd.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder) U5 avgunivx; C:\Windows\System32\Drivers\avgunivx.sys [61216 2016-03-08] (AVG Technologies CZ, s.r.o.) S0 BMLoad; system32\drivers\BMLoad.sys [X] U3 DfSdkS; Brak ImagePath U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [249600 2013-01-23] (Huawei Technologies Co., Ltd.) S4 IntelIde; Brak ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Brak podpisu cyfrowego] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-05-02 16:08 - 2016-05-02 16:31 - 19660800 _____ C:\WINDOWS\system32\config\systemold2 2016-05-02 16:07 - 2016-05-03 02:29 - 45088768 _____ C:\WINDOWS\system32\config\softwareold 2016-05-02 00:03 - 2016-05-02 00:03 - 20355776 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe 2016-05-01 22:43 - 2016-05-01 22:43 - 00078189 _____ C:\Documents and Settings\admin\Pulpit\scanlog.txt 2016-05-01 22:26 - 2016-05-01 22:26 - 00074448 _____ C:\Documents and Settings\admin\Pulpit\windiff.zip 2016-05-01 22:26 - 2016-05-01 22:26 - 00000000 ____D C:\Documents and Settings\admin\Pulpit\windiff 2016-05-01 12:17 - 2016-05-01 12:18 - 00016628 _____ C:\WINDOWS\ntbtlog.txt 2016-05-01 05:20 - 2016-05-02 16:52 - 00000000 ____D C:\FRST 2016-04-30 18:41 - 2016-05-02 16:52 - 00000000 ____D C:\WINDOWS\wirus 2016-04-28 10:53 - 2016-04-28 10:53 - 00000000 ____D C:\Documents and Settings\admin\Dane aplikacji\Enigma Software Group 2016-04-28 10:52 - 2016-04-28 10:52 - 00000000 ____D C:\sh4ldr 2016-04-28 10:50 - 2016-04-28 10:50 - 00019984 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys 2016-04-28 10:50 - 2016-04-28 10:50 - 00000000 ____D C:\Program Files\Enigma Software Group 2016-04-28 10:31 - 2016-04-28 10:31 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Documents and Settings\admin\Pulpit\SpyHunter-Installer.exe 2016-04-28 06:24 - 2016-04-28 06:24 - 02230208 _____ C:\Documents and Settings\admin\Pulpit\Arkusz 9.pdf 2016-04-25 23:23 - 2016-04-25 23:23 - 01774295 _____ C:\Documents and Settings\admin\Pulpit\Arkusz 8.pdf 2016-04-24 23:12 - 2016-04-24 23:12 - 01531370 _____ C:\Documents and Settings\admin\Pulpit\Arkusz 7.pdf 2016-04-20 23:04 - 2016-04-20 23:04 - 03446854 _____ C:\Documents and Settings\admin\Pulpit\Arkusz 6.pdf 2016-04-19 23:16 - 2016-04-19 23:16 - 01413246 _____ C:\Documents and Settings\admin\Pulpit\Arkusz 5.pdf 2016-04-19 11:13 - 2016-04-19 13:25 - 00000000 ____D C:\Documents and Settings\admin\Pulpit\mozillacacheview 2016-04-18 21:50 - 2016-04-18 21:50 - 00521927 _____ C:\Documents and Settings\admin\Pulpit\skanowanie0001.pdf 2016-04-16 19:28 - 2016-04-16 19:28 - 00398594 _____ C:\Documents and Settings\admin\Pulpit\Zadania otwarte krótkiej odpowiedzi (I-II).pdf 2016-04-14 00:01 - 2016-04-14 00:01 - 01430502 _____ C:\Documents and Settings\admin\Pulpit\Arkusz 4.pdf 2016-04-11 21:33 - 2016-04-11 21:33 - 02005567 _____ C:\Documents and Settings\admin\Pulpit\Arkusz 3.pdf 2016-04-11 19:13 - 2016-04-11 19:13 - 00037627 _____ C:\Documents and Settings\admin\Pulpit\spkrasni20160411.pdf 2016-04-06 22:53 - 2016-04-06 22:53 - 01313690 _____ C:\Documents and Settings\admin\Pulpit\Arkusz II.pdf 2016-04-06 10:14 - 2016-04-06 12:23 - 00013824 _____ C:\Documents and Settings\admin\Pulpit\Prymusi absolwenci.xls 2016-04-06 07:38 - 2016-04-06 09:39 - 00583186 _____ C:\Documents and Settings\admin\Pulpit\Sprawdzian szóstoklsisty.pptx 2016-04-03 19:21 - 2016-04-03 19:21 - 02759732 _____ C:\Documents and Settings\admin\Pulpit\Arkusz 1.pdf 2016-04-03 14:43 - 2016-04-03 14:43 - 00000000 ____D C:\Documents and Settings\admin\Pulpit\re_wskazówki ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-05-02 17:47 - 2015-11-02 23:24 - 00000442 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1446499447.job 2016-05-02 17:47 - 2013-03-20 20:18 - 00000000 ____D C:\Program Files\Opera 2016-05-02 17:45 - 2013-06-03 10:47 - 00000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 2016-05-02 17:45 - 2012-10-31 14:08 - 00567096 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-05-02 17:45 - 2012-10-31 13:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-05-02 16:52 - 2012-10-31 13:28 - 00000000 ____D C:\Documents and Settings\admin\Ustawienia lokalne\Temp 2016-05-02 16:48 - 2016-01-10 20:56 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat 2016-05-02 16:48 - 2012-11-02 09:44 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\MFAData 2016-05-02 16:47 - 2012-10-31 18:58 - 00000300 _____ C:\WINDOWS\Tasks\PMTask.job 2016-05-02 16:14 - 2006-03-02 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2016-05-02 15:03 - 2014-10-04 17:19 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-05-02 14:45 - 2015-12-04 08:34 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-117609710-854245398-725345543-1003UA.job 2016-05-02 04:45 - 2015-12-04 08:34 - 00001080 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-117609710-854245398-725345543-1003Core.job 2016-05-02 03:07 - 2012-11-01 21:13 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help 2016-05-02 00:03 - 2015-11-02 23:56 - 00000992 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-05-02 00:03 - 2014-10-04 17:19 - 00797376 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2016-05-02 00:03 - 2014-10-04 17:19 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2016-05-01 22:56 - 2012-10-31 17:49 - 00165440 _____ C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2016-05-01 22:43 - 2012-10-31 13:28 - 00000000 ____D C:\Documents and Settings\admin\Pulpit 2016-05-01 05:20 - 2012-10-31 14:08 - 00000000 ___HD C:\Documents and Settings\Default User 2016-05-01 05:20 - 2012-10-31 13:27 - 00000000 __SHD C:\Documents and Settings\NetworkService 2016-05-01 05:20 - 2012-10-31 13:27 - 00000000 __SHD C:\Documents and Settings\LocalService 2016-04-29 22:34 - 2012-10-31 13:28 - 00000000 ____D C:\Documents and Settings\admin 2016-04-29 10:10 - 2012-10-31 14:06 - 19660800 _____ C:\WINDOWS\system32\config\systemold 2016-04-28 21:13 - 2012-10-31 14:00 - 00000000 ___HD C:\WINDOWS\inf 2016-04-28 18:11 - 2013-04-16 09:42 - 00004608 _____ C:\autozapis_.pf+ 2016-04-28 13:27 - 2015-08-31 09:50 - 00000000 ____D C:\Documents and Settings\admin\Pulpit\Rok szkolny 2015-2016 2016-04-28 11:32 - 2012-10-31 13:18 - 00001599 _____ C:\Documents and Settings\Default User\Menu Start\Programy\Pomoc zdalna.lnk 2016-04-28 11:32 - 2012-10-31 13:18 - 00001507 _____ C:\Documents and Settings\All Users\Menu Start\Windows Update.lnk 2016-04-28 11:18 - 2012-10-31 13:28 - 00001599 _____ C:\Documents and Settings\admin\Menu Start\Programy\Pomoc zdalna.lnk 2016-04-28 10:53 - 2012-10-31 13:28 - 00000000 __RHD C:\Documents and Settings\admin\Dane aplikacji 2016-04-28 06:03 - 2012-10-31 13:27 - 00032420 _____ C:\WINDOWS\SchedLgU.Txt 2016-04-27 09:00 - 2013-01-08 20:59 - 00002539 _____ C:\Documents and Settings\admin\Menu Start\Microsoft Office Word 2003.lnk 2016-04-22 09:53 - 2013-11-29 14:14 - 00000000 ____D C:\Program Files\Lx_cats 2016-04-20 21:14 - 2012-10-31 13:28 - 00000188 ___SH C:\Documents and Settings\admin\ntuser.ini 2016-04-20 20:34 - 2012-11-12 15:02 - 00010856 _____ C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt 2016-04-20 12:48 - 2015-09-13 16:17 - 00000000 ____D C:\Documents and Settings\admin\Pulpit\osobiste i rodzinne 2016-04-19 13:26 - 2012-11-01 21:18 - 00131072 _____ C:\WINDOWS\system32\config\OAlerts.evt 2016-04-18 10:31 - 2013-01-13 20:10 - 00002557 _____ C:\Documents and Settings\admin\Menu Start\Microsoft Office Excel 2003.lnk 2016-04-18 07:32 - 2012-11-01 22:49 - 00000000 ____D C:\Documents and Settings\admin\Pulpit\Skróty do programów 2016-04-18 07:22 - 2012-10-31 14:09 - 01254796 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-04-18 07:22 - 2006-03-02 14:00 - 00555410 _____ C:\WINDOWS\system32\perfh015.dat 2016-04-18 07:22 - 2006-03-02 14:00 - 00105058 _____ C:\WINDOWS\system32\perfc015.dat 2016-04-17 22:15 - 2014-08-28 22:09 - 00000000 ____D C:\Documents and Settings\admin\Pulpit\Pliki z pulpitu 2016-04-17 22:11 - 2014-01-23 10:22 - 00000000 ____D C:\Documents and Settings\admin\Pulpit\Pobieranie 2016-04-17 21:39 - 2012-11-01 21:05 - 00000421 _____ C:\WINDOWS\ODBC.INI 2016-04-17 21:33 - 2013-08-29 13:31 - 00000000 ____D C:\Documents and Settings\admin\Pulpit\Rok szkolny 2013-2014 2016-04-15 07:41 - 2012-10-31 14:08 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2016-04-14 23:38 - 2014-06-18 09:36 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2016-04-14 03:15 - 2013-07-23 22:16 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-04-14 03:03 - 2012-11-02 19:12 - 132539272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-04-13 11:48 - 2016-03-23 13:17 - 00033280 ___SH C:\Documents and Settings\admin\Pulpit\Thumbs.db 2016-04-11 21:55 - 2015-10-25 21:00 - 00000000 ____D C:\Documents and Settings\admin\Pulpit\Przygotowania do matury 2016-04-10 01:27 - 2015-11-11 12:32 - 00000000 ____D C:\Documents and Settings\admin\Pulpit\Instrukcje ==================== Pliki w katalogu głównym wybranych folderów ======= 2013-12-15 14:48 - 2013-12-15 14:48 - 0000008 ___SH () C:\Program Files\.dat000001.dat 2013-12-15 14:48 - 2013-12-15 14:48 - 0000008 ___SH () C:\Program Files\.dat000002.dat 2013-12-15 14:48 - 2013-12-17 18:24 - 0000008 ___SH () C:\Program Files\.data110704.dat 2013-12-15 14:48 - 2013-12-17 18:24 - 0000008 ___SH () C:\Program Files\.data211004.dat 2013-12-15 14:48 - 2013-12-17 18:24 - 0000008 ___SH () C:\Program Files\.data211204.dat 2013-12-15 14:48 - 2013-12-15 14:48 - 0000008 ___SH () C:\Program Files\.drv120405.dat 2013-10-28 00:28 - 2013-10-28 00:29 - 0000038 _____ () C:\Program Files\GPACgpac_pl.m3u 2013-06-27 11:42 - 2014-01-08 17:40 - 0003728 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml 2013-12-15 14:48 - 2013-12-17 18:24 - 0000008 ___SH () C:\Documents and Settings\admin\Dane aplikacji\.addit001.dat 2013-12-15 14:48 - 2013-12-15 14:48 - 0000008 ___SH () C:\Documents and Settings\admin\Dane aplikacji\.app190905.dat 2013-12-15 14:48 - 2013-12-17 18:24 - 0000008 ___SH () C:\Documents and Settings\admin\Dane aplikacji\.data000.dat 2013-12-15 14:48 - 2013-12-17 18:24 - 0000008 ___SH () C:\Documents and Settings\admin\Dane aplikacji\.data001.dat 2013-12-15 14:48 - 2013-12-15 14:48 - 0000008 ___SH () C:\Documents and Settings\admin\Dane aplikacji\.drv120205.dat 2013-12-15 14:48 - 2013-12-15 14:48 - 0000008 ___SH () C:\Documents and Settings\admin\Dane aplikacji\.drv190904.dat 2014-01-18 21:10 - 2014-01-18 21:11 - 0001802 _____ () C:\Documents and Settings\admin\Dane aplikacji\LiveSupport.exe_log.txt 2014-01-18 21:10 - 2014-01-18 21:11 - 0000084 _____ () C:\Documents and Settings\admin\Dane aplikacji\regsvr32.exe_log.txt 2012-11-11 12:38 - 2016-02-04 14:08 - 0038400 _____ () C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-10-06 17:29 - 2013-10-06 17:29 - 0000001 _____ () C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\llftool.4.12.agreement 2013-05-20 20:59 - 2013-05-20 20:59 - 0000001 _____ () C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\llftool.4.30.agreement 2013-01-01 18:14 - 2013-01-05 19:41 - 0000600 _____ () C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\PUTTY.RND 2015-11-10 10:29 - 2015-11-10 10:29 - 0003109 _____ () C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\recently-used.xbel 2012-11-02 21:46 - 2012-11-02 21:46 - 0002160 _____ () C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\unins000.dat 2012-11-02 21:46 - 2012-11-02 21:46 - 0707504 _____ () C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\unins000.exe 2012-11-02 21:46 - 2012-11-02 21:46 - 0011761 _____ () C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\unins000.msg 2014-10-22 21:45 - 2009-09-24 21:36 - 0000486 _____ () C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\uninstall.html 2013-02-18 22:51 - 2013-02-18 22:51 - 0000003 _____ () C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\updater.log 2013-02-18 22:52 - 2015-10-03 23:00 - 0000412 _____ () C:\Documents and Settings\admin\Ustawienia lokalne\Dane aplikacji\UserProducts.xml Niektóre pliki w TEMP: ==================== C:\Documents and Settings\admin\Ustawienia lokalne\Temp\avguirn_081609944406.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo ==================== Koniec FRST.txt ============================