Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 12-09-2016 Uruchomiony przez Michał (administrator) DOM-109KNSC42L1 (15-09-2016 12:26:54) Uruchomiony z Z:\ Załadowane profile: Michał (Dostępne profile: Michał & Administrator) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 8 (Domyślna przeglądarka: IE) Tryb startu: Safe Mode (with Networking) Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Marek Jasinski) C:\Documents and Settings\Michał\Dane aplikacji\FreeCommanderXE\FreeCommander.exe (Marek Jasinski) C:\Documents and Settings\Michał\Dane aplikacji\FreeCommanderXE\FreeCommander.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [MSConfig] => C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [171520 2008-04-14] (Microsoft Corporation) Winlogon\Notify\AtiExtEvent: C:\WINDOWS\SYSTEM32\Ati2evxx.dll [2005-05-04] (ATI Technologies Inc.) HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0 HKLM\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-1757981266-527237240-839522115-1004\...\Policies\Explorer: [NoFileMenu] 0 HKU\S-1-5-21-1757981266-527237240-839522115-1004\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\S-1-5-21-1757981266-527237240-839522115-1004\...\Policies\Explorer: [NoToolbarCustomize] 0 HKU\S-1-5-21-1757981266-527237240-839522115-1004\...\Policies\Explorer: [NoBandCustomize] 0 HKU\S-1-5-21-1757981266-527237240-839522115-1004\...\Policies\Explorer: [NoStartMenuPinnedList] 0 HKU\S-1-5-21-1757981266-527237240-839522115-1004\...\Policies\Explorer: [NoUserNameInStartMenu] 0 HKU\S-1-5-21-1757981266-527237240-839522115-1004\...\Policies\Explorer: [NoRecentDocsHistory] 1 HKU\S-1-5-21-1757981266-527237240-839522115-1004\...\Policies\Explorer: [NoStrCmpLogical] 0 HKU\S-1-5-21-1757981266-527237240-839522115-1004\...\Winlogon: [Shell] C:\WINDOWS\EXPLORER.EXE [1035264 2008-04-14] (Microsoft Corporation) <==== UWAGA HKU\S-1-5-18\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000 IFEO\notepad.exe: [Debugger] C:\Program Files\Notepad2\Notepad2.exe /z Lsa: [Notification Packages] scecli scecli scecli scecli scecli scecli BootExecute: PDBoot.exeautocheck autochk * ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 194.106.210.5 Tcpip\..\Interfaces\{C174651D-F10C-446B-BA45-FB4B8B72471F}: [DhcpNameServer] 194.106.210.5 ManualProxies: Internet Explorer: ================== HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKU\S-1-5-21-1757981266-527237240-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKU\S-1-5-21-1757981266-527237240-839522115-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie HKU\S-1-5-21-1757981266-527237240-839522115-1004\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 HKU\S-1-5-21-1757981266-527237240-839522115-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.pl/ SearchScopes: HKU\.DEFAULT -> {71C63272-91A7-436a-843D-A1C641D1C626} URL = hxxp://search.shareazaweb.com//web?src=ieb&q={searchTerms} SearchScopes: HKU\.DEFAULT -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7 SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1757981266-527237240-839522115-1004 -> {71C63272-91A7-436a-843D-A1C641D1C626} URL = Toolbar: HKU\S-1-5-21-1757981266-527237240-839522115-1004 -> Brak nazwy - {EEB30C11-DF11-46DF-B763-BAF798CA65F3} - Brak pliku DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} hxxp://www.ca.com/us/securityadvisor/virusinfo/webscan.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} DPF: {A9ED6AA2-D9D4-4D71-9586-E293E2E3580B} hxxp://67.15.101.3/g_bin/pl/marbles_2_0_0_31.cab DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} hxxp://67.15.101.33/g_bin/pl/mahjong_2_0_0_29.cab DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} hxxp://67.15.101.3/g_bin/pl/billard8_2_0_0_35.cab Handler: AutorunsDisabled\gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - Brak pliku [] Handler: cf - Brak wartości CLSID - FireFox: ======== FF ProfilePath: C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default FF NewTab: hxxps://www.google.pl FF Homepage: hxxps://google.pl/ FF NetworkProxy: "user_pref("extensions.browsec.backup.network.proxy.autoconfig_url", ""); FF NetworkProxy: "user_pref("extensions.browsec.backup.network.proxy.ftp", "115.29.247.115"); FF NetworkProxy: "user_pref("extensions.browsec.backup.network.proxy.ftp_port", 8888); FF NetworkProxy: "user_pref("extensions.browsec.backup.network.proxy.http", "115.29.247.115"); FF NetworkProxy: "user_pref("extensions.browsec.backup.network.proxy.http_port", 8888); FF NetworkProxy: "user_pref("extensions.browsec.backup.network.proxy.no_proxies_on", "localhost, 127.0.0.1"); FF NetworkProxy: "user_pref("extensions.browsec.backup.network.proxy.share_proxy_settings", true); FF NetworkProxy: "user_pref("extensions.browsec.backup.network.proxy.ssl", "115.29.247.115"); FF NetworkProxy: "user_pref("extensions.browsec.backup.network.proxy.ssl_port", 8888); FF NetworkProxy: "user_pref("extensions.browsec.backup.network.proxy.type", 0); FF NetworkProxy: "backup.ftp", "94.228.205.33" FF NetworkProxy: "backup.ftp_port", 8080 FF NetworkProxy: "backup.socks", "94.228.205.33" FF NetworkProxy: "backup.socks_port", 8080 FF NetworkProxy: "backup.ssl", "94.228.205.33" FF NetworkProxy: "backup.ssl_port", 8080 FF NetworkProxy: "ftp", "115.29.247.115" FF NetworkProxy: "ftp_port", 8888 FF NetworkProxy: "gopher", "" FF NetworkProxy: "gopher_port", 0 FF NetworkProxy: "http", "115.29.247.115" FF NetworkProxy: "http_port", 8888 FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "socks", "115.29.247.115" FF NetworkProxy: "socks_port", 8888 FF NetworkProxy: "ssl", "115.29.247.115" FF NetworkProxy: "ssl_port", 8888 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-15] () FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2007-11-07] (Microsoft Corporation) FF Plugin HKU\S-1-5-21-1757981266-527237240-839522115-1004: 360.cn/UploadPlugin -> C:\Documents and Settings\Michał\Dane aplikacji\360YunPan\npUploadPlugin.dll [Brak pliku] FF Plugin HKU\S-1-5-21-1757981266-527237240-839522115-1004: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.28.17\npGoogleUpdate3.dll [2015-09-29] (Google Inc.) FF Plugin HKU\S-1-5-21-1757981266-527237240-839522115-1004: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.28.17\npGoogleUpdate3.dll [2015-09-29] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2011-07-19] (Foxit Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2009-11-09] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2009-11-09] (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Michał\Dane aplikacji\mozilla\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF SearchPlugin: C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\searchplugins\filmwebpl.xml [2014-11-19] FF SearchPlugin: C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\searchplugins\imdb.xml [2015-04-23] FF SearchPlugin: C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\searchplugins\yahoo-uk--ireland.xml [2015-07-24] FF SearchPlugin: C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\searchplugins\youtube.xml [2015-03-20] FF Extension: (HttpFox) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\extensions\{4093c4de-454a-4329-8aff-c6b0b123c386}.xpi [2016-04-27] FF Extension: (gTranslate) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi [2016-06-18] FF Extension: (Classic Theme Restorer) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2016-08-24] FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\Extensions\elemhidehelper@adblockplus.org.xpi [2016-08-02] FF Extension: (Exif Viewer) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\Extensions\exif_viewer@mozilla.doslash.org.xpi [2016-04-27] FF Extension: (MEGA) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\Extensions\firefox@mega.co.nz.xpi [2016-09-14] FF Extension: (PhotoME Extension) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\Extensions\{01c29d60-f7f0-416c-844a-ec8b2e1841d0}.xpi [2014-07-23] [Brak podpisu cyfrowego] FF Extension: (Brak nazwy) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\Extensions\{61FD08D8-A2CB-46c0-B36D-3F531AC53C12}.xpi [2016-09-08] FF Extension: (Mozilla Archive Format) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\Extensions\{7f57cf46-4467-4c2d-adfa-0cba7c507e54}.xpi [2016-06-16] FF Extension: (Converter) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\Extensions\{8B72860F-C5F8-4286-865E-D2C2DB98A9E6} [2015-05-29] FF Extension: (ImTranslator) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2016-09-05] FF Extension: (Adblock Plus) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28] FF Extension: (Disable Anti-Adblock) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\Extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi [2016-04-27] FF Extension: (ImageHost Grabber) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\Extensions\{E4091D66-127C-11DB-903A-DE80D2EFDFE8} [2015-12-30] [Brak podpisu cyfrowego] FF Extension: (Greasemonkey) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-08-20] FF Extension: (Copy All Links) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\Extensions\{e6a9a96e-4a08-4719-b9bd-0e91c35aaabc}.xpi [2016-04-28] FF Extension: (UnMHT) - C:\Documents and Settings\Michał\Dane aplikacji\Mozilla\Firefox\Profiles\j7sltdy6.default\Extensions\{f759ca51-3a91-4dd1-ae78-9db5eee9ebf0}.xpi [2016-07-18] FF HKLM\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files\360\Total Security\safemon\webprotection_firefox => nie znaleziono Chrome: ======= CHR Profile: C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Adblock Plus) - C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-01-06] CHR Extension: (uBlock Origin) - C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-01-12] CHR Extension: (AdBlock) - C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-09] CHR Extension: (EXIF data) - C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lplmljfembbkocngnlkkdgabpnfokmnl [2013-09-20] CHR Extension: (AdSweep) - C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\milkhonmecplandlkfbjplfbdenjlkmp [2010-09-28] StartMenuInternet: Google Chrome.ACIN6SB4PO6DAEPIOLSK3SKXFQ - C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AppMgmt; C:\WINDOWS\system32\svchost.exe [14336 2008-04-14] (Microsoft Corporation) S4 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [516096 2005-05-03] () [Brak podpisu cyfrowego] S4 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [550240 2013-05-31] (cFos Software GmbH) S4 HidServ; C:\WINDOWS\System32\svchost.exe [14336 2008-04-14] (Microsoft Corporation) S4 idsvc; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [864256 2007-10-11] (Microsoft Corporation) [Brak podpisu cyfrowego] S4 NetTcpPortSharing; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [122880 2007-10-11] (Microsoft Corporation) [Brak podpisu cyfrowego] S4 PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [414984 2007-11-06] (Raxco Software, Inc.) S4 PDEngine; C:\Program Files\Raxco\PerfectDisk\PDEngine.exe [734472 2007-11-06] (Raxco Software, Inc.) S4 PSEXESVC; C:\WINDOWS\PSEXESVC.EXE [181064 2016-02-01] (Sysinternals) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S2 Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [16877 2002-07-17] (Adaptec) [Brak podpisu cyfrowego] R0 BsStor; C:\WINDOWS\System32\DRIVERS\bsstor.sys [9344 2002-06-05] (B.H.A Co.,Ltd.) [Brak podpisu cyfrowego] S4 BsUDF; C:\WINDOWS\system32\Drivers\BsUDF.sys [441728 2002-07-26] (ahead software) [Brak podpisu cyfrowego] R3 cFosSpeed; C:\WINDOWS\System32\DRIVERS\cfosspeed.sys [1265504 2013-05-31] (cFos Software GmbH) R0 DefragFS; C:\WINDOWS\system32\Drivers\DefragFS.sys [68624 2007-10-22] (Raxco Software, Inc.) S3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. ) S3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation) S3 GBGSIF; C:\WINDOWS\System32\Drivers\GBGSIF.sys [32288 2004-07-15] (FX-MAX.com) [Brak podpisu cyfrowego] R0 IntelIde; C:\WINDOWS\System32\drivers\intelide.sys [5504 2012-11-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation) R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [99584 2006-01-27] (NVIDIA Corporation) R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [34176 2006-02-17] (NVIDIA Corporation) R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [13056 2006-02-17] (NVIDIA Corporation) S2 nxsIO32; C:\WINDOWS\System32\DRIVERS\nxsIO32.sys [2208 2002-01-01] () [Brak podpisu cyfrowego] S3 OSCI_DRVNT; C:\WINDOWS\System32\Drivers\OSCI_DRVNT.sys [6784 2008-07-14] () [Brak podpisu cyfrowego] R0 PCIIde; C:\WINDOWS\System32\drivers\pciide.sys [3328 2012-11-07] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2008-07-12] (VSO Software) [Brak podpisu cyfrowego] S3 pfc; C:\WINDOWS\System32\drivers\pfc.sys [9856 2006-09-14] (Padus, Inc.) [Brak podpisu cyfrowego] S3 PortTalk; C:\WINDOWS\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic hxxp://www.beyondlogic.org) [Brak podpisu cyfrowego] S1 prcmondrv; C:\WINDOWS\system32\drivers\prcmondrv1041.sys [18432 2008-07-10] (Igor Nys) [Brak podpisu cyfrowego] S2 PStrip; C:\WINDOWS\System32\drivers\pstrip.sys [27992 2007-07-15] (EnTech Taiwan) R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation) S3 S3Psddr; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [166912 2008-04-13] (S3 Graphics, Inc.) S3 S3SavageNB; C:\WINDOWS\System32\DRIVERS\s3gnbm.sys [166912 2008-04-13] (S3 Graphics, Inc.) S2 SetupNT; C:\WINDOWS\system32\SetupNT.sys [3000 2000-10-25] () [Brak podpisu cyfrowego] S3 SIVDRIVER; C:\WINDOWS\system32\Drivers\SivX32.sys [13056 2006-12-14] (Ray Hinchliffe) [Brak podpisu cyfrowego] R0 viaagp1; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [27904 2003-07-02] (VIA Technologies, Inc.) [Brak podpisu cyfrowego] S3 VIAudio; C:\WINDOWS\System32\drivers\viaudio.sys [43776 2002-03-12] (VIA Technologies, Inc.) [Brak podpisu cyfrowego] R0 videX32; C:\WINDOWS\System32\DRIVERS\videX32.sys [13976 2009-05-05] (VIA Technologies, Inc.) R0 xfilt; C:\WINDOWS\System32\DRIVERS\xfilt.sys [22168 2009-05-05] (VIA Technologies,Inc) S4 esihdrv; Brak ImagePath S3 IntcAzAudAddService; system32\drivers\RtkHDAud.sys [X] U5 P3; C:\Windows\System32\Drivers\P3.sys [46848 2008-04-14] (Microsoft Corporation) S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X] S3 PROCEXP151; \??\C:\WINDOWS\system32\Drivers\PROCEXP151.SYS [X] U2 QHActiveDefense; Brak ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) S3 Tcpz-x86; \??\C:\DOCUME~1\MICHA~1\USTAWI~1\Temp\Tcpz-x86.sys [X] S3 TSP; Brak ImagePath S4 viagfx; system32\DRIVERS\vtmini.sys [X] S0 viamraid; system32\DRIVERS\viamraid.sys [X] S3 Wdf01000; System32\Drivers\wdf01000.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) NETSVC: SSHNAS -> Brak ścieżki do pliku. ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-09-15 12:26 - 2016-09-15 12:26 - 00000000 ____D C:\FRST 2016-09-15 02:41 - 2016-09-15 02:41 - 00000000 ____D C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\WindowsApplication1 2016-09-15 01:49 - 2016-09-15 01:49 - 00006541 _____ C:\Documents and Settings\Michał\Pulpit\MBRCheck_09.15.16_01.49.43.txt 2016-09-15 01:47 - 2016-09-14 18:48 - 06553600 _____ C:\WINDOWS\system32\config\SYSTEM.fix_hdc 2016-09-14 22:27 - 2006-01-23 11:48 - 00176128 ____N (NVIDIA Corporation) C:\WINDOWS\system32\nvuide.exe 2016-09-14 22:27 - 2005-12-08 11:06 - 00001570 ____N C:\WINDOWS\system32\nvide.nvu 2016-09-14 22:26 - 2006-01-23 11:48 - 00035840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NVCOI.DLL 2016-09-14 22:12 - 2016-09-14 22:12 - 00000000 ____D C:\WINDOWS\LastGood 2016-09-14 21:32 - 2005-09-28 11:10 - 00466944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\CapabilityTable.exe 2016-09-14 21:31 - 2016-09-14 21:31 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2016-09-14 21:31 - 2006-02-17 10:28 - 00101632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvtcp.sys 2016-09-14 21:31 - 2005-12-21 00:23 - 00176128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvusmb.exe 2016-09-14 21:31 - 2005-12-21 00:23 - 00176128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvunrm.exe 2016-09-14 21:31 - 2005-12-08 11:06 - 00003657 _____ C:\WINDOWS\system32\nvnrm.nvu 2016-09-14 21:31 - 2005-12-08 11:06 - 00001864 _____ C:\WINDOWS\system32\nvsmb.nvu 2016-09-14 21:30 - 2016-09-14 21:30 - 35931427 _____ C:\Documents and Settings\Michał\Pulpit\6150v824_2KXP.zip 2016-09-14 21:30 - 2006-02-17 10:28 - 00305152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvnrm.sys 2016-09-14 21:30 - 2006-02-17 10:28 - 00222592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvsnpu.sys 2016-09-14 21:30 - 2006-02-17 10:28 - 00034176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NVENETFD.sys 2016-09-14 21:30 - 2006-02-17 10:28 - 00013056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvnetbus.sys 2016-09-14 21:30 - 2006-02-17 10:27 - 00204288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\fdco1.dll 2016-09-14 21:30 - 2006-02-17 10:27 - 00159232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\fdco_l1036.dll 2016-09-14 21:30 - 2006-02-17 10:27 - 00159232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\fdco_l1034.dll 2016-09-14 21:30 - 2006-02-17 10:27 - 00159232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\fdco_l1031.dll 2016-09-14 21:30 - 2006-02-17 10:27 - 00158720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\fdco_l1046.dll 2016-09-14 21:30 - 2006-02-17 10:27 - 00158720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\fdco_l1040.dll 2016-09-14 21:30 - 2006-02-17 10:27 - 00156672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\fdco_l1042.dll 2016-09-14 21:30 - 2006-02-17 10:27 - 00156672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\fdco_l1041.dll 2016-09-14 21:30 - 2006-02-17 10:27 - 00155648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\fdco_l1028.dll 2016-09-14 21:30 - 2006-02-17 10:27 - 00155136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\fdco_l2052.dll 2016-09-14 21:30 - 2006-02-17 10:26 - 00009728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\bdco1ins.dll 2016-09-14 21:30 - 2006-02-17 10:26 - 00009728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\bdco1.dll 2016-09-14 21:30 - 2006-01-27 14:04 - 00290304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\idecoiins.dll 2016-09-14 21:30 - 2006-01-27 14:04 - 00290304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\idecoi.dll 2016-09-14 21:30 - 2006-01-27 14:04 - 00099584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvata.sys 2016-09-14 21:30 - 2005-12-21 00:23 - 00035840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvconrm.dll 2016-09-13 20:07 - 2016-09-14 22:26 - 00000000 _____ C:\WINDOWS\AS_Debug.txt 2016-09-12 20:43 - 2016-09-12 20:43 - 00008095 _____ C:\Documents and Settings\Michał\Pulpit\MBRCheck_09.12.16_20.43.36.txt 2016-09-12 17:32 - 2016-09-12 17:33 - 00008169 _____ C:\Documents and Settings\Michał\Pulpit\MBRCheck_09.12.16_17.32.58.txt 2016-09-11 01:22 - 2016-09-11 01:22 - 00065536 _____ C:\WINDOWS\Minidump\Mini091116-01.dmp 2016-09-10 15:44 - 2016-09-10 15:44 - 00000022 _____ C:\WINDOWS\system32\ati64hlp.stb 2016-09-10 15:38 - 2005-05-03 21:05 - 00516096 ____N () C:\WINDOWS\system32\ati2sgag.exe 2016-09-10 15:37 - 2005-05-04 13:04 - 00299008 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\atiiiexx.dll 2016-09-10 15:37 - 2005-05-04 12:31 - 00221184 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\ATIDEMGR.dll 2016-09-10 15:37 - 2005-05-04 11:52 - 06680576 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\atioglx1.dll 2016-09-10 15:37 - 2005-05-04 10:24 - 00025088 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\Ati2mdxx.exe 2016-09-10 15:37 - 2005-05-04 10:23 - 00046080 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.dll 2016-09-10 15:37 - 2005-05-04 10:22 - 00364544 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe 2016-09-10 15:37 - 2005-05-04 10:22 - 00053248 _____ ( ATI Technologies Inc.) C:\WINDOWS\system32\ATIDDC.DLL 2016-09-10 15:37 - 2005-05-04 09:57 - 00135168 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\atikvmag.dll 2016-09-10 15:37 - 2005-05-04 09:57 - 00017408 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\atitvo32.dll 2016-09-10 15:37 - 2005-05-02 20:07 - 00005396 _____ C:\WINDOWS\system32\atifglpf.xml 2016-09-10 15:37 - 2001-11-09 23:01 - 00024064 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\ativcoxx.dll 2016-09-10 15:33 - 2016-09-15 02:10 - 00000000 ____D C:\Program Files\ATI Technologies 2016-09-08 22:36 - 2016-09-08 22:36 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\XFast LAN 2016-09-08 15:52 - 2016-09-08 15:52 - 00940794 _____ C:\WINDOWS\system32\LoopyMusic.wav 2016-09-08 15:52 - 2016-09-08 15:52 - 00146650 _____ C:\WINDOWS\system32\BuzzingBee.wav 2016-09-08 15:52 - 2016-09-08 15:52 - 00000000 ____D C:\WINDOWS\system32\Lang 2016-09-08 14:27 - 2016-09-15 01:55 - 00000000 ____D C:\WINDOWS\system32\RTCOM 2016-09-07 17:32 - 2016-09-07 17:32 - 00572984 _____ C:\Documents and Settings\Michał\Moje dokumenty\O.txt 2016-09-07 16:32 - 2016-09-07 16:32 - 00295384 _____ C:\Documents and Settings\Michał\Moje dokumenty\O.csv 2016-09-07 16:32 - 2016-09-07 16:32 - 00251164 _____ C:\Documents and Settings\Michał\Moje dokumenty\Q.csv 2016-09-07 16:24 - 2016-09-07 16:29 - 00156458 _____ C:\Documents and Settings\Michał\Moje dokumenty\P.csv 2016-08-31 15:11 - 2016-08-31 15:13 - 00001338 _____ C:\Documents and Settings\Michał\Pulpit\Mofos - Brazzers.txt 2016-08-27 15:06 - 2002-03-12 17:57 - 00043776 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\Drivers\viaudio.sys 2016-08-27 15:03 - 2016-08-27 15:03 - 00000000 ____D C:\Program Files\VIA Technologies, Inc 2016-08-27 03:10 - 2016-09-13 14:10 - 00000000 ____D C:\Documents and Settings\Michał\Dane aplikacji\360CloudUI 2016-08-26 00:40 - 2016-08-26 00:40 - 00065536 _____ C:\WINDOWS\Minidump\Mini082616-01.dmp 2016-08-25 14:25 - 2016-09-15 01:55 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-08-24 00:33 - 2016-08-24 00:31 - 00070523 ____H C:\WINDOWS\Minidump\Mini082416-01.dmp ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-12-31 12:00 - 2015-05-22 11:12 - 00040921 _____ C:\WINDOWS\system32\_WinTimeFunctions2.au3 2016-09-15 12:27 - 2014-02-23 02:21 - 00000000 __SHD C:\Documents and Settings\Michał\Ustawienia lokalne\Temp 2016-09-15 12:25 - 2008-12-15 14:15 - 07893008 _____ C:\WINDOWS\ntbtlog.txt 2016-09-15 12:25 - 2003-04-16 21:00 - 00011936 _____ C:\WINDOWS\system32\wpa.dbl 2016-09-15 12:23 - 2006-08-20 10:57 - 00000292 ___SH C:\Documents and Settings\Michał\ntuser.ini 2016-09-15 12:21 - 2006-08-20 12:33 - 00000211 ___SH C:\boot.ini 2016-09-15 12:21 - 2003-04-16 21:00 - 00001945 _____ C:\WINDOWS\win.ini 2016-09-15 12:21 - 2003-04-16 21:00 - 00001802 _____ C:\WINDOWS\system.ini 2016-09-15 02:41 - 2006-08-20 10:57 - 00000000 ___HD C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji 2016-09-15 02:10 - 2008-05-26 02:22 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2016-09-15 02:09 - 2008-08-23 19:16 - 00000010 _____ C:\WINDOWS\wininit.ini 2016-09-15 02:06 - 2006-08-20 10:57 - 00000000 ___HD C:\Documents and Settings\Michał\Dane aplikacji 2016-09-15 02:00 - 2010-12-05 22:43 - 00001984 _____ C:\WINDOWS\system32\d3d9caps.dat 2016-09-15 01:51 - 2014-03-29 03:01 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2016-09-15 01:49 - 2006-08-20 10:57 - 00000000 ____D C:\Documents and Settings\Michał\Pulpit 2016-09-14 22:26 - 2006-08-20 11:06 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups 2016-09-14 21:39 - 2011-02-07 17:46 - 00004766 _____ C:\WINDOWS\system32\PerfStringBackup.TMP 2016-09-14 21:35 - 2006-08-20 12:30 - 00000000 ___HD C:\WINDOWS\inf 2016-09-14 18:48 - 2006-08-20 10:56 - 00032522 _____ C:\WINDOWS\SchedLgU.Txt 2016-09-14 18:48 - 2006-08-20 10:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-09-14 18:46 - 2010-05-16 16:42 - 00000000 ____D C:\Program Files\foobar2000 2016-09-14 18:45 - 2009-12-01 22:57 - 00000000 ____D C:\Program Files\VIA 2016-09-14 18:45 - 2006-08-20 11:35 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy 2016-09-14 16:17 - 2009-08-20 21:12 - 00000000 ____D C:\Program Files\Mozilla Thunderbird 2016-09-12 22:13 - 2006-08-20 11:34 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2016-09-12 22:13 - 2006-08-20 10:57 - 00000000 ____D C:\Documents and Settings\Michał\Menu Start 2016-09-12 22:12 - 2014-08-07 13:50 - 00000000 ____D C:\Documents and Settings\Michał\Moje dokumenty\Pobrane 2016-09-12 18:41 - 2009-08-19 16:41 - 00378101 _____ C:\WINDOWS\setuplog.txt 2016-09-12 18:41 - 2006-08-20 11:22 - 00011878 ____C C:\WINDOWS\system32\wpa.bak 2016-09-12 17:54 - 2016-08-02 13:43 - 00025992 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\pgdfgsvc.exe 2016-09-11 22:49 - 2008-11-20 02:33 - 00000000 ____D C:\Documents and Settings\Michał\Dane aplikacji\uTorrent 2016-09-11 21:28 - 2016-06-20 14:05 - 00000540 _____ C:\WINDOWS\system32\PDBootState 2016-09-11 21:28 - 2010-05-17 13:35 - 00002411 _____ C:\Documents and Settings\All Users\Menu Start\Programy\PerfectDisk 8.0.lnk 2016-09-11 02:31 - 2006-11-21 08:39 - 00000000 ____D C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\Google 2016-09-11 02:29 - 2006-08-20 10:57 - 00000000 ____D C:\Documents and Settings\Michał 2016-09-11 01:32 - 2006-08-20 12:30 - 00000000 RSHDC C:\WINDOWS\system32\dllcache 2016-09-11 01:22 - 2006-12-09 06:13 - 00000000 ____D C:\WINDOWS\Minidump 2016-09-10 02:20 - 2014-03-29 03:01 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2016-09-10 02:20 - 2012-01-06 16:14 - 00000793 _____ C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk 2016-09-10 02:20 - 2006-08-20 11:35 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2016-09-10 02:11 - 2016-07-31 14:39 - 00088566 _____ C:\WINDOWS\system32\nvapps.xml 2016-09-09 21:20 - 2014-04-12 15:48 - 00000000 ____D C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\ChomikBox 2016-09-09 14:29 - 2014-04-12 16:18 - 00000000 ____D C:\Documents and Settings\Michał\.gstreamer-0.10 2016-09-09 00:27 - 2013-06-06 05:27 - 00066467 _____ C:\Documents and Settings\Michał\Pulpit\Play.txt 2016-09-08 22:37 - 2008-12-15 16:56 - 00435686 _____ C:\WINDOWS\cFosSpeed_Setup_OldLog.txt 2016-09-08 22:37 - 2008-12-15 16:56 - 00000500 _____ C:\WINDOWS\cFosSpeed_Setup_Log.txt 2016-09-08 22:36 - 2014-03-26 02:53 - 00000000 ____D C:\Program Files\cFosSpeed 2016-09-07 17:32 - 2006-08-20 10:57 - 00000000 ___RD C:\Documents and Settings\Michał\Moje dokumenty 2016-09-03 22:16 - 2016-07-23 15:51 - 00000000 ____D C:\Documents and Settings\Michał\Dane aplikacji\AIMP 2016-09-03 18:50 - 2015-10-12 10:11 - 00000000 ____D C:\Documents and Settings\Michał\Moje dokumenty\Combos 2016-09-03 00:52 - 2011-01-15 12:37 - 00000560 _____ C:\Documents and Settings\All Users\Pulpit\FastStone Image Viewer.lnk 2016-09-01 22:31 - 2014-02-09 15:43 - 00502034 _____ C:\Documents and Settings\Michał\Moje dokumenty\DDFNetwork - Pivot.xlsx 2016-09-01 22:30 - 2013-02-15 15:13 - 00194395 _____ C:\Documents and Settings\Michał\Moje dokumenty\DDFNetwork.xlsx 2016-08-27 15:05 - 2006-08-20 11:35 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start 2016-08-27 13:01 - 2010-01-13 18:19 - 00000000 ____D C:\WINDOWS\nview 2016-08-27 03:18 - 2006-08-20 12:30 - 00000000 ____D C:\WINDOWS\Help 2016-08-27 02:40 - 2006-08-20 10:57 - 00000000 ___HD C:\Documents and Settings\Michał\Ustawienia lokalne 2016-08-25 14:25 - 2012-04-25 14:17 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-08-23 17:35 - 2013-11-19 04:08 - 00047128 _____ C:\Documents and Settings\Michał\Pulpit\Cloud.txt 2016-08-21 22:06 - 2016-08-09 14:01 - 00000254 _____ C:\Documents and Settings\Michał\Pulpit\Nowy Dokument tekstowy (7).txt ==================== Pliki w katalogu głównym wybranych folderów ======= 2009-12-04 13:57 - 2009-11-11 21:32 - 0002786 _____ () C:\Program Files\key.cfosspeed 2009-04-04 13:26 - 2009-04-04 13:28 - 0000295 _____ () C:\Documents and Settings\Michał\Dane aplikacji\DarkAdapted Preferences 2009-01-01 20:16 - 2009-01-01 20:16 - 0000033 _____ () C:\Documents and Settings\Michał\Dane aplikacji\ezpinst.log 2008-07-12 00:47 - 2008-07-12 01:21 - 0087608 _____ () C:\Documents and Settings\Michał\Dane aplikacji\inst.exe 2008-07-12 00:47 - 2008-07-12 01:21 - 0007887 _____ () C:\Documents and Settings\Michał\Dane aplikacji\pcouffin.cat 2008-07-12 00:47 - 2008-07-12 01:21 - 0001144 _____ () C:\Documents and Settings\Michał\Dane aplikacji\pcouffin.inf 2008-07-12 00:47 - 2008-07-12 01:21 - 0000033 ____N () C:\Documents and Settings\Michał\Dane aplikacji\pcouffin.log 2008-07-12 00:47 - 2008-07-12 01:21 - 0047360 _____ (VSO Software) C:\Documents and Settings\Michał\Dane aplikacji\pcouffin.sys 2010-05-09 14:24 - 2009-11-04 13:49 - 0076407 _____ () C:\Documents and Settings\Michał\Dane aplikacji\Smiley.ico 2011-02-19 17:00 - 2011-02-19 17:00 - 0000022 ___SH () C:\Documents and Settings\Michał\Dane aplikacji\Sys2662.Config.Repository.bin 2010-06-30 14:20 - 2010-06-30 14:20 - 0000022 ___SH () C:\Documents and Settings\Michał\Dane aplikacji\Sys6925.Config Collection.sys 2006-08-20 11:44 - 2012-09-28 00:31 - 0206848 ____C () C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2009-08-14 17:15 - 2009-08-14 17:15 - 0000131 _____ () C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\fusioncache.dat 2015-04-08 03:16 - 2015-04-08 03:16 - 0000001 _____ () C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\llftool.4.40.agreement 2016-04-27 19:06 - 2016-04-27 19:06 - 0000001 _____ () C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\RawCopy.1.10.agreement 2014-03-25 17:31 - 2014-03-25 18:07 - 0000003 _____ () C:\Documents and Settings\Michał\Ustawienia lokalne\Dane aplikacji\user_data.ini 2010-05-22 13:34 - 2014-10-22 14:38 - 0077990 _____ () C:\Documents and Settings\All Users\Dane aplikacji\GeorgeYohngVST.ini 2007-01-16 16:12 - 2010-09-26 16:59 - 0010928 ____C () C:\Documents and Settings\All Users\Dane aplikacji\hpzinstall.log 2005-12-16 08:36 - 2002-12-28 16:27 - 0000000 ____H () C:\Documents and Settings\All Users\Dane aplikacji\sdpsenv.dat 2008-08-16 18:12 - 2008-08-16 18:25 - 0000063 ____H () C:\Documents and Settings\All Users\Dane aplikacji\Ts_infos.ini Niektóre pliki w TEMP: ==================== C:\Documents and Settings\Michał\Ustawienia lokalne\Temp\arpcache.exe C:\Documents and Settings\Michał\Ustawienia lokalne\Temp\Quarantine.exe C:\Documents and Settings\Michał\Ustawienia lokalne\Temp\sfextra.dll C:\Documents and Settings\Michał\Ustawienia lokalne\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo ==================== Koniec FRST.txt ============================