Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 14-01-2017 Uruchomiony przez Preki (administrator) AGR-MWS-3031571 (05-02-2017 10:51:56) Uruchomiony z C:\Documents and Settings\Preki\Pulpit Załadowane profile: Preki (Dostępne profile: Preki & Spörmja & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 8 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\Av\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgcsrvx.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe (LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe () C:\WINDOWS\system32\UAService7.exe (Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgemcx.exe (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe () C:\WINDOWS\ATK0100\HControl.exe () C:\Program Files\Wireless Console 2\wcourier.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (YAMAHA COROPRATION) C:\WINDOWS\system32\Sxgtkbar.exe (hxxp://www.pbus-167.com) C:\Program Files\Notebook Hardware Control\nhc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe () C:\Program Files\AVG Web TuneUp\vprot.exe () C:\WINDOWS\ATK0100\ATKOSD.exe (Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe (Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe (DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe () C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ReModem.exe (Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [HControl] => C:\WINDOWS\ATK0100\HControl.exe [98304 2006-05-30] () HKLM\...\Run: [Wireless Console 2] => C:\Program Files\Wireless Console 2\wcourier.exe [1040384 2007-07-05] () HKLM\...\Run: [ATKHOTKEY] => C:\Program Files\ATK Hotkey\Hcontrol.exe [229376 2007-10-16] (ATK0100) HKLM\...\Run: [ITSecMng] => C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2008-12-19] (TOSHIBA CORPORATION) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17887232 2009-06-12] (Realtek Semiconductor Corp.) HKLM\...\Run: [SxgTkBar] => C:\WINDOWS\system32\SxgTkBar.exe [53248 2001-07-11] (YAMAHA COROPRATION) HKLM\...\Run: [NotebookHardwareControl] => C:\Program Files\Notebook Hardware Control\nhc.exe [2629632 2007-05-04] (hxxp://www.pbus-167.com) HKLM\...\Run: [SMSERIAL] => C:\WINDOWS\sm56hlpr.exe [544768 2006-03-21] (Motorola Inc.) HKLM\...\Run: [NPSStartup] => [X] HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2180680 2016-09-13] () HKLM\...\Run: [WD Drive Unlocker] => C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-07-31] (Western Digital Technologies, Inc.) HKLM\...\Run: [WD Quick View] => C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.) HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1753192 2010-07-07] () HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2008-04-13] (Microsoft Corporation) HKLM\...\Run: [IMEKRMIG6.1] => C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [44032 2004-08-04] (Microsoft Corporation) HKLM\...\Run: [MSPY2002] => C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2008-04-13] () HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-13] (Microsoft Corporation) HKLM\...\Run: [PHIME2002A] => C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-13] (Microsoft Corporation) HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.) HKU\S-1-5-21-1644491937-515967899-682003330-1003\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] () HKU\S-1-5-21-1644491937-515967899-682003330-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd) HKU\S-1-5-21-1644491937-515967899-682003330-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\Traffic.scr [2646016 2008-05-08] (Gödény) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Bluetooth Manager.lnk [2009-07-09] ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.) BootExecute: autocheck autochk * C:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart GroupPolicy: Ograniczenia ? <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{E2ABE025-2B02-420B-B2D9-65262522324B}: [NameServer] 192.168.1.1 Tcpip\..\Interfaces\{E2ABE025-2B02-420B-B2D9-65262522324B}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKU\S-1-5-21-1644491937-515967899-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1644491937-515967899-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={93E0B420-888A-487E-9A33-F3D34EB47D9F}&mid=0bbe33a6998247d3a586d1567a85145a-b196b0ccf5bda2a8bd044a13ec1c3b6a99da92f8&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0215pi&pr=fr&d=2015-05-17 11:03:30&v=4.3.5.160&pid=wtu&sg=&sap=hp HKU\S-1-5-21-1644491937-515967899-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\S-1-5-21-1644491937-515967899-682003330-1003 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={93E0B420-888A-487E-9A33-F3D34EB47D9F}&mid=0bbe33a6998247d3a586d1567a85145a-b196b0ccf5bda2a8bd044a13ec1c3b6a99da92f8&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-05-17 11:03:30&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-1644491937-515967899-682003330-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={93E0B420-888A-487E-9A33-F3D34EB47D9F}&mid=0bbe33a6998247d3a586d1567a85145a-b196b0ccf5bda2a8bd044a13ec1c3b6a99da92f8&lang=pl&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-05-17 11:03:30&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-04] (Oracle Corporation) BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.5.160\AVG Web TuneUp.dll [2016-09-13] (AVG) BHO: SpeedBit Link Verification Helper -> {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} -> C:\Program Files\DAP\LinkVerifier.dll [2014-12-07] (Speedbit Ltd.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-04] (Oracle Corporation) BHO: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> C:\Documents and Settings\Preki\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-05-28] (GG Network S.A.) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll [2008-04-14] (Microsoft Corporation) Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Brak pliku FireFox: ======== FF ProfilePath: C:\Documents and Settings\Preki\Dane aplikacji\OpenVPN Technologies\OpenVPN Client\Profiles\vhoq05g7.default [2016-02-22] FF Homepage: C:\Documents and Settings\Preki\Dane aplikacji\OpenVPN Technologies\OpenVPN Client\Profiles\vhoq05g7.default -> resource://webapp/openvpn.html FF ProfilePath: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default [2017-02-05] FF SelectedSearchEngine: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> AVG Secure Search FF Homepage: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> about:home FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> backup.ftp", "" FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> backup.ftp_port", 0 FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> backup.gopher", "" FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> backup.gopher_port", 0 FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> backup.socks", "" FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> backup.socks_port", 0 FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> backup.ssl", "" FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> backup.ssl_port", 0 FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> ftp", "http://209.67.128.20/" FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> ftp_port", 7777 FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> gopher", "http://209.67.128.20/" FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> gopher_port", 7777 FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> http", "http://209.67.128.20/" FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> http_port", 7777 FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> share_proxy_settings", true FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> socks", "http://209.67.128.20/" FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> socks_port", 7777 FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> ssl", "http://209.67.128.20/" FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> ssl_port", 7777 FF NetworkProxy: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default -> type", 4 FF Extension: (AVG Web TuneUp) - C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default\Extensions\avg@toolbar.xpi [2016-09-13] FF Extension: (MEGA) - C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default\Extensions\firefox@mega.co.nz.xpi [2017-02-03] FF Extension: (Vividas player plugin) - C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default\Extensions\player@vividas.com [2012-01-20] [Brak podpisu cyfrowego] FF Extension: (uBlock) - C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2015-12-29] FF Extension: (ChatZilla) - C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2016-11-12] FF Extension: (Adblock Plus) - C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23] FF Extension: (Greasemonkey) - C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-08-20] FF Extension: (Diagnostics) - C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default\features\{05247068-63c4-495d-b013-84b3189e68df}\diagnostics@mozilla.org.xpi [2017-02-02] FF Extension: (Send HSTS Priming Requests) - C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default\features\{05247068-63c4-495d-b013-84b3189e68df}\hsts-priming@mozilla.org.xpi [2017-02-02] FF SearchPlugin: C:\Documents and Settings\Preki\Dane aplikacji\Mozilla\Firefox\Profiles\ear1ef62.default\searchplugins\avg-secure-search.xml [2017-02-04] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-01] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [daplinkchecker@speedbit.com] - C:\Program Files\DAP\daplinkchecker FF Extension: (DAP Link Checker) - C:\Program Files\DAP\daplinkchecker [2014-12-07] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-1644491937-515967899-682003330-1003\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files\DAP\DAPFireFox FF Extension: (Download Accelerator Plus (DAP) extension) - C:\Program Files\DAP\DAPFireFox [2014-12-07] [Brak podpisu cyfrowego] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-09-13] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-18] () FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.5\\npsitesafety.dll [Brak pliku] FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google) FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-04] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-04] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1644491937-515967899-682003330-1003: @facebook.com/FBPlugin,version=1.0.3 -> C:\Documents and Settings\Preki\Dane aplikacji\Facebook\npfbplugin_1_0_3.dll [Brak pliku] FF Plugin HKU\S-1-5-21-1644491937-515967899-682003330-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Preki\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll [2014-01-08] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-04-17] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npVividasPlayer.dll [2011-09-16] ( ) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npVividasPlayer.dll [2011-09-16] ( ) Chrome: ======= CHR HKLM\...\Chrome\Extension: [ijgbckacjhlebmjhlkckigeiacmaapdf] - ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation) R2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4154016 2017-01-09] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [935184 2016-12-06] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [603288 2017-01-09] (AVG Technologies CZ, s.r.o.) R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1962504 2016-11-11] (LogMeIn Inc.) R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [405424 2016-11-11] (LogMeIn, Inc.) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.) R2 UserAccess7; C:\WINDOWS\system32\UAService7.exe [126976 2010-10-18] () [Brak podpisu cyfrowego] S3 wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [24636 2008-12-10] (Apache Software Foundation) [Brak podpisu cyfrowego] S3 wampmysqld; c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [6582912 2009-06-17] () R2 WDBackup; C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.) R2 WDDriveService; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.) S2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [980552 2016-09-13] () ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative) R3 AtcL001; C:\WINDOWS\System32\DRIVERS\atl01_xp.sys [35840 2006-11-01] (Attansic Technology corporation.) R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [246528 2016-11-04] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [207616 2016-10-05] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [244992 2016-11-30] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [197376 2016-09-26] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231680 2016-07-27] (AVG Technologies CZ, s.r.o.) R0 Avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) S3 DrvSnSht; C:\Program Files\R-Drive Image\DrvSnSht.sys [102848 2010-05-31] (R-TT Inc.) [Brak podpisu cyfrowego] R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [232512 2011-09-15] (DT Soft Ltd) S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Brak podpisu cyfrowego] R1 FsVga; C:\WINDOWS\System32\DRIVERS\fsvga.sys [12288 2001-10-26] (Microsoft Corporation) S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [57536 2008-03-13] (FTDI Ltd.) R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [Brak podpisu cyfrowego] R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) S3 hid7906; C:\WINDOWS\System32\drivers\hid7906.sys [34963 2007-12-12] (Compuware Corporation) [Brak podpisu cyfrowego] S3 hid8101; C:\WINDOWS\System32\drivers\hid8101.sys [37024 2007-12-03] (Compuware Corporation) [Brak podpisu cyfrowego] S3 hid8103; C:\WINDOWS\System32\drivers\hid8103.sys [34587 2007-11-28] (Compuware Corporation) [Brak podpisu cyfrowego] R1 kl1; C:\WINDOWS\system32\drivers\kl1.sys [128016 2009-09-01] (Kaspersky Lab) R0 klbg; C:\WINDOWS\System32\drivers\klbg.sys [36880 2009-10-14] (Kaspersky Lab) R3 KLFLTDEV; C:\WINDOWS\System32\DRIVERS\klfltdev.sys [26640 2008-03-13] (Kaspersky Lab) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.) R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [5632 2005-02-17] () S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R3 NETw4x32; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2208512 2007-06-21] (Intel Corporation) R3 nhcDriverDevice; C:\WINDOWS\system32\drivers\nhcDriver.sys [22528 2017-02-04] (pBUS-167 Software - hxxp://www.pbus-167.com) [Brak podpisu cyfrowego] S3 nrtap; C:\WINDOWS\System32\DRIVERS\nrtap.sys [24576 2009-09-01] (NeoRouter Inc.) [Brak podpisu cyfrowego] R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-14] (Microsoft Corporation) R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2001-08-17] (Microsoft Corporation) R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2001-08-17] (Microsoft Corporation) S3 PortTalk; C:\WINDOWS\System32\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic hxxp://www.beyondlogic.org) [Brak podpisu cyfrowego] S3 ptun0901; C:\WINDOWS\System32\DRIVERS\ptun0901.sys [35288 2015-01-26] (The OpenVPN Project) S3 R-ImageDisk; C:\Program Files\R-Drive Image\R-ImageDisk.sys [181376 2014-10-10] (R-TT Inc.) [Brak podpisu cyfrowego] S3 RivaTuner32; C:\Program Files\RivaTuner v2.24\RivaTuner32.sys [9088 2009-02-25] () [Brak podpisu cyfrowego] R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1769984 2007-10-01] () R3 SOFTXG; C:\WINDOWS\System32\drivers\sxgxgwdm.sys [966784 2001-10-05] (YAMAHA CORPORATION) R0 speedfan; C:\WINDOWS\System32\speedfan.sys [21696 2010-12-18] (Almico Software) R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [443448 2014-08-05] () [Brak podpisu cyfrowego] S3 tapoas; C:\WINDOWS\System32\DRIVERS\tapoas.sys [26112 2010-08-03] (The OpenVPN Project) [Brak podpisu cyfrowego] R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation) R3 WDC_SAM; C:\WINDOWS\System32\DRIVERS\wdcsam_prewin8.sys [20256 2016-04-19] (Western Digital Technologies) U3 a8426dpe; C:\WINDOWS\system32\Drivers\a8426dpe.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder) S3 ATP; system32\DRIVERS\cmdatp.sys [X] S4 hpt3xx; Brak ImagePath S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S4 IntelIde; Brak ImagePath S3 klim5; system32\DRIVERS\klim5.sys [X] S3 massfilter; system32\drivers\massfilter.sys [X] S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X] S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X] S3 PCANDIS5; \??\C:\WINDOWS\system32\PCANDIS5.SYS [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) U5 usbser; C:\Windows\System32\Drivers\usbser.sys [26240 2013-08-29] (Microsoft Corporation) S3 uw_rt.sys; \??\C:\WINDOWS\system32\drivers\uw_rt.sys [X] U1 WS2IFSL; Brak ImagePath S3 xcpip; \SystemRoot\system32\drivers\xcpip.sys [X] S3 xpsec; \SystemRoot\system32\drivers\xpsec.sys [X] S3 ZDCndis5; \??\C:\WINDOWS\system32\ZDCndis5.SYS [X] S3 ZDPSp50; System32\Drivers\ZDPSp50.sys [X] S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X] U3 pwrdafob; \??\C:\DOCUME~1\Preki\USTAWI~1\Temp\pwrdafob.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-02-05 00:39 - 2017-02-05 00:39 - 00011503 _____ C:\Documents and Settings\Preki\Pulpit\MBRCheck_02.05.17_00.39.04.txt 2017-02-05 00:38 - 2017-02-05 00:38 - 00080384 _____ C:\Documents and Settings\Preki\Pulpit\MBRCheck.exe 2017-02-04 23:15 - 2017-02-04 23:15 - 00008192 _____ C:\WINDOWS\system32\WDPABKP.dat 2017-02-04 22:47 - 2017-02-04 23:13 - 00174002 _____ C:\TDSSKiller.3.1.0.12_04.02.2017_22.47.28_log.txt 2017-02-04 22:38 - 2017-02-04 22:38 - 00000000 ____D C:\TDSSKiller_Quarantine 2017-02-04 22:13 - 2017-02-04 22:13 - 00001129 _____ C:\Documents and Settings\Preki\Pulpit\hujstwo.txt 2017-02-04 22:06 - 2017-02-04 22:40 - 00174168 _____ C:\TDSSKiller.3.1.0.12_04.02.2017_22.06.11_log.txt 2017-02-04 22:03 - 2017-02-04 22:03 - 04747704 _____ (AO Kaspersky Lab) C:\Documents and Settings\Preki\Pulpit\tdsskiller.exe 2017-02-04 21:52 - 2017-02-05 10:53 - 00027661 _____ C:\Documents and Settings\Preki\Pulpit\FRST.txt 2017-02-04 19:55 - 2017-02-04 19:55 - 00380928 _____ C:\Documents and Settings\Preki\Pulpit\351d3r7o.exe 2017-01-31 14:53 - 2017-01-31 17:04 - 00000000 ____D C:\Documents and Settings\Preki\Pulpit\Consists 2017-01-29 14:35 - 2017-01-29 14:35 - 07815499 _____ C:\Documents and Settings\Preki\Pulpit\E30-Podkarpacie0102.rar 2017-01-27 13:03 - 2017-01-27 14:15 - 00000000 ____D C:\Program Files\Mozilla Firefox 2017-01-26 01:51 - 2017-01-26 01:52 - 00000000 ___RD C:\Documents and Settings\Preki\Pulpit\DR BR131 012 brownrahm 2017-01-25 14:04 - 2017-01-25 14:05 - 00000000 ____D C:\Documents and Settings\Preki\Pulpit\!PT22 2017-01-14 23:01 - 2017-02-04 21:52 - 00000000 ____D C:\FRST 2017-01-14 23:01 - 2017-01-14 23:01 - 01761280 _____ (Farbar) C:\Documents and Settings\Preki\Pulpit\FRST.exe 2017-01-14 22:10 - 2017-01-14 22:10 - 00388608 _____ (Trend Micro Inc.) C:\Documents and Settings\Preki\Pulpit\HijackThis.exe 2017-01-09 11:37 - 2017-01-09 11:53 - 00000000 ____D C:\Documents and Settings\Preki\Pulpit\AM (0.1.2) 2017-01-09 11:30 - 2017-01-09 11:36 - 79419999 _____ C:\Documents and Settings\Preki\Pulpit\AM (0.1.2).exe 2017-01-07 20:47 - 2012-12-01 19:13 - 00000000 ____D C:\Documents and Settings\Preki\Pulpit\tsrPlants_malchik_vol_3 2017-01-07 20:41 - 2012-12-01 19:13 - 00000000 ____D C:\Documents and Settings\Preki\Pulpit\tsrPlants_malchik_vol_4 ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-02-05 10:53 - 2011-09-14 17:42 - 00000000 ____D C:\Documents and Settings\Preki\Ustawienia lokalne\temp 2017-02-05 10:02 - 2012-02-02 13:24 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2017-02-05 09:55 - 2015-07-02 14:21 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2017-02-05 07:55 - 2012-01-16 23:47 - 00000000 ____D C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi 2017-02-05 00:39 - 2009-07-03 20:19 - 00000000 ____D C:\Documents and Settings\Preki\Pulpit 2017-02-04 23:59 - 2009-07-05 14:28 - 00000000 _____ C:\FileOut.Cns 2017-02-04 23:59 - 2009-07-05 14:28 - 00000000 _____ C:\FileIn.Cns 2017-02-04 22:59 - 2011-09-16 14:55 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\MFAData 2017-02-04 22:53 - 2013-11-04 13:56 - 00000442 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2017-02-04 22:53 - 2012-07-08 12:17 - 00022528 _____ (pBUS-167 Software - hxxp://www.pbus-167.com) C:\WINDOWS\system32\Drivers\nhcDriver.sys 2017-02-04 22:53 - 2012-01-16 23:47 - 00000000 ____D C:\Documents and Settings\Preki\Ustawienia lokalne\Dane aplikacji\LogMeIn Hamachi 2017-02-04 22:47 - 2016-09-20 11:37 - 00000314 ____H C:\WINDOWS\Tasks\AVG EUpdate Task.job 2017-02-04 22:46 - 2014-11-16 10:25 - 00000222 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2017-02-04 22:46 - 2012-02-02 13:24 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2017-02-04 22:45 - 2009-07-03 20:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-02-04 22:40 - 2009-07-03 20:19 - 00000188 ___SH C:\Documents and Settings\Preki\ntuser.ini 2017-02-04 22:40 - 2009-07-03 20:16 - 00032498 _____ C:\WINDOWS\SchedLgU.Txt 2017-02-04 22:36 - 2010-01-28 15:28 - 00000000 ____D C:\WINDOWS\system32\NtmsData 2017-02-04 15:14 - 2010-01-16 16:33 - 00000000 ____D C:\Documents and Settings\Preki\Moje dokumenty\MSTS-Screeny 2017-02-04 12:03 - 2009-07-03 20:19 - 00000000 ___RD C:\Documents and Settings\Preki\Moje dokumenty\Moja muzyka 2017-02-04 11:55 - 2001-07-21 23:17 - 00002300 _____ C:\WINDOWS\system32\wpa.dbl 2017-02-03 12:17 - 2016-09-03 07:47 - 00002757 _____ C:\Documents and Settings\Preki\Pulpit\!DB - WAZNE RZECZY!.txt 2017-02-01 01:37 - 2009-07-03 20:19 - 00000000 ____D C:\Documents and Settings\Preki 2017-01-30 01:53 - 2013-07-15 19:08 - 00002315 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk 2017-01-29 12:48 - 2010-04-01 21:15 - 00000000 ____D C:\Documents and Settings\Preki\Moje dokumenty\Chatzilla-LOGI 2017-01-29 12:38 - 2014-12-07 15:40 - 00000000 ___RD C:\Documents and Settings\Preki\Pulpit\Papieżfolder 2017-01-28 10:41 - 2012-04-26 22:24 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2017-01-27 11:18 - 2009-07-03 21:49 - 00000000 ___HD C:\WINDOWS\inf 2017-01-26 20:46 - 2011-10-17 16:26 - 00000000 ____D C:\Documents and Settings\Preki\Moje dokumenty\PISAĆ TEKSTY KURWAAAAA 2017-01-20 19:10 - 2009-08-23 11:22 - 00000000 ____D C:\gmax 2017-01-20 11:18 - 2009-07-21 23:01 - 00000116 _____ C:\WINDOWS\NeroDigital.ini 2017-01-20 00:34 - 2011-09-23 17:29 - 00000000 ____D C:\Documents and Settings\Preki\Ustawienia lokalne\Dane aplikacji\ApplicationHistory 2017-01-19 01:49 - 2009-07-11 23:55 - 00000000 ____D C:\Documents and Settings\Preki\Dane aplikacji\uTorrent 2017-01-18 21:07 - 2015-01-22 13:23 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2017-01-18 12:28 - 2013-07-10 19:50 - 00000000 ____D C:\Documents and Settings\Preki\Ustawienia lokalne\Dane aplikacji\Adobe 2017-01-18 12:27 - 2015-05-24 18:10 - 00802904 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2017-01-18 12:27 - 2015-05-24 18:10 - 00144472 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2017-01-18 12:27 - 2009-07-03 20:10 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-01-18 11:22 - 2001-07-21 23:16 - 00001333 _____ C:\WINDOWS\win.ini 2017-01-18 00:15 - 2010-10-21 13:25 - 00000000 ____D C:\Documents and Settings\Preki\Moje dokumenty\PDF 2017-01-16 10:48 - 2014-11-16 03:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2929961$ 2017-01-15 13:22 - 2014-11-06 23:47 - 00000000 ____D C:\Program Files\Enigma Software Group 2017-01-15 13:22 - 2009-07-03 20:19 - 00000000 __RHD C:\Documents and Settings\Preki\Dane aplikacji 2017-01-15 12:16 - 2014-08-25 08:14 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-01-14 22:09 - 2009-07-03 20:19 - 00001599 _____ C:\Documents and Settings\Preki\Menu Start\Programy\Pomoc zdalna.lnk 2017-01-09 20:41 - 2009-07-03 20:19 - 00000000 ___RD C:\Documents and Settings\Preki\Moje dokumenty 2017-01-09 01:24 - 2009-07-03 21:55 - 00000000 ____D C:\Documents and Settings\All Users 2017-01-08 15:00 - 2014-11-16 10:25 - 00000216 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job ==================== Pliki w katalogu głównym wybranych folderów ======= 2011-09-02 16:11 - 2011-09-02 16:11 - 5847201 _____ () C:\Program Files\Traffic.rar 2016-09-04 13:44 - 2016-09-06 13:06 - 0004286 _____ () C:\Documents and Settings\Preki\Dane aplikacji\DyktakConfig.xml 2009-07-05 11:34 - 2016-10-24 00:53 - 0212480 _____ () C:\Documents and Settings\Preki\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2009-07-12 14:36 - 2009-07-12 14:36 - 0000130 _____ () C:\Documents and Settings\Preki\Ustawienia lokalne\Dane aplikacji\fusioncache.dat 2012-12-29 18:40 - 2012-12-30 11:56 - 0000044 _____ () C:\Documents and Settings\All Users\Dane aplikacji\{3D55D1F4-1059-11DC-B281-197056D89593} ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo ==================== Koniec FRST.txt ============================