Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 08-07-2017 Uruchomiony przez Kamil (administrator) DOMOWY (10-07-2017 12:42:00) Uruchomiony z C:\Users\Kamil\Desktop\Naprawa PC Załadowane profile: Kamil & Iwonka (Dostępne profile: Kamil & Iwonka & Administrator) Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Język: Polski (Polska) Internet Explorer Wersja 9 (Domyślna przeglądarka nie została wykryta!) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUS) C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe () C:\Program Files\ATKGFNEX\GFNEXSrv.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Macrovision) C:\Windows\System32\drivers\CDAC11BA.EXE (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe () C:\Program Files\ASUS\Wireless Console 3\wcourier.exe () C:\Program Files\ASUS\ASUS Live Update\ALU.exe (ASUS) C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe (ATK) C:\Program Files\P4G\BatteryLife.exe (ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ATK) C:\Program Files\ASUS\Splendid\ACMON.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe (Symantec Corporation) C:\Program Files\Norton Ghost\Agent\VProSvc.exe (PC Tools) C:\Program Files\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe (Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe () C:\Program Files\CyberLink\Shared files\RichVideo.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\ICM-Service.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (ASUSTeK) C:\Windows\System32\ACEngSvr.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Symantec) C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe (ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ASUS) C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe (ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (AlcorMicro Co., Ltd.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe (ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) C:\Windows\AsScrPro.exe (ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (Symantec Corporation) C:\Program Files\Norton Ghost\Agent\VProTray.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Brother Industries, Ltd.) C:\Program Files\Brother\Brother Help\BrotherHelp.exe (Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe (Symantec Corporation) C:\Program Files\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Nokia) C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe () C:\Program Files\Dropbox\Client\QtWebEngineProcess.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD.EXE (ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe (ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe (ASUS) C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe (ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe () C:\Program Files\ASUS\ASUS Live Update\ALU.exe (ASUS) C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe (ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe (ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (AlcorMicro Co., Ltd.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe (ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) C:\Windows\AsScrPro.exe (ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (Symantec Corporation) C:\Program Files\Norton Ghost\Agent\VProTray.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Brother Industries, Ltd.) C:\Program Files\Brother\Brother Help\BrotherHelp.exe (Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe (Symantec Corporation) C:\Program Files\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe (Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Microsoft Corporation) C:\Windows\System32\conime.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [497024 2009-07-30] (ELAN Microelectronic Corp.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7612960 2009-07-10] (Realtek Semiconductor) HKLM\...\Run: [AmIcoSinglun] => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [237568 2009-04-09] (AlcorMicro Co., Ltd.) HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS) HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUS) HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMedia.exe [170624 2009-08-20] (ASUS) HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3054136 2009-09-04] (ASUS) HKLM\...\Run: [ASUS Camera ScreenSaver] => C:\Windows\AsScrProlog.exe [72248 2009-09-04] (ASUS) HKLM\...\Run: [ADSMTray] => C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952 2009-06-24] (ASUSTek Computer Inc.) HKLM\...\Run: [Norton Ghost 14.0] => C:\Program Files\Norton Ghost\Agent\VProTray.exe [2245984 2008-01-19] (Symantec Corporation) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [BrHelp] => C:\Program Files\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-07-04] (AVAST Software) HKLM\...\Run: [ZoneAlarm] => C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [144184 2016-09-07] (Check Point Software Technologies Ltd.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.) HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [3486520 2017-06-26] (Dropbox, Inc.) HKLM\...\Run: [SSDMonitor] => C:\Program Files\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [106112 2017-02-17] (Symantec Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Ograniczenia <==== UWAGA HKU\S-1-5-21-4186827856-2280528054-3172899137-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-4186827856-2280528054-3172899137-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd) HKU\S-1-5-21-4186827856-2280528054-3172899137-1000\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [222592 2007-08-01] (Alcohol Soft Development Team) HKU\S-1-5-21-4186827856-2280528054-3172899137-1000\...\Run: [iFunBox Price Watch] => C:\Program Files\iFunbox 2014\iFunBox2014.exe [7748096 2013-11-26] (i-Funbox.com) HKU\S-1-5-21-4186827856-2280528054-3172899137-1000\...\Run: [PC Suite Tray] => C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia) HKU\S-1-5-21-4186827856-2280528054-3172899137-1000\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-4186827856-2280528054-3172899137-1000\...\MountPoints2: J - J:\DTVP_Launcher.exe HKU\S-1-5-21-4186827856-2280528054-3172899137-1000\...\MountPoints2: {178f8962-aedd-11df-8926-002243cbd7a2} - setup.exe HKU\S-1-5-21-4186827856-2280528054-3172899137-1000\...\MountPoints2: {e2b1bad6-b1a8-11e2-968d-002243cbd7a2} - I:\DTVP_Launcher.exe HKU\S-1-5-21-4186827856-2280528054-3172899137-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\WITECZ~1.SCR [6412288 2013-02-17] () Lsa: [Notification Packages] scecli C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-02-27] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2010-01-08] ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk [2010-01-08] ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe (Acresso Software Inc.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 192.168.0.1 Tcpip\..\Interfaces\{5CD423CF-4A4E-445E-9984-7094C45A51A6}: [DhcpNameServer] 8.8.8.8 192.168.0.1 Tcpip\..\Interfaces\{66AA0FB0-005A-4EC6-B897-7E40F6A9814F}: [DhcpNameServer] 8.8.8.8 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1413183774&from=cor&uid=ST9500325AS_5VE3NTWKXXXX5VE3NTWK&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1413183774&from=cor&uid=ST9500325AS_5VE3NTWKXXXX5VE3NTWK&q={searchTerms} HKU\S-1-5-21-4186827856-2280528054-3172899137-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.pl/ HKU\S-1-5-21-4186827856-2280528054-3172899137-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://asus.msn.com/ hxxp://www.pogodynka.pl/polska/lublin_lublin HKU\S-1-5-21-4186827856-2280528054-3172899137-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com HKU\S-1-5-21-4186827856-2280528054-3172899137-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com URLSearchHook: HKU\S-1-5-21-4186827856-2280528054-3172899137-1000 - (Brak nazwy) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - Brak pliku SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS SearchScopes: HKU\S-1-5-21-4186827856-2280528054-3172899137-1000 -> {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=d454d2ec000000000000002243cbd7a2&tlver=1.4.19.19&affID=17160 SearchScopes: HKU\S-1-5-21-4186827856-2280528054-3172899137-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-07-07] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-07-07] (Oracle Corporation) BHO: IplexToALLPlayer -> {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} -> C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll [2013-11-01] (ALLCinema Ltd.) Toolbar: HKU\S-1-5-21-4186827856-2280528054-3172899137-1000 -> Brak nazwy - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Brak pliku Toolbar: HKU\S-1-5-21-4186827856-2280528054-3172899137-1000 -> Brak nazwy - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Brak pliku DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/1.4/jinstall-14_07-windows-i586.cab DPF: {CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/1.4/jinstall-14_07-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Handler: linkscanner - Brak wartości CLSID - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1413183774&from=cor&uid=ST9500325AS_5VE3NTWKXXXX5VE3NTWK FireFox: ======== FF ProfilePath: C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\hmn4j5um.default [2017-07-10] FF SelectedSearchEngine: Mozilla\Firefox\Profiles\hmn4j5um.default -> webssearches FF Homepage: Mozilla\Firefox\Profiles\hmn4j5um.default -> hxxp://www.google.pl/ FF Extension: (FaniMani.pl) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\hmn4j5um.default\Extensions\fanimaniextension@fanimani.pl.xpi [2017-03-15] FF Extension: (Iplex to ALLPlayer) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\hmn4j5um.default\Extensions\IplextoALL@ALLPlayer.org [2014-01-29] [Brak podpisu cyfrowego] FF Extension: (Iplex to ALLPlayer) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\hmn4j5um.default\Extensions\IplextoALL@ALLPlayer.org.xpi [2011-10-26] [Brak podpisu cyfrowego] FF Extension: (ALLYouTubeDownloader) - C:\Users\Kamil\AppData\Roaming\Mozilla\Firefox\Profiles\hmn4j5um.default\Extensions\YouTubetoALL@ALLPlayer.org.xpi [2016-04-27] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-10-11] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [avg@igeared] - C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared FF Extension: (AVG Security Toolbar) - C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011-06-27] [Brak podpisu cyfrowego] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2015-07-15] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-10-05] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-18] () FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] () FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-07-07] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-07-07] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.) FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.) FF Plugin HKU\S-1-5-21-4186827856-2280528054-3172899137-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Kamil\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-10-18] (Citrix Online) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-09-09] Chrome: ======= CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - CHR HKLM\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files\Complitly\chrome\ComplitlyChrome.crx [2012-02-25] CHR HKLM\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files\DealPly\DealPly.crx [2011-12-19] CHR HKU\S-1-5-21-4186827856-2280528054-3172899137-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files\DealPly\DealPly.crx [2011-12-19] Opera: ======= StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera\Opera.exe hxxp://www.istartpageing.com/?type=sc&ts=1449420878&z=643cbca70bd8bad81772a51gdz7zft7z3obe0bfm5q&from=cor&uid=ST9500325AS_5VE3NTWKXXXX5VE3NTWK ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-06-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego] R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [Brak podpisu cyfrowego] R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-16] (ASUS) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5815840 2017-07-04] (AVAST Software s.r.o.) R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [Brak podpisu cyfrowego] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-07-04] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [311592 2017-07-04] (AVAST Software) S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [1025352 2011-05-30] () S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Brak podpisu cyfrowego] R2 C-DillaCdaC11BA; C:\Windows\system32\drivers\CDAC11BA.EXE [54784 2010-11-04] (Macrovision) [Brak podpisu cyfrowego] S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-12] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-12] (Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42824 2017-06-26] (Dropbox, Inc.) S3 DiskDoctorService; C:\Program Files\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1150552 2015-03-17] (Symantec Corporation) S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-26] (Symantec Corporation) R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Brak podpisu cyfrowego] R2 MSSQL$ELISOFT; c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation) R2 Norton Ghost; C:\Program Files\Norton Ghost\Agent\VProSvc.exe [4388192 2008-01-19] (Symantec Corporation) R2 NU16StartManagerSvc; C:\Program Files\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [795736 2015-03-17] (PC Tools) R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-04-24] (Sony Corporation) R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] () S3 SpeedDiskService; C:\Program Files\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1163864 2015-03-17] (Symantec Corporation) R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [Brak podpisu cyfrowego] R3 SymSnapService; C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe [1553896 2007-12-20] (Symantec) R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [4087568 2016-09-07] (Check Point Software Technologies Ltd.) S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) S3 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2016-08-09] (Check Point Software Technologies, Ltd.) [Brak podpisu cyfrowego] R2 ZoneAlarm ICM Service; C:\Program Files\CheckPoint\ZoneAlarm\ICM-Service.exe [794424 2016-09-07] (Check Point Software Technologies Ltd.) R2 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe /Processid:{58382673-C0DD-4690-9B0B-23741EE41868} ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [25600 2009-05-08] (Alcor Micro, Corp.) R0 AsDsm; C:\Windows\system32\Drivers\AsDsm.sys [30264 2009-09-04] (ASUSTek Computer Inc) R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] () R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [266976 2017-07-04] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [157384 2017-07-04] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [276704 2017-07-04] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [50352 2017-07-04] (AVAST Software s.r.o.) S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [65344 2016-12-01] (AVAST Software) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [42824 2017-07-04] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [123896 2017-07-04] (AVAST Software) R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2016-12-09] (ALWIL Software) R0 aswNdis2; C:\Windows\system32\drivers\aswNdis2.sys [339952 2017-07-04] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [70088 2017-07-04] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [70840 2017-07-04] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774288 2017-07-04] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [496976 2017-07-04] (AVAST Software) R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [202688 2017-07-04] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [296312 2017-07-04] (AVAST Software) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2010-03-12] () S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [29192 2009-06-17] () R2 CdaC15BA; C:\Windows\system32\drivers\CdaC15BA.SYS [12464 2010-11-04] (Macrovision Europe Ltd) [Brak podpisu cyfrowego] R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [87040 2009-07-29] (ELAN Microelectronic Corp.) S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] () [Brak podpisu cyfrowego] R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [13880 2008-11-03] ( ) R3 L1C; C:\Windows\System32\DRIVERS\L1C60x86.sys [53248 2009-09-04] (Atheros Communications, Inc.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2010-03-12] () R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2009-06-18] (Windows (R) Win 7 DDK provider) R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2008-12-24] (ATK0100) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1752704 2008-08-11] () R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-03-03] () [Brak podpisu cyfrowego] R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [Brak podpisu cyfrowego] R2 v2imount; C:\Windows\System32\DRIVERS\v2imount.sys [38112 2008-01-19] (Symantec Corporation) S3 VClone; C:\Windows\System32\DRIVERS\VClone.sys [29696 2009-05-23] (Elaborate Bytes AG) [Brak podpisu cyfrowego] S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [15088 2008-01-19] (Symantec Corporation) R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [367040 2016-09-07] (Check Point Software Technologies Ltd.) U3 akvrxmoa; C:\Windows\system32\Drivers\akvrxmoa.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder) U3 am0i1i92; C:\Windows\system32\Drivers\am0i1i92.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-07-10 12:41 - 2017-07-10 12:42 - 00000000 ____D C:\FRST 2017-07-10 12:31 - 2017-07-10 12:31 - 00000000 ____D C:\Users\Iwonka.Domowy\AppData\Roaming\AVAST Software 2017-07-10 12:31 - 2017-07-10 12:31 - 00000000 ____D C:\Users\Iwonka.Domowy\AppData\Local\CEF 2017-07-10 12:23 - 2017-07-10 12:27 - 00000000 ____D C:\Users\Iwonka.Domowy\AppData\LocalLow\Mozilla 2017-07-10 12:23 - 2017-07-10 12:23 - 00000000 ____D C:\Users\Iwonka.Domowy\AppData\Roaming\Mozilla 2017-07-10 12:23 - 2017-07-10 12:23 - 00000000 ____D C:\Users\Iwonka.Domowy\AppData\Local\Mozilla 2017-07-10 12:22 - 2017-07-10 12:22 - 00000000 ____D C:\Users\Iwonka.Domowy\Documents\Bluetooth Exchange Folder 2017-07-10 12:22 - 2017-07-10 12:22 - 00000000 ____D C:\Users\Iwonka.Domowy\Bluetooth Software 2017-07-10 12:22 - 2017-07-10 12:22 - 00000000 ____D C:\Users\Iwonka.Domowy\AppData\Roaming\Apple Computer 2017-07-10 12:21 - 2017-07-10 12:24 - 00000000 ____D C:\Users\Iwonka.Domowy\AppData\Local\Dropbox 2017-07-10 12:21 - 2017-07-10 12:21 - 00106936 _____ C:\Users\Iwonka.Domowy\AppData\Local\GDIPFONTCACHEV1.DAT 2017-07-10 12:21 - 2017-07-10 12:21 - 00000000 ____D C:\Users\Iwonka.Domowy\AppData\Local\SRS Labs 2017-07-10 12:20 - 2017-07-10 12:20 - 00000956 _____ C:\Users\Iwonka.Domowy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-07-10 12:20 - 2017-07-10 12:20 - 00000951 _____ C:\Users\Iwonka.Domowy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2017-07-10 12:19 - 2017-07-10 12:22 - 00000000 ____D C:\Users\Iwonka.Domowy\AppData\Roaming\PC Suite 2017-07-10 12:19 - 2017-07-10 12:19 - 00000922 _____ C:\Users\Iwonka.Domowy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk 2017-07-10 12:19 - 2017-07-10 12:19 - 00000020 ___SH C:\Users\Iwonka.Domowy\ntuser.ini 2017-07-10 12:19 - 2017-07-10 12:19 - 00000000 _SHDL C:\Users\Iwonka.Domowy\Ustawienia lokalne 2017-07-10 12:19 - 2017-07-10 12:19 - 00000000 _SHDL C:\Users\Iwonka.Domowy\Szablony 2017-07-10 12:19 - 2017-07-10 12:19 - 00000000 _SHDL C:\Users\Iwonka.Domowy\Moje dokumenty 2017-07-10 12:19 - 2017-07-10 12:19 - 00000000 _SHDL C:\Users\Iwonka.Domowy\Menu Start 2017-07-10 12:19 - 2017-07-10 12:19 - 00000000 _SHDL C:\Users\Iwonka.Domowy\Documents\Moje wideo 2017-07-10 12:19 - 2017-07-10 12:19 - 00000000 _SHDL C:\Users\Iwonka.Domowy\Documents\Moje obrazy 2017-07-10 12:19 - 2017-07-10 12:19 - 00000000 _SHDL C:\Users\Iwonka.Domowy\Documents\Moja muzyka 2017-07-10 12:19 - 2017-07-10 12:19 - 00000000 _SHDL C:\Users\Iwonka.Domowy\Dane aplikacji 2017-07-10 12:19 - 2017-07-10 12:19 - 00000000 _SHDL C:\Users\Iwonka.Domowy\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2017-07-10 12:19 - 2017-07-10 12:19 - 00000000 _SHDL C:\Users\Iwonka.Domowy\AppData\Local\Historia 2017-07-10 12:19 - 2017-07-10 12:19 - 00000000 _SHDL C:\Users\Iwonka.Domowy\AppData\Local\Dane aplikacji 2017-07-10 12:19 - 2017-07-10 12:19 - 00000000 ____D C:\Users\Iwonka.Domowy\AppData\Local\VirtualStore 2017-07-10 12:18 - 2017-07-10 12:22 - 00000000 ____D C:\Users\Iwonka.Domowy 2017-07-10 12:18 - 2014-03-30 19:32 - 00000000 ____D C:\Users\Iwonka.Domowy\AppData\Roaming\Macromedia 2017-07-10 12:18 - 2012-11-08 22:43 - 00000000 ____D C:\Users\Iwonka.Domowy\AppData\Roaming\TuneUp Software 2017-07-10 12:18 - 2009-10-09 23:25 - 00000000 ____D C:\Users\Iwonka.Domowy\AppData\Local\Microsoft Help 2017-07-10 12:18 - 2009-09-04 04:15 - 00000990 _____ C:\Users\Iwonka.Domowy\Desktop\ASUS Video Magic.lnk 2017-07-10 12:18 - 2009-09-04 04:15 - 00000000 ____D C:\Users\Iwonka.Domowy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic 2017-07-10 12:18 - 2009-09-04 03:27 - 00000000 ____D C:\Users\Iwonka.Domowy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite 2017-07-10 12:18 - 2006-11-02 14:37 - 00000000 ____D C:\Users\Iwonka.Domowy\AppData\Roaming\Media Center Programs 2017-07-10 12:17 - 2017-07-10 12:42 - 00000000 ____D C:\Users\Kamil\Desktop\Naprawa PC 2017-07-10 09:03 - 2017-07-10 09:03 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-07-07 14:04 - 2017-07-07 14:04 - 00106936 _____ C:\Users\Kamil\AppData\Local\GDIPFONTCACHEV1.DAT 2017-07-07 12:36 - 2017-07-07 12:37 - 00422320 _____ C:\Windows\system32\FNTCACHE.DAT 2017-07-07 11:16 - 2017-07-07 11:16 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\Sun 2017-07-04 20:17 - 2017-07-04 20:17 - 00030166 _____ C:\Users\Kamil\Downloads\bilet_7110867239437.pdf 2017-07-04 11:33 - 2017-07-04 11:31 - 00303280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-07-03 12:44 - 2017-07-10 12:38 - 00000000 ____D C:\Users\Kamil\Desktop\Maciek Galarda 2017-06-28 09:52 - 2017-06-28 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-06-26 12:27 - 2017-06-26 12:27 - 00042824 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2017-06-26 12:27 - 2017-06-26 12:27 - 00035408 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2017-06-26 12:27 - 2017-06-26 12:27 - 00035408 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2017-06-26 12:27 - 2017-06-26 12:27 - 00035408 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2017-06-19 08:30 - 2017-06-19 08:30 - 03706880 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2017-07-10 12:38 - 2017-02-12 17:33 - 00001138 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2017-07-10 12:19 - 2017-02-17 13:02 - 00000276 _____ C:\Windows\Tasks\NUAutoUpdate.job 2017-07-10 12:19 - 2017-02-12 17:33 - 00001134 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2017-07-10 12:19 - 2009-09-04 03:25 - 00000000 ____D C:\ProgramData\Temp 2017-07-10 11:26 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2017-07-10 11:26 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2017-07-10 10:54 - 2008-04-18 02:01 - 00765618 _____ C:\Windows\system32\perfh015.dat 2017-07-10 10:54 - 2008-04-18 02:01 - 00171120 _____ C:\Windows\system32\perfc015.dat 2017-07-10 10:54 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf 2017-07-10 10:54 - 2006-11-02 12:33 - 01758422 _____ C:\Windows\system32\PerfStringBackup.INI 2017-07-10 09:34 - 2016-11-17 22:49 - 00000000 ____D C:\Users\Kamil\AppData\LocalLow\Mozilla 2017-07-10 09:08 - 2010-01-27 00:16 - 00000000 ____D C:\Users\Kamil\AppData\Local\CrashDumps 2017-07-10 09:04 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Registration 2017-07-10 09:03 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-07-07 18:02 - 2009-09-04 03:06 - 00009588 _____ C:\Windows\bthservsdp.dat 2017-07-07 18:02 - 2006-11-02 15:01 - 00032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-07-07 18:00 - 2009-12-05 01:34 - 00000442 _____ C:\Windows\Tasks\ParetoLogic Registration.job 2017-07-07 17:45 - 2017-06-06 15:01 - 00189440 _____ C:\Users\Kamil\Desktop\Telefony.xls 2017-07-07 17:24 - 2017-02-17 12:41 - 00000000 ____D C:\Users\Kamil\AppData\Roaming\Norton Utilities 16 2017-07-07 14:45 - 2017-06-06 15:01 - 00150016 _____ C:\Users\Kamil\Desktop\Klienci fundacja.xls 2017-07-07 11:20 - 2013-10-21 19:16 - 00000000 ____D C:\ProgramData\Oracle 2017-07-07 11:19 - 2013-10-21 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-07-07 11:15 - 2015-01-21 21:26 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2017-07-07 11:15 - 2009-11-03 23:53 - 00000000 ____D C:\Program Files\Java 2017-07-07 11:05 - 2011-06-28 20:03 - 00000000 ____D C:\Program Files\ChomikBox 2017-07-07 10:52 - 2017-06-05 15:38 - 00000000 ____D C:\Users\Kamil\Desktop\Konferencja 2017-07-06 19:53 - 2017-02-17 13:02 - 00000268 _____ C:\Windows\Tasks\NUSchedule.job 2017-07-06 13:07 - 2016-11-02 22:42 - 00000000 ____D C:\Users\Kamil\Desktop\Leasing 2017-07-05 20:15 - 2016-04-19 21:31 - 00000000 ____D C:\Users\Kamil\Desktop\Przepisy 2017-07-05 09:50 - 2010-06-02 16:38 - 00000000 ____D C:\Windows\Minidump 2017-07-04 13:35 - 2017-01-29 15:40 - 00000000 ____D C:\Users\Kamil\Desktop\Kolejne posty 2017-07-04 12:33 - 2016-11-21 16:53 - 00000000 ____D C:\SS_AGENT 2017-07-04 11:36 - 2016-10-05 23:31 - 00296312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys 2017-07-04 11:32 - 2016-10-05 23:31 - 00496976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2017-07-04 11:32 - 2016-10-05 23:31 - 00202688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys 2017-07-04 11:32 - 2016-10-05 23:31 - 00123896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-07-04 11:32 - 2016-10-05 23:31 - 00070840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-07-04 11:32 - 2016-10-05 23:31 - 00070088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys 2017-07-04 11:32 - 2016-10-05 23:31 - 00042824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-07-04 11:31 - 2016-10-05 23:31 - 00774288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-07-04 11:30 - 2017-03-16 10:30 - 00276704 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys 2017-07-04 11:30 - 2017-03-16 10:30 - 00266976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys 2017-07-04 11:30 - 2017-03-16 10:30 - 00157384 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys 2017-07-04 11:30 - 2017-03-16 10:30 - 00050352 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys 2017-07-04 11:30 - 2016-12-09 16:17 - 00339952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys 2017-07-04 11:16 - 2015-05-22 10:31 - 00007889 _____ C:\Windows\BRRBCOM.INI 2017-07-03 10:46 - 2016-11-17 21:35 - 00000000 ____D C:\Program Files\Mozilla Firefox 2017-07-03 10:46 - 2012-05-28 06:35 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2017-06-28 09:54 - 2017-02-12 17:33 - 00000000 ____D C:\Program Files\Dropbox 2017-06-20 13:14 - 2017-03-18 18:33 - 00000000 ____D C:\Users\Kamil\Desktop\Gurbacka 2017-06-19 08:30 - 2012-04-02 09:10 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2017-06-19 08:30 - 2011-05-30 18:42 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2017-06-19 08:30 - 2009-09-04 04:07 - 00000000 ____D C:\Windows\system32\Macromed 2017-06-18 13:25 - 2014-08-25 08:49 - 00000000 ____D C:\Users\Kamil\AppData\Local\Adobe 2017-06-18 13:23 - 2013-04-25 20:43 - 00000000 ____D C:\Program Files\Opera 2017-06-15 11:28 - 2017-02-12 17:33 - 00000000 ____D C:\Users\Kamil\AppData\Local\Dropbox 2017-06-12 16:21 - 2015-03-24 17:37 - 00000000 ____D C:\Users\Kamil\Desktop\Fundacja ==================== Pliki w katalogu głównym wybranych folderów ======= 2013-06-26 21:00 - 2014-06-25 17:34 - 0003728 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml 2007-06-12 18:34 - 2007-06-12 18:34 - 0035822 _____ () C:\Program Files\Common Files\ASPG_icon.ico 2008-05-22 17:35 - 2008-05-22 17:35 - 0051962 _____ () C:\Program Files\Common Files\banner.jpg 2009-04-08 19:31 - 2009-04-08 19:31 - 0106496 _____ () C:\Program Files\Common Files\CPInstallAction.dll 2008-08-12 06:45 - 2008-08-12 06:45 - 0155648 _____ (ASUS) C:\Program Files\Common Files\MSIactionall.dll 2010-08-21 09:23 - 2010-08-21 09:23 - 0038423 _____ () C:\Users\Kamil\AppData\Roaming\Microsoft Access 97-2003.ADR 2010-08-20 21:10 - 2010-08-20 21:10 - 0038437 _____ () C:\Users\Kamil\AppData\Roaming\Microsoft Excel 97-2003.ADR 2010-08-21 09:24 - 2010-08-21 09:24 - 0038437 _____ () C:\Users\Kamil\AppData\Roaming\Wartości oddzielone przecinkami (DOS).ADR 2010-08-20 21:16 - 2010-08-20 21:16 - 0038437 _____ () C:\Users\Kamil\AppData\Roaming\Wartości oddzielone przecinkami (Windows).ADR 2010-08-21 09:24 - 2010-08-21 09:24 - 0038438 _____ () C:\Users\Kamil\AppData\Roaming\Wartości oddzielone tabulatorami (Windows).ADR 2013-12-31 15:45 - 2015-05-18 14:55 - 0000134 _____ () C:\Users\Kamil\AppData\Roaming\WB.CFG 2010-04-26 19:36 - 2017-02-17 13:01 - 0001356 _____ () C:\Users\Kamil\AppData\Local\d3d9caps.dat 2009-10-09 21:39 - 2016-08-01 17:16 - 0123392 _____ () C:\Users\Kamil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2011-07-09 09:39 - 2015-06-23 12:55 - 0004096 ____H () C:\Users\Kamil\AppData\Local\keyfile3.drm 2015-12-16 16:04 - 2015-12-16 16:04 - 0011293 _____ () C:\ProgramData\1450274655.bdinstall.bin 2010-08-17 20:56 - 2010-08-20 20:01 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt 2009-09-04 04:15 - 2009-09-04 04:15 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2009-09-04 03:26 - 2009-09-04 03:27 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2009-09-04 04:13 - 2009-09-04 04:14 - 0000106 _____ () C:\ProgramData\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}.log 2009-09-04 03:25 - 2009-09-04 03:26 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2009-09-04 04:09 - 2009-09-04 04:13 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log 2009-09-04 04:15 - 2009-09-04 04:15 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log 2009-09-04 04:08 - 2009-09-04 04:09 - 0000115 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log Niektóre pliki w TEMP: ==================== 2017-07-07 11:10 - 2017-07-07 11:10 - 0739904 _____ (Oracle Corporation) C:\Users\Kamil\AppData\Local\Temp\jre-8u131-windows-au.exe ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2017-07-10 09:11 ==================== Koniec FRST.txt ============================