Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:16-05-2016 Uruchomiony przez Admin (administrator) IBO-2007 (23-05-2016 16:46:00) Uruchomiony z E:\MOJE DOKUMENTY\A-virusy\FRST & inne Załadowane profile: Admin (Dostępne profile: Admin & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 8 (Domyślna przeglądarka: "E:\MOJE DOKUMENTY\PROGRAMY UŻYTKI\Mozilla Firefox\FirefoxPortable\App\Firefox\firefox.exe" -osint -url "%1") Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (G Data Software) C:\Program Files\G Data Software\G Data TopSecret 4\TSNxGTray.exe (Symantec Corporation) C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Logitech Inc.) C:\WINDOWS\system32\LVCOMSX.EXE (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Doctor Web, Ltd.) C:\PROGRA~1\DrWeb\spiderui.exe (Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Logitech Inc.) C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Symantec Corporation) C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe (G DATA Software Sp. z o.o.) C:\WINDOWS\KbdLockService.exe (Symantec Corporation) C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE (Microsoft Corporation) C:\WINDOWS\system32\locator.exe (Symantec Corporation) C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.exe (Doctor Web, Ltd.) C:\PROGRA~1\DrWeb\spidernt.exe (Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe (G Data Software) C:\Program Files\G Data Software\G Data TopSecret 4\TSNxGService.exe (Microsoft Corp., Veritas Software) C:\WINDOWS\system32\dmadmin.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe (Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [Logitech Utility] => C:\WINDOWS\Logi_MwX.Exe [19968 2003-12-17] (Logitech Inc.) HKLM\...\Run: [TSNxG4Tray] => C:\Program Files\G Data Software\G Data TopSecret 4\TSNxGTray.exe [243048 2009-05-19] (G Data Software) HKLM\...\Run: [GhostStartTrayApp] => C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe [94208 1983-08-28] (Symantec Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104 2006-11-14] (Synaptics, Inc.) HKLM\...\Run: [LVCOMSX] => C:\WINDOWS\system32\LVCOMSX.EXE [221184 2005-07-19] (Logitech Inc.) HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [472776 2007-01-10] (Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2312824 2015-08-26] (Logitech, Inc.) HKLM\...\Run: [Zone Labs Client] => C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [714000 2004-09-22] (Zone Labs Inc.) HKLM\...\Run: [SpIDerNT] => C:\Program Files\DrWeb\spiderui.exe [197896 2008-10-23] (Doctor Web, Ltd.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2015-07-02] (Logitech, Inc.) HKU\S-1-5-21-1935655697-484061587-839522115-1003\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia) ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2008-05-26] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Admin\Dane aplikacji\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Admin\Dane aplikacji\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Admin\Dane aplikacji\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Admin\Dane aplikacji\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Admin\Dane aplikacji\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Admin\Dane aplikacji\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Admin\Dane aplikacji\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Admin\Dane aplikacji\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-06-27] (Google) ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-06-27] (Google) ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-06-27] (Google) ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-06-27] (Google) ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2014-06-27] (Google) BootExecute: autocheck autochk * SmartDefragBootTime.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\..\Interfaces\{78E8194C-54B7-4E73-ADFF-36A551A12762}: [DhcpNameServer] 213.199.212.9 213.199.225.14 213.199.212.19 194.204.152.34 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1935655697-484061587-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.pl/ HKU\S-1-5-21-1935655697-484061587-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO: ALLYouTubeDownloader -> {61DB16C5-B733-43F4-872E-B20DC9E72740} -> C:\Program Files\ALLYouTubeDownloader\ALLYouTubeDownloader.dll [2012-12-16] (ALLCinema Ltd.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-14] (Oracle Corporation) BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems Incorporated) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-14] (Oracle Corporation) BHO: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll [2011-02-09] (ALLCinema Ltd.) Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems Incorporated) Toolbar: HKU\.DEFAULT -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-1935655697-484061587-839522115-1003 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems Incorporated) DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab DPF: {68282C51-9459-467B-95BF-3C0E89627E55} hxxp://www.mks.com.pl/skaner/SkanerOnline.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} hxxps://www.bph.pl/pi/components/SignActivX.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab FireFox: ======== FF ProfilePath: C:\Documents and Settings\Admin\Dane aplikacji\Mozilla\Firefox\Profiles\zpfwy7q4.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-11] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC) FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-14] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-14] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Pro 9\npnitromozilla.dll [2014-08-01] (Nitro PDF) FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( ) FF Plugin: @rayv.com/rayvplugin -> C:\Program Files\RayV\RayV\plugins\nprayvplugin.dll [2010-06-28] (RayV) FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-07-31] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-07-31] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems) FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-10-22] [Brak podpisu cyfrowego] StartMenuInternet: FIREFOX.EXE - E:\MOJE DOKUMENTY\PROGRAMY UŻYTKI\Mozilla Firefox\FirefoxPortable\App\Firefox\firefox.exe ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S4 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc.exe [955712 2016-04-04] (Avira Operations GmbH & Co. KG) S4 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG) S4 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE [1238968 2016-04-04] (Avira Operations GmbH & Co. KG) S4 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG) R2 btwdins; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [266295 2005-08-29] (Broadcom Corporation.) [Brak podpisu cyfrowego] S4 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96370 2007-01-31] (Canon Inc.) [Brak podpisu cyfrowego] S4 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-06-05] (Macrovision Europe Ltd.) [Brak podpisu cyfrowego] R2 GhostStartService; C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartService.exe [200704 2003-05-28] (Symantec Corporation) [Brak podpisu cyfrowego] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego] S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-07-15] (Oracle Corporation) R2 KbdLockService; C:\WINDOWS\KbdLockService.exe [173432 2009-12-29] (G DATA Software Sp. z o.o.) S3 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2006-10-19] (Hewlett-Packard Company) [Brak podpisu cyfrowego] S3 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9.exe [197128 2014-08-01] (Nitro PDF Software) S3 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [392712 2014-08-01] () R2 NProtectService; C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE [86016 2003-10-17] (Symantec Corporation) [Brak podpisu cyfrowego] S3 OutpostFirewall; C:\Program Files\Agnitum\Outpost Firewall 1.0\outpost.exe [78848 2002-02-20] (Agnitum) [Brak podpisu cyfrowego] S2 PCA; C:\WINDOWS\SMINST\PCAngel.exe [294912 2006-01-12] (SoftThinks) [Brak podpisu cyfrowego] S4 Seagate Dashboard Services; C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-07-15] (Seagate Technology LLC) S4 Seagate MobileBackup Service; C:\Program Files\Seagate\Seagate Dashboard 2.0\MobileService.exe [143656 2015-07-15] (Seagate Technology LLC) R2 Speed Disk service; C:\Program Files\Norton SystemWorks\Norton Utilities\Speed Disk\NOPDB.exe [176193 2003-10-17] (Symantec Corporation) [Brak podpisu cyfrowego] R2 SPIDERNT; C:\Program Files\DrWeb\spidernt.exe [197896 2008-10-23] (Doctor Web, Ltd.) S4 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [Brak podpisu cyfrowego] S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego] R2 TSNxGService; C:\Program Files\G Data Software\G Data TopSecret 4\TSNxGService.exe [304488 2009-05-19] (G Data Software) S4 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2003-12-04] (Ulead Systems, Inc.) [Brak podpisu cyfrowego] S2 vsmon; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [918792 2004-09-22] (Zone Labs Inc.) S3 Wmi; C:\WINDOWS\System32\advapi32.dll [617472 2012-08-29] (Microsoft Corporation) [Brak podpisu cyfrowego] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 actser; C:\WINDOWS\System32\drivers\actser.sys [29440 2005-11-30] (Siemens AG) [Brak podpisu cyfrowego] S3 ADBLOCK.DLL; C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\ADBLOCK.dll [15552 2002-02-20] (Agnitum) [Brak podpisu cyfrowego] R0 AlfaFF; C:\WINDOWS\System32\Drivers\AlfaFF.sys [50320 2009-12-29] (Alfa Corporation) R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [17005 2003-05-28] (Adaptec) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [109016 2016-04-04] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [137240 2016-04-04] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2016-04-04] (Avira Operations GmbH & Co. KG) S3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [428269 2005-08-29] (Broadcom Corporation.) [Brak podpisu cyfrowego] S3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [30363 2005-08-29] (Broadcom Corporation.) [Brak podpisu cyfrowego] R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [853258 2005-08-29] (Broadcom Corporation.) [Brak podpisu cyfrowego] S3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [148360 2005-08-29] (Broadcom Corporation.) [Brak podpisu cyfrowego] S3 btwmodem; C:\WINDOWS\System32\DRIVERS\btwmodem.sys [30221 2005-08-29] (Broadcom Corporation.) [Brak podpisu cyfrowego] S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [64344 2005-08-29] (Broadcom Corporation.) [Brak podpisu cyfrowego] S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) S3 CONTENT.DLL; C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Content.dll [3904 2002-02-20] (Agnitum) [Brak podpisu cyfrowego] S3 DNSCACHE.DLL; C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Dnscache.dll [6144 2002-02-20] (Agnitum) [Brak podpisu cyfrowego] R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [34760 2006-12-26] (SlySoft, Inc.) R2 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [15440 2006-12-26] (Elaborate Bytes AG) R3 ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [3968 2004-06-09] (Elaborate Bytes AG) [Brak podpisu cyfrowego] R1 FsVga; C:\WINDOWS\System32\DRIVERS\fsvga.sys [12288 2001-10-26] (Microsoft Corporation) S3 FTPFILT.DLL; C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Ftpfilt.dll [6304 2002-02-20] (Agnitum) [Brak podpisu cyfrowego] R1 GhPciScan; C:\Program Files\Norton SystemWorks\Norton Ghost\ghpciscan.sys [5632 2003-05-28] (Symantec Corporation) [Brak podpisu cyfrowego] R1 GLogin; C:\WINDOWS\System32\Drivers\GLogin.sys [39544 2009-12-29] (G DATA Software Sp. z o.o.) R2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.) R3 HdAudAddService; C:\WINDOWS\System32\drivers\CHDAud.sys [581632 2006-07-27] (Conexant Systems Inc.) R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [208384 2006-08-29] (Conexant Systems, Inc.) R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [990592 2006-08-29] (Conexant Systems, Inc.) S3 HTMLFILT.DLL; C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Htmlfilt.dll [7776 2002-02-20] (Agnitum) [Brak podpisu cyfrowego] S3 HTTPFILT.DLL; C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Httpfilt.dll [9152 2002-02-20] (Agnitum) [Brak podpisu cyfrowego] S3 IMAPFILT.DLL; C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Imapfilt.dll [7072 2002-02-20] (Agnitum) [Brak podpisu cyfrowego] S3 L8042pr2; C:\WINDOWS\System32\DRIVERS\L8042pr2.Sys [51729 2003-12-17] (Logitech, Inc.) R3 LCcfltr; C:\WINDOWS\System32\Drivers\LCcFltr.Sys [14095 2003-12-17] (Logitech, Inc.) R3 LHidUsb; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [37887 2003-12-17] (Logitech, Inc.) R3 LVUSBSta; C:\WINDOWS\System32\drivers\lvusbsta.sys [22016 2005-05-27] (Logitech Inc.) S3 MAILFILT.DLL; C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Mailfilt.dll [9920 2002-02-20] (Agnitum) [Brak podpisu cyfrowego] S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R3 NETw4x32; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2210816 2007-08-28] (Intel Corporation) S3 NNTPFILT.DLL; C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Nntpfilt.dll [6656 2002-02-20] (Agnitum) [Brak podpisu cyfrowego] R3 NPDriver; C:\WINDOWS\system32\Drivers\NPDRIVER.SYS [258476 2003-09-10] (Symantec Corporation) [Brak podpisu cyfrowego] R2 NSHE; C:\WINDOWS\system32\Drivers\NSHE.SYS [97792 2008-11-23] (T0r0 2008) [Brak podpisu cyfrowego] S3 PBDOWNFORCE_SERVICE; E:\MOJE DOKUMENTY\PROGRAMY UŻYTKI\antyban\PBDownforce.sys [20480 2006-05-13] () [Brak podpisu cyfrowego] S3 POP3FILT.DLL; C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Pop3filt.dll [7136 2002-02-20] (Agnitum) [Brak podpisu cyfrowego] S3 PortTalk; C:\WINDOWS\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic hxxp://www.beyondlogic.org) [Brak podpisu cyfrowego] S3 PROTECT.DLL; C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\Protect.dll [15584 2002-02-20] (Agnitum) [Brak podpisu cyfrowego] S3 QCMerced; C:\WINDOWS\System32\DRIVERS\LVCM.sys [1317152 2005-05-27] () R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [113104 2012-08-17] (Power Software Ltd) S3 SDdriver; C:\WINDOWS\system32\Drivers\sddriver.sys [90272 2003-09-10] (Symantec Corporation) [Brak podpisu cyfrowego] R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [14776 2010-11-26] () R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [47744 2006-07-06] () S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation) R2 SPIDER; C:\Program Files\DrWeb\spider.sys [268040 2008-10-23] (Doctor Web, Ltd.) R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [31848 2016-04-04] (Avira Operations GmbH & Co. KG) R3 SymEvent; C:\Program Files\Symantec\SYMEVENT.SYS [82136 2003-12-04] (Symantec Corporation) R0 TS4NT; C:\WINDOWS\System32\Drivers\TS4nt.sys [98304 2009-12-29] (G Data Software) [Brak podpisu cyfrowego] S3 USB-100; C:\WINDOWS\System32\DRIVERS\USBKR100.SYS [27519 2001-06-20] (Billionton Corporation Reserved.) [Brak podpisu cyfrowego] R1 VFILT; C:\Program Files\Agnitum\Outpost Firewall 1.0\Kernel\2000\Filtnt.sys [90752 2002-02-20] (Agnitum) [Brak podpisu cyfrowego] R3 vsbus; C:\WINDOWS\System32\DRIVERS\vsb.sys [15264 2005-11-30] () [Brak podpisu cyfrowego] R1 vsdatant; C:\WINDOWS\System32\vsdatant.sys [271344 2004-09-22] (Zone Labs Inc.) S3 vserial; C:\WINDOWS\System32\DRIVERS\vserial.sys [47744 2005-11-30] () [Brak podpisu cyfrowego] S3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2210048 2007-06-28] (Intel® Corporation) S3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1429632 2006-04-04] (Intel® Corporation) U5 eabusb; C:\Windows\System32\Drivers\eabusb.sys [5760 2005-09-19] (Hewlett-Packard Development Company, L.P.) U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-05-23 12:56 - 2016-05-23 12:56 - 00000000 ____D C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\NokiaAccount 2016-05-21 16:38 - 2016-05-21 16:38 - 00000000 ____D C:\Documents and Settings\Admin\Menu Start\Programy\Autostart 2016-05-21 15:17 - 2016-05-21 15:17 - 00000000 ____D C:\Documents and Settings\Admin\Dane aplikacji\Macromedia 2016-05-20 16:25 - 2016-05-20 16:25 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\YTD Video Downloader 2016-05-20 10:52 - 2016-05-20 10:53 - 00000000 ____D C:\Documents and Settings\Admin\Pulpit\0 601 347 003 2016-05-20 02:51 - 2016-05-20 02:51 - 01057300 _____ C:\Documents and Settings\Admin\Pulpit\MHDD.pdf 2016-05-20 02:03 - 2016-05-20 21:09 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-05-20 01:51 - 2016-05-20 01:51 - 00000777 _____ C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk 2016-05-20 01:51 - 2016-05-20 01:51 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2016-05-20 01:51 - 2016-05-20 01:51 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware 2016-05-20 01:51 - 2016-05-20 01:51 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2016-05-20 01:51 - 2016-03-10 14:09 - 00123264 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-05-20 01:51 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-05-19 13:03 - 2016-05-20 01:40 - 00000000 ____D C:\AdwCleaner 2016-05-19 02:25 - 2016-05-23 16:44 - 00000000 ____D C:\Documents and Settings\Admin\Dane aplikacji\Mozilla 2016-05-17 20:07 - 2016-05-23 16:46 - 00000000 ____D C:\FRST 2016-05-17 18:58 - 2016-05-17 18:58 - 00001517 _____ C:\Documents and Settings\All Users\Pulpit\Skaner Dr.Web.lnk 2016-05-17 18:58 - 2016-05-17 18:58 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Dr.Web 2016-05-16 22:08 - 2016-05-16 22:16 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Avira 2016-05-16 22:07 - 2016-05-16 22:16 - 00000000 ____D C:\Program Files\Avira 2016-05-16 22:07 - 2016-04-04 17:07 - 00137240 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2016-05-16 22:07 - 2016-04-04 17:07 - 00109016 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2016-05-16 22:07 - 2016-04-04 17:07 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2016-05-16 22:07 - 2016-04-04 17:07 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\ssmdrv.sys 2016-05-16 02:06 - 2016-05-16 02:07 - 00120665 _____ C:\Documents and Settings\Admin\Pulpit\Opis konsoli odzyskiwania systemu Windows 2000.pdf 2016-05-15 23:43 - 2016-05-23 16:46 - 00000000 ____D C:\Documents and Settings\Admin\Ustawienia lokalne\temp 2016-05-15 23:43 - 2016-05-15 23:43 - 00000000 ____D C:\Documents and Settings\NetworkService\Ustawienia lokalne\temp 2016-05-15 23:43 - 2016-05-15 23:43 - 00000000 ____D C:\Documents and Settings\Default User\Ustawienia lokalne\temp 2016-05-15 23:43 - 2016-05-15 23:43 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\temp 2016-05-15 01:58 - 2016-05-15 01:58 - 00000000 ____D C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Mozilla 2016-05-14 10:57 - 2016-05-14 10:57 - 00000000 ____D C:\Documents and Settings\Admin\Menu Start\Programy\Dropbox 2016-05-13 15:14 - 2016-05-13 15:17 - 162163344 _____ C:\Documents and Settings\Admin\Moje dokumenty\Image.img 2016-05-13 15:14 - 2016-05-13 15:17 - 06618912 _____ C:\Documents and Settings\Admin\Moje dokumenty\Image.sub 2016-05-13 15:14 - 2016-05-13 15:17 - 00000771 _____ C:\Documents and Settings\Admin\Moje dokumenty\Image.ccd 2016-05-11 02:03 - 2016-05-11 02:03 - 00106496 _____ C:\WINDOWS\Minidump\Mini051116-01.dmp 2016-05-06 00:25 - 2016-05-06 00:25 - 00187904 _____ C:\Documents and Settings\Admin\Pulpit\UR 7-2 2016 Mechanicy i Elektrycy - V-VIII.xls 2016-05-06 00:25 - 2016-05-06 00:25 - 00182784 _____ C:\Documents and Settings\Admin\Pulpit\UR 7-2 2016 Mechanicy i Elektrycy - I-IV.xls 2016-05-05 00:32 - 2016-05-05 00:33 - 00187330 _____ C:\Documents and Settings\Admin\Pulpit\Namiot rodzinny 6 osobowy Nevada LP Outwell Wawa (6102077117).pdf ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-05-23 16:45 - 2007-08-17 20:51 - 00005114 _____ C:\WINDOWS\wincmd.ini 2016-05-23 16:44 - 2008-11-27 19:52 - 00000000 ____D C:\swsetup 2016-05-23 16:44 - 2007-08-18 21:13 - 00000000 ____D C:\Program Files\DrWeb 2016-05-23 15:53 - 2015-08-23 21:48 - 00001236 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1935655697-484061587-839522115-1003UA.job 2016-05-23 15:33 - 2007-08-17 20:25 - 00000000 ____D C:\Documents and Settings\Admin\Pulpit 2016-05-23 13:02 - 2010-08-29 12:25 - 00000000 ____D C:\Documents and Settings\Admin\Moje dokumenty\Pobieranie 2016-05-23 12:56 - 2007-08-17 20:25 - 00000000 ___HD C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji 2016-05-23 06:39 - 2007-08-19 16:08 - 00000000 ____D C:\WINDOWS\Internet Logs 2016-05-23 06:39 - 2007-08-17 20:05 - 00000000 ____D C:\WINDOWS\Registration 2016-05-23 06:38 - 2007-08-17 20:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-05-22 21:49 - 2007-08-17 20:25 - 00000292 ___SH C:\Documents and Settings\Admin\ntuser.ini 2016-05-22 21:49 - 2007-08-17 20:14 - 00032616 _____ C:\WINDOWS\SchedLgU.Txt 2016-05-22 19:19 - 2007-08-17 21:24 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2016-05-22 19:19 - 2007-08-17 21:22 - 00000297 ___SH C:\boot.ini 2016-05-22 19:19 - 2007-08-17 20:05 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy\Narzędzia administracyjne 2016-05-22 19:19 - 2001-07-21 22:16 - 00000698 _____ C:\WINDOWS\win.ini 2016-05-22 19:19 - 2001-07-21 22:15 - 00000327 _____ C:\WINDOWS\system.ini 2016-05-22 19:17 - 2007-08-19 12:07 - 03831242 _____ C:\WINDOWS\ntbtlog.txt 2016-05-21 17:53 - 2015-08-23 21:48 - 00000000 ____D C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Dropbox 2016-05-21 16:41 - 2007-08-17 21:23 - 00057344 _____ C:\WINDOWS\system32\config\SECURITY.bak 2016-05-21 16:41 - 2007-08-17 21:23 - 00028672 _____ C:\WINDOWS\system32\config\SAM.bak 2016-05-21 16:41 - 2007-08-17 21:22 - 45088768 _____ C:\WINDOWS\system32\config\software.bak 2016-05-21 16:41 - 2007-08-17 21:22 - 13631488 _____ C:\WINDOWS\system32\config\system.bak 2016-05-21 16:41 - 2007-08-17 21:22 - 01638400 _____ C:\WINDOWS\system32\config\default.bak 2016-05-21 16:41 - 2007-08-17 20:25 - 14680064 _____ C:\Documents and Settings\Admin\NTUSER.bak 2016-05-21 16:41 - 2007-08-17 20:25 - 00000000 ____D C:\Documents and Settings\Admin 2016-05-21 16:41 - 2007-08-17 20:14 - 00241664 _____ C:\Documents and Settings\LocalService\NTUSER.bak 2016-05-21 16:41 - 2007-08-17 20:14 - 00000000 __SHD C:\Documents and Settings\LocalService 2016-05-21 16:41 - 2007-08-17 20:13 - 00241664 _____ C:\Documents and Settings\NetworkService\NTUSER.bak 2016-05-21 16:41 - 2007-08-17 20:13 - 00000000 __SHD C:\Documents and Settings\NetworkService 2016-05-21 16:39 - 2008-12-25 13:03 - 00000000 ____D C:\WINDOWS\ERDNT 2016-05-21 16:38 - 2007-08-17 20:25 - 00000000 ___RD C:\Documents and Settings\Admin\Menu Start\Programy 2016-05-21 16:02 - 2015-02-01 13:43 - 00000000 ____D C:\Documents and Settings\Admin\Dane aplikacji\Nitro PDF 2016-05-21 15:17 - 2007-08-17 20:25 - 00000000 ___HD C:\Documents and Settings\Admin\Dane aplikacji 2016-05-20 21:37 - 2007-08-17 21:17 - 00000000 ____D C:\WINDOWS\addins 2016-05-20 18:19 - 2008-03-25 19:38 - 00000000 ____D C:\Program Files\Total Video Converter 2016-05-20 16:25 - 2007-08-17 21:24 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2016-05-20 16:24 - 2007-08-17 20:25 - 00000000 ___RD C:\Documents and Settings\Admin\Moje dokumenty\Moje obrazy 2016-05-20 15:57 - 2007-08-17 20:13 - 00000000 __SHD C:\Documents and Settings\NetworkService\Ustawienia lokalne\Historia 2016-05-20 15:56 - 2007-08-17 20:25 - 00000000 __SHD C:\Documents and Settings\Admin\Ustawienia lokalne\Historia 2016-05-20 15:56 - 2007-08-17 20:14 - 00000000 __SHD C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia 2016-05-20 08:27 - 2007-08-17 20:25 - 00000000 ___RD C:\Documents and Settings\Admin\Moje dokumenty 2016-05-20 01:51 - 2007-08-17 21:24 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2016-05-19 13:39 - 2015-09-20 23:27 - 00000000 ____D C:\Documents and Settings\Admin\Dane aplikacji\Logitech 2016-05-19 13:39 - 2015-09-20 23:27 - 00000000 ____D C:\Documents and Settings\Admin\Dane aplikacji\Logishrd 2016-05-19 13:39 - 2015-05-14 15:55 - 00000000 ____D C:\Documents and Settings\Admin\Moje dokumenty\Bluetooth 2016-05-19 13:39 - 2015-03-26 14:25 - 00000000 ____D C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\Adobe 2016-05-19 13:39 - 2014-11-17 11:21 - 00000000 ____D C:\Documents and Settings\Admin\Dane aplikacji\Audacity 2016-05-19 13:39 - 2014-06-22 19:33 - 00000000 ____D C:\Documents and Settings\Admin\Doctor Web 2016-05-19 13:39 - 2013-06-29 10:44 - 00000000 ____D C:\Documents and Settings\Admin\Dane aplikacji\XBMC 2016-05-19 13:39 - 2013-01-08 23:25 - 00000000 ____D C:\Documents and Settings\Admin\Dane aplikacji\BitLord 2016-05-19 13:39 - 2011-10-14 09:57 - 00000000 ____D C:\Documents and Settings\Admin\Dane aplikacji\YouTube Downloader 2016-05-19 13:39 - 2011-06-05 15:21 - 00000000 ____D C:\Documents and Settings\Admin\Dane aplikacji\Adobe 2016-05-19 13:39 - 2010-05-01 19:51 - 00000000 ____D C:\Documents and Settings\Admin\Dane aplikacji\ipla 2016-05-19 13:39 - 2008-12-11 16:53 - 00000000 ____D C:\Documents and Settings\Admin\Moje dokumenty\Pamela 2016-05-19 13:39 - 2008-08-26 22:59 - 00000000 ____D C:\Documents and Settings\Admin\Dane aplikacji\Canon 2016-05-19 13:39 - 2008-02-20 00:11 - 00000000 ____D C:\Documents and Settings\Admin\Dane aplikacji\Skype 2016-05-19 13:39 - 2007-08-25 17:16 - 00000000 ___RD C:\Documents and Settings\Admin\Moje dokumenty\Moje wideo 2016-05-19 13:39 - 2007-08-21 06:33 - 00000000 __SHD C:\Documents and Settings\Admin\UserData 2016-05-19 13:39 - 2007-08-17 20:25 - 00000000 ___RD C:\Documents and Settings\Admin\Menu Start\Programy\Akcesoria 2016-05-19 13:39 - 2007-08-17 20:25 - 00000000 ___HD C:\Documents and Settings\Admin\Ustawienia lokalne 2016-05-19 12:46 - 2011-01-16 05:07 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2016-05-19 12:46 - 2008-01-14 23:26 - 00000000 ___SD C:\Documents and Settings\Administrator\Ustawienia lokalne\Historia 2016-05-19 12:46 - 2007-08-17 21:24 - 00000000 ___SD C:\Documents and Settings\Default User\Ustawienia lokalne\Historia 2016-05-19 12:06 - 2007-08-17 20:13 - 00000188 ___SH C:\Documents and Settings\NetworkService\ntuser.ini 2016-05-19 02:24 - 2007-08-22 20:20 - 00000000 ____D C:\WINDOWS\system32\NtmsData 2016-05-19 00:51 - 2007-12-23 06:55 - 00000000 ____D C:\Program Files\SkanerOnline 2016-05-17 21:53 - 2015-08-23 21:48 - 00001184 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1935655697-484061587-839522115-1003Core.job 2016-05-17 18:58 - 2007-08-18 21:13 - 00077824 ____T (Doctor Web, Ltd.) C:\WINDOWS\system32\DRWEBSP.DLL 2016-05-17 16:54 - 2007-08-18 08:51 - 00000000 ____D C:\Program Files\Winamp 2016-05-17 16:47 - 2008-12-28 00:38 - 00000202 _____ C:\WINDOWS\NeroDigital.ini 2016-05-16 23:01 - 2009-08-23 14:29 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\AntiVir PersonalEdition Classic 2016-05-16 22:42 - 2013-05-04 15:35 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Avira 2016-05-16 22:16 - 2014-07-30 12:50 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Package Cache 2016-05-16 22:14 - 2013-05-04 15:37 - 00000000 ____D C:\Documents and Settings\Admin\Dane aplikacji\Avira 2016-05-15 23:43 - 2008-01-14 23:26 - 00000000 ___HD C:\Documents and Settings\Administrator\Ustawienia lokalne 2016-05-15 23:43 - 2007-08-17 21:24 - 00000000 __RHD C:\Documents and Settings\Default User\Ustawienia lokalne 2016-05-15 23:43 - 2007-08-17 20:13 - 00000000 ___HD C:\Documents and Settings\NetworkService\Ustawienia lokalne 2016-05-15 22:17 - 2001-07-21 22:17 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2016-05-14 18:12 - 2015-11-10 22:12 - 00000000 ____D C:\Documents and Settings\Admin\Pulpit\MagRavs Blueprints 2016-05-14 11:01 - 2014-08-04 23:36 - 00000000 ____D C:\Documents and Settings\Admin\Dane aplikacji\Dropbox 2016-05-13 15:10 - 2008-03-02 23:04 - 00000041 ___SH C:\Documents and Settings\All Users\Dane aplikacji\.zreglib 2016-05-12 19:00 - 2009-02-12 18:10 - 27262976 _____ C:\VIRTPART.DAT 2016-05-12 18:40 - 2015-05-04 12:01 - 00000000 ____D C:\Documents and Settings\Admin\Menu Start\Programy\FLIR Systems 2016-05-12 17:03 - 2007-08-17 20:58 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2016-05-12 16:56 - 2015-07-21 18:19 - 00191188 _____ C:\WINDOWS\system32\prfh0415.dat 2016-05-12 16:56 - 2015-07-21 18:19 - 00109602 _____ C:\WINDOWS\system32\prfc0415.dat 2016-05-12 13:48 - 2008-05-14 00:29 - 00000000 ____D C:\Documents and Settings\Admin\Pulpit\torrenty 2016-05-11 12:37 - 2016-03-25 01:44 - 00000000 ____D C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\ChomikBox 2016-05-11 12:36 - 2009-12-30 20:40 - 00000000 ____D C:\Documents and Settings\Admin\.gstreamer-0.10 2016-05-09 11:14 - 2014-03-28 19:10 - 00000000 ____D C:\Documents and Settings\Admin\Pulpit\Praca 2016-05-07 23:25 - 2007-08-17 21:17 - 00000000 ____D C:\WINDOWS\security 2016-05-03 13:39 - 2012-06-30 10:27 - 00000000 ____D C:\Documents and Settings\Admin\Pulpit\ciekawe artykuły 2016-05-02 14:56 - 2014-08-04 23:42 - 00000000 ___RD C:\Documents and Settings\Admin\Moje dokumenty\Dropbox 2016-04-29 10:03 - 2001-10-26 15:45 - 00072230 _____ C:\WINDOWS\system32\eventvwr.msc 2016-04-27 15:42 - 2015-12-11 03:21 - 00003481 _____ C:\Documents and Settings\All Users\Dane aplikacji\lpm.dat 2016-04-26 22:06 - 2012-08-29 15:25 - 00000000 ____D C:\Documents and Settings\Admin\Pulpit\Turystyka 2016-04-23 13:39 - 2010-02-18 01:14 - 00000000 ____D C:\Documents and Settings\Admin\Moje dokumenty\Potwierdzenia przelewów ==================== Pliki w katalogu głównym wybranych folderów ======= 2008-02-04 22:25 - 2008-02-03 23:19 - 1022756 _____ () C:\Program Files\SiMoCo02.rar 2016-03-01 12:40 - 2016-03-01 12:40 - 0000020 ___SH () C:\Documents and Settings\Admin\Dane aplikacji\Sys11965 DataCollection.dat 2016-03-01 12:40 - 2016-03-01 12:40 - 0000020 ___SH () C:\Documents and Settings\Admin\Dane aplikacji\System413_DataDB.ind 2015-02-10 20:45 - 2015-02-10 20:45 - 0000024 ___SH () C:\Documents and Settings\Admin\Dane aplikacji\System5908ConfigCollection.dat 2015-03-26 23:13 - 2015-03-26 23:13 - 0000000 _____ () C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\AtStart.txt 2007-11-15 20:48 - 2015-12-24 02:00 - 0186368 _____ () C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-03-26 23:13 - 2015-03-26 23:13 - 0000000 _____ () C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\DSwitch.txt 2015-03-26 23:13 - 2015-03-26 23:13 - 0000000 _____ () C:\Documents and Settings\Admin\Ustawienia lokalne\Dane aplikacji\QSwitch.txt 2008-03-02 23:04 - 2016-05-13 15:10 - 0000041 ___SH () C:\Documents and Settings\All Users\Dane aplikacji\.zreglib 2008-12-11 19:59 - 2008-12-11 19:59 - 0000032 _____ () C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat 2015-12-11 03:21 - 2016-04-27 15:42 - 0003481 _____ () C:\Documents and Settings\All Users\Dane aplikacji\lpm.dat Niektóre pliki w TEMP: ==================== C:\Documents and Settings\Admin\Ustawienia lokalne\temp\NEventMessages.dll C:\Documents and Settings\Admin\Ustawienia lokalne\temp\NOSEventMessages.dll ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo ==================== Koniec FRST.txt ============================