Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 18.07.2018 Uruchomiony przez Helmut1 (administrator) HELMUT1-PC (19-07-2018 18:44:40) Uruchomiony z C:\FRST\FRST-OlderVersion\FRST-OlderVersion Załadowane profile: Helmut1 (Dostępne profile: Helmut1) Platform: Windows Vista (TM) Home Basic Service Pack 2 (X86) Język: Polski (Polska) Internet Explorer Wersja 9 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Amiti Antivirus\AmitiAntivirusHealth.exe (NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Amiti Antivirus\AmitiAntivirusSrv.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (RealNetworks, Inc.) C:\Program Files\real\realplayer\Update\realsched.exe (NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Amiti Antivirus\AmitiAntivirus.exe (Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE (Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [persistence module] => C:\Windows\system32\igfxpers.exe [173624 2018-06-07] (Intel Corporation) HKLM\...\Run: [TkBellExe] => C:\Program Files\real\realplayer\update\realsched.exe [295072 2013-01-10] (RealNetworks, Inc.) Winlogon\Notify\!SASWinLogon: HKU\S-1-5-21-1759809761-457753107-4180812289-1000\...\Run: [AmitiAntivirus] => C:\Program Files\NETGATE\Amiti Antivirus\AmitiAntivirus.exe [2682176 2015-03-17] (NETGATE Technologies s.r.o.) HKU\S-1-5-21-1759809761-457753107-4180812289-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1759809761-457753107-4180812289-1000\...\Policies\Explorer: [ForceClassicControlPanel] 1 HKU\S-1-5-21-1759809761-457753107-4180812289-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\eMachines.scr [413696 2009-03-03] (Acer) ShellExecuteHooks: Brak nazwy - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - -> Brak pliku Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk [2018-07-07] ShortcutTarget: Empowering Technology Launcher.lnk -> C:\Program Files\Acer\Empowering Technology\eAPLauncher.exe (Acer Inc.) GroupPolicy: Ograniczenia - Windows Defender <==== UWAGA GroupPolicy\User: Ograniczenia ? <==== UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Winsock: Catalog9 11 %windir%\system32\vsocklib.dll => Brak pliku Winsock: Catalog9 12 %windir%\system32\vsocklib.dll => Brak pliku Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 Tcpip\..\Interfaces\{356E5525-BB79-4801-BEEC-1019B5A83076}: [DhcpNameServer] 192.168.1.1 0.0.0.0 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1759809761-457753107-4180812289-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp HKU\S-1-5-21-1759809761-457753107-4180812289-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=chrf-iryus&type=ypi_znlrm_00_00_ie URLSearchHook: HKU\S-1-5-21-1759809761-457753107-4180812289-1000 - (Brak nazwy) - {472734EA-242A-422b-ADF8-83D1E48CC825} - Brak pliku SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1759809761-457753107-4180812289-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1759809761-457753107-4180812289-1000 -> {A0F42C68-5B1D-4B0B-A261-3B6221D387F2} URL = hxxps://search.yahoo.com/search?p={searchTerms}&intl=us&fr=chrf-iryus&type=ypi_znlrm_00_00_ie SearchScopes: HKU\S-1-5-21-1759809761-457753107-4180812289-1000 -> {F813F595-1DA6-4476-915D-E3C2FDF0B758} URL = hxxp://www.google.com/cse?cx=partner-pub-6697027465779297:1722623130&ie=ISO-8859-1&sa=Search&q={searchTerms} Toolbar: HKU\S-1-5-21-1759809761-457753107-4180812289-1000 -> Brak nazwy - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Brak pliku Toolbar: HKU\S-1-5-21-1759809761-457753107-4180812289-1000 -> Brak nazwy - {724D43A0-0D85-11D4-9908-00400523E39A} - Brak pliku Toolbar: HKU\S-1-5-21-1759809761-457753107-4180812289-1000 -> Brak nazwy - {37483B40-C254-4A72-BDA4-22EE90182C1E} - Brak pliku Toolbar: HKU\S-1-5-21-1759809761-457753107-4180812289-1000 -> Brak nazwy - {90EEE664-34B1-422A-A782-779AF65CDF6D} - Brak pliku Toolbar: HKU\S-1-5-21-1759809761-457753107-4180812289-1000 -> Brak nazwy - {51A86BB3-6602-4C85-92A5-130EE4864F13} - Brak pliku Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2018-04-17] (Belarc, Inc.) Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Helmut1\AppData\Roaming\Nvu\Profiles\pi0zxbco.default [2018-06-02] FF Extension: (Brak nazwy) - C:\Users\Helmut1\AppData\Roaming\Nvu\Profiles\pi0zxbco.default\Extensions\temp [2010-11-05] [Brak podpisu cyfrowego] FF Extension: (AboutConfig) - C:\Users\Helmut1\AppData\Roaming\Nvu\Profiles\pi0zxbco.default\Extensions\{412395cf-187c-40a2-bc8c-3ca45ccdb3e8} [2018-06-02] [Przestarzałe] [Brak podpisu cyfrowego] FF Extension: (fireFTP) - C:\Users\Helmut1\AppData\Roaming\Nvu\Profiles\pi0zxbco.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2010-11-05] [Przestarzałe] [Brak podpisu cyfrowego] FF Extension: (URL Cleaner) - C:\Users\Helmut1\AppData\Roaming\Nvu\Profiles\pi0zxbco.default\Extensions\{bf39dc20-5b37-11da-8cd6-0800200c9a66} [2010-11-05] [Przestarzałe] [Brak podpisu cyfrowego] FF Extension: (Joomla! Template Builder Extension) - C:\Users\Helmut1\AppData\Roaming\Nvu\Profiles\pi0zxbco.default\Extensions\{cdc99b12-100a-465b-acd6-88e988c2ec48} [2018-06-02] [Przestarzałe] [Brak podpisu cyfrowego] FF Extension: (KaZcadeS) - C:\Users\Helmut1\AppData\Roaming\Nvu\Profiles\pi0zxbco.default\Extensions\{d56d6530-933f-11da-a72b-0800200c9a66} [2010-11-05] [Przestarzałe] [Brak podpisu cyfrowego] FF ProfilePath: C:\Users\Helmut1\AppData\Roaming\Netscape\Navigator\Profiles\eapyi1lk.default [2018-06-12] FF NetworkProxy: Netscape\Navigator\Profiles\eapyi1lk.default -> autoconfig_url", "hxxp://www.lib.ucdavis.edu/proxy/pacserve" FF Extension: (Brak nazwy) - C:\Program Files\Netscape\Navigator 9\extensions\netscape9migrator@flock.com [nie znaleziono] FF ProfilePath: C:\Users\Helmut1\AppData\Roaming\Mozilla\SeaMonkey\Profiles\upkelpml.default [2018-07-18] FF Extension: (DOM Inspector) - C:\Users\Helmut1\AppData\Roaming\Mozilla\SeaMonkey\Profiles\upkelpml.default\Extensions\inspector@mozilla.org.xpi [2016-05-03] [Przestarzałe] [Brak podpisu cyfrowego] FF Extension: (ChatZilla Polski Language Pack) - C:\Users\Helmut1\AppData\Roaming\Mozilla\SeaMonkey\Profiles\upkelpml.default\Extensions\langpack-pl@chatzilla.mozilla.org.xpi [2016-05-03] [Przestarzałe] [Brak podpisu cyfrowego] FF Extension: (JavaScript Debugger Polski Language Pack) - C:\Users\Helmut1\AppData\Roaming\Mozilla\SeaMonkey\Profiles\upkelpml.default\Extensions\langpack-pl@venkman.mozilla.org.xpi [2016-05-03] [Przestarzałe] [Brak podpisu cyfrowego] FF Extension: (ChatZilla) - C:\Users\Helmut1\AppData\Roaming\Mozilla\SeaMonkey\Profiles\upkelpml.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}.xpi [2016-05-03] [Przestarzałe] [Brak podpisu cyfrowego] FF Extension: (JavaScript Debugger) - C:\Users\Helmut1\AppData\Roaming\Mozilla\SeaMonkey\Profiles\upkelpml.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-05-03] [Przestarzałe] [Brak podpisu cyfrowego] FF ProfilePath: C:\Users\Helmut1\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\xcrmzm5g.default [2018-07-18] FF Extension: (Brak nazwy) - C:\Program Files\Pale Moon\extensions\statusbar@palemoon.org.xpi [nie znaleziono] FF ProfilePath: C:\Users\Helmut1\AppData\Roaming\kompozer.net\KompoZer\Profiles\ttxa4kzi.default [2018-06-02] FF ProfilePath: C:\Users\Helmut1\AppData\Roaming\KompoZer\Profiles\sm6i9r6m.default [2018-06-02] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-03-08] [Przestarzałe] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-10] [Przestarzałe] [Brak podpisu cyfrowego] FF Plugin: @IObit.com/np_Asc_Plugin -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll [2013-07-17] (IObit) FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=16.0.0.282 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-01-10] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2012-11-29] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2012-11-29] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2012-11-29] (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=16.0.0.282 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-01-10] (RealPlayer) FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2012-11-29] (RealDownloader) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-08] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-08] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Helmut1\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://search.softonic.com/MON00085/tb_v1?SearchSource=48&cc=","hxxp://isearch.avg.com/?cid={144680CD-18C3-49B4-AD60-9934878E3559}&mid=b43ee8f9e93d17ebc5171eb08cf215ec-510000aec754af81aca766f344e2b73f87cf2efe&lang=pl&ds=ik011&pr=&d=2012-10-27%2020:09:09&v=13.2.0.4&sap=hp","hxxp://pl.yahoo.com/?fr=fpc-comodo","hxxps://www.google.com/","hxxp://home.torchbrowser.com/?systemid=406&appid=286&ua=Torch" CHR Profile: C:\Users\Helmut1\AppData\Local\Google\Chrome\User Data\Default [2018-07-19] CHR Extension: (Dokumenty) - C:\Users\Helmut1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-08] CHR Extension: (YouTube) - C:\Users\Helmut1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-08] CHR Extension: (Click&Clean) - C:\Users\Helmut1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2018-07-12] CHR Extension: (Tab Suspender (memory saver)) - C:\Users\Helmut1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghklhojdnolaljfmaappofimepjeapih [2018-07-09] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Helmut1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-08] CHR Extension: (Gmail) - C:\Users\Helmut1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-08] Opera: ======= OPR Extension: (Adblocker for Youtube™) - C:\Users\Helmut1\AppData\Roaming\Opera Software\Opera Stable\Extensions\fefhaeemdgaophhobcpcopjgfjnmjpop [2018-06-03] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AmitiAvHealth; C:\Program Files\NETGATE\Amiti Antivirus\AmitiAntivirusHealth.exe [460096 2015-03-20] (NETGATE Technologies s.r.o.) R2 AmitiAvSrv; C:\Program Files\NETGATE\Amiti Antivirus\AmitiAntivirusSrv.exe [2630496 2015-03-16] (NETGATE Technologies s.r.o.) S4 Chemtable Startup Checking; C:\Program Files\Autorun Organizer\StartupCheckingService.exe [4568000 2017-10-31] () S4 GameConsoleService; C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe [165416 2008-05-06] (WildTangent, Inc.) S4 isesrv; C:\Program Files\COMODO\Internet Security Essentials\isesrv.exe [1199544 2018-01-17] (COMODO) S4 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144632 2008-09-23] (NewTech Infosystems, Inc.) S4 SPDFCreatorReadSpool; C:\Program Files\SolidDocuments\SolidPDFCreator\SPC\SolidPdfService.exe [180552 2011-10-03] (Solid Documents, LLC) S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) S2 WMIService; C:\Program Files\Acer\Empowering Technology\ePower\ePowerSvc.exe [X] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 AmitiAv; C:\Windows\System32\Drivers\amitiav.sys [14656 2015-03-12] (NETGATE Technologies s.r.o.) S3 AmitiAvAccess; C:\Windows\System32\Drivers\amitiav_access.sys [20544 2015-03-12] (NETGATE Technologies s.r.o.) R3 AmitiAvGuard; C:\Windows\System32\Drivers\amitiav_guard.sys [18880 2015-03-12] (NETGATE Technologies s.r.o.) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167040 2018-06-19] (AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [185432 2018-06-19] (AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [157368 2018-06-19] (AVAST Software) R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [276688 2018-06-19] (AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [50336 2018-06-19] (AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [184632 2018-06-19] (AVAST Software) S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42808 2018-06-19] (AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [71840 2018-06-19] (AVAST Software) S3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [205344 2018-06-19] (AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310784 2018-06-19] (AVAST Software) R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-06-01] (AVG Technologies) R1 BTOWSFF; C:\Windows\system32\Drivers\BTOWSFF.sys [26200 2018-06-30] (Toolwiz.com) R0 BTOWSVF; C:\Windows\System32\Drivers\BTOWSVF.sys [43864 2018-06-30] (Toolwiz.com) S2 E4LOADER; C:\Windows\System32\Drivers\e4ldr.sys [69656 2007-01-04] (Analog Deivces) S3 e4usbaw; C:\Windows\System32\DRIVERS\e4usbaw.sys [104344 2007-01-04] (Analog Devices Inc.) R2 EpmPsd; C:\Windows\system32\drivers\epm-psd.sys [4096 2004-07-19] (Acer Value Labs, USA) [Brak podpisu cyfrowego] R2 EpmShd; C:\Windows\system32\drivers\epm-shd.sys [78208 2005-04-07] (Acer Value Labs, USA) [Brak podpisu cyfrowego] R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [55144 2018-06-02] () R2 inpout32; C:\Windows\System32\Drivers\inpout32.sys [11936 2015-01-19] (Highresolution Enterprises [www.highrez.co.uk]) R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [40672 2018-01-17] (COMODO) R0 KSafeDISK; C:\Windows\System32\Drivers\KSafeDISK.sys [47192 2018-06-30] (Toolwiz.com) R1 NetworkX; C:\Windows\system32\ckldrv.sys [21638 2008-08-22] () [Brak podpisu cyfrowego] S1 PCTSD; C:\Windows\System32\Drivers\PCTSD.sys [203088 2012-05-11] (PC Tools) U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation) <==== UWAGA (Brak ServiceDLL) U3 iswSvc; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-07-19 18:15 - 2018-07-19 18:15 - 000000000 _____ C:\Windows\wplog.txt 2018-07-19 16:55 - 2018-07-19 16:55 - 000061544 _____ C:\Windows\ntbtlog.txt 2018-07-18 22:17 - 2018-07-18 22:17 - 000032884 _____ C:\Users\Helmut1\Documents\cc_20180718_221722.reg 2018-07-18 20:23 - 2018-07-18 20:24 - 000000000 ____D C:\WU-Repair 2018-07-18 15:50 - 2018-07-18 18:14 - 000000000 ____D C:\WUReset 2018-07-18 15:33 - 2015-03-15 16:04 - 000001102 _____ C:\Windows\WUReset.bat 2018-07-18 15:32 - 2018-07-18 15:48 - 000000000 ____D C:\Windows\WURecet 2018-07-17 20:34 - 2016-08-28 06:47 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\wuauserv.dll 2018-07-17 20:29 - 2016-08-15 10:16 - 000329240 _____ (Microsoft Corporation) C:\Windows\system32\wucltui.dll 2018-07-17 19:50 - 2018-07-18 19:58 - 000000268 _____ C:\Windows\Tasks\DLL-files.com Fixer_MONTHLY.job 2018-07-17 19:50 - 2018-07-18 15:14 - 000000284 _____ C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job 2018-07-17 19:49 - 2018-07-17 19:52 - 000000000 ____D C:\Program Files\Dll-Files.com Fixer 2018-07-17 19:49 - 2018-07-17 19:49 - 000001821 _____ C:\Users\Helmut1\Desktop\DLL-Files.com FIXER.lnk 2018-07-17 19:49 - 2018-07-17 19:49 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\dll-files.com 2018-07-17 19:49 - 2018-07-17 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files.com Fixer 2018-07-17 19:48 - 2018-07-17 19:48 - 000000000 ____D C:\DLLFier 2018-07-17 19:20 - 2018-07-17 19:21 - 000000000 ____D C:\DependencyWalker 2018-07-17 18:06 - 2018-07-18 18:38 - 000000000 ____D C:\Windows\system32\catroot2.old 2018-07-16 15:45 - 2018-07-19 18:44 - 000000000 ____D C:\FRST 2018-07-15 00:04 - 2018-07-15 00:24 - 000000000 ____D C:\ProgramData\TSRProSettings 2018-07-14 23:48 - 2018-07-14 23:48 - 000000000 ____D C:\Users\Helmut1\AppData\Local\Supremus Corporation 2018-07-14 23:47 - 2018-07-14 23:47 - 000001811 _____ C:\Users\Public\Desktop\Windows Updates Downloader.lnk 2018-07-14 23:47 - 2018-07-14 23:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Updates Downloader 2018-07-14 23:47 - 2018-07-14 23:47 - 000000000 ____D C:\Program Files\Windows Updates Downloader 2018-07-14 23:35 - 2018-07-14 23:45 - 000000000 ____D C:\AplikUpdate Win 2018-07-13 19:35 - 2018-07-13 20:23 - 000000000 ____D C:\Acer 2018-07-11 21:19 - 2018-07-11 21:24 - 000000242 _____ C:\Windows\SuperBlank.INI 2018-07-11 21:12 - 2018-07-11 21:25 - 000000000 ____D C:\Tymczasowy 2018-07-11 21:00 - 2018-07-11 21:00 - 000000000 ____D C:\Windows\system32\hdined32.nls.{00021401-0000-0000-C000-000000000046} 2018-07-11 19:41 - 2018-07-11 20:15 - 000002773 _____ C:\Users\Helmut1\Desktop\BwgBurn.lnk 2018-07-11 19:41 - 2018-07-11 19:41 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BwgBurn 2018-07-11 19:41 - 2018-07-11 19:41 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\BwgSoftware 2018-07-11 19:41 - 2018-07-11 19:41 - 000000000 ____D C:\Program Files\BwgSoftware 2018-07-10 10:15 - 2018-07-10 10:15 - 000028874 _____ C:\Users\Helmut1\Documents\cc_20180710_101512.reg 2018-07-08 23:30 - 2018-07-08 23:30 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-07-08 23:30 - 2018-07-08 23:30 - 000001981 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-07-08 16:22 - 2018-07-08 16:48 - 000000000 ____D C:\CCleaner 2018-07-08 11:15 - 2018-07-08 11:15 - 000000558 _____ C:\Users\Helmut1\Documents\cc_20180708_111444.reg 2018-07-07 19:26 - 2018-07-19 18:34 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\Amiti Antivirus 2018-07-07 19:26 - 2018-07-14 22:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amiti Antivirus 2018-07-07 19:26 - 2018-07-07 19:26 - 000001015 _____ C:\Users\Public\Desktop\Amiti Antivirus.lnk 2018-07-07 19:25 - 2018-07-07 19:25 - 000000000 ____D C:\ProgramData\NETGATE 2018-07-07 19:25 - 2018-07-07 19:25 - 000000000 ____D C:\Program Files\NETGATE 2018-07-07 19:25 - 2015-03-12 17:00 - 000020544 _____ (NETGATE Technologies s.r.o.) C:\Windows\system32\Drivers\amitiav_access.sys 2018-07-07 19:25 - 2015-03-12 17:00 - 000018880 _____ (NETGATE Technologies s.r.o.) C:\Windows\system32\Drivers\amitiav_guard.sys 2018-07-07 19:25 - 2015-03-12 17:00 - 000014656 _____ (NETGATE Technologies s.r.o.) C:\Windows\system32\Drivers\amitiav.sys 2018-07-07 19:08 - 2018-07-07 19:08 - 000010446 _____ C:\ProgramData\agent.1530983298.bdinstall.bin 2018-07-07 18:55 - 2018-07-07 18:55 - 000000000 ____D C:\ProgramData\nanoav 2018-07-07 18:24 - 2018-07-07 18:24 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\Search The Web 2018-07-07 18:21 - 2018-07-07 18:41 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\Panda Security 2018-07-07 18:09 - 2018-07-07 18:49 - 000000000 ____D C:\ProgramData\Panda Security 2018-07-07 16:12 - 2018-07-07 16:14 - 000000000 ____D C:\Program Files\Acer 2018-07-07 15:38 - 2018-07-08 22:33 - 000008770 ____H C:\Users\Helmut1\Downloads\downloads.his.sav 2018-07-07 15:35 - 2018-07-09 09:34 - 000000020 ____H C:\Users\Helmut1\Downloads\sites.sav 2018-07-07 15:35 - 2018-07-08 22:33 - 000025520 ____H C:\Users\Helmut1\Downloads\downloads.sav 2018-07-07 15:35 - 2018-07-08 22:33 - 000001698 ____H C:\Users\Helmut1\Downloads\dlmgrsi.sav 2018-07-07 15:35 - 2018-07-08 22:30 - 000006390 ____H C:\Users\Helmut1\Downloads\history.sav 2018-07-07 13:34 - 2018-07-07 13:34 - 000000480 ____H C:\Users\Helmut1\Downloads\groups.sav 2018-07-07 13:31 - 2018-07-07 13:31 - 000000052 ____H C:\Users\Helmut1\Downloads\appinfo.json 2018-07-07 13:31 - 2018-07-07 13:31 - 000000000 ____H C:\Users\Helmut1\Downloads\spider.sav 2018-07-07 13:31 - 2012-08-12 16:02 - 000001362 _____ C:\Users\Helmut1\Downloads\tips.dat 2018-07-06 20:15 - 2018-07-06 20:15 - 000002029 _____ C:\Users\Public\Desktop\Tweaking.com - Advanced System Tweaker.lnk 2018-07-06 16:56 - 2018-07-06 17:36 - 000000000 ____D C:\RevoUninstaller_Portable 2018-07-06 16:53 - 2018-07-06 16:53 - 009328501 _____ C:\Users\Helmut1\Downloads\RevoUninstaller_Portable.zip 2018-07-06 16:27 - 2018-07-06 16:27 - 011126048 _____ (FreeDownloadManager.ORG ) C:\Users\Helmut1\Downloads\fdminst (1).exe 2018-07-05 23:25 - 2018-07-05 23:25 - 000000414 _____ C:\Users\Helmut1\Documents\cc_20180705_232531.reg 2018-07-04 18:44 - 2018-07-04 18:44 - 000282624 _____ C:\Users\Helmut1\Downloads\appnhost (1).msi 2018-07-04 18:43 - 2018-07-04 18:43 - 000282624 _____ C:\Users\Helmut1\Downloads\appnhost.msi 2018-07-03 19:31 - 2018-07-03 19:32 - 000000000 ____D C:\PEA-ZTP-WIN 2018-07-03 18:54 - 2018-07-03 18:54 - 000010860 _____ C:\Users\Helmut1\Downloads\qea 2018-07-03 18:45 - 2018-07-03 18:45 - 010364281 _____ C:\Users\Helmut1\Downloads\peazip_portable-6.6.0.WINDOWS.zip 2018-07-02 17:03 - 2018-05-05 18:37 - 007197480 _____ (VS Revo Group ) C:\Users\Helmut1\Downloads\revosetup (2).exe 2018-07-02 17:02 - 2018-05-05 18:37 - 007197480 _____ (VS Revo Group ) C:\Users\Helmut1\Downloads\revosetup.exe 2018-07-01 21:42 - 2018-07-01 21:43 - 011126048 _____ (FreeDownloadManager.ORG ) C:\Users\Helmut1\Downloads\fdminst.exe 2018-07-01 20:19 - 2018-07-01 20:19 - 002716964 _____ C:\Users\Helmut1\Downloads\DAMsetup.exe 2018-07-01 20:15 - 2018-07-01 20:15 - 001403904 _____ C:\Users\Helmut1\Downloads\MSDownloadManager.msi 2018-07-01 16:05 - 2018-07-01 16:05 - 000019186 _____ C:\Users\Helmut1\Documents\KSC_HELMUT1-PC_07_1_2018_16_5.json 2018-07-01 12:41 - 2018-07-01 12:41 - 000000000 ____D C:\Users\Helmut1\Doctor Web 2018-07-01 12:41 - 2018-07-01 12:41 - 000000000 ____D C:\ProgramData\Doctor Web 2018-07-01 12:07 - 2018-07-01 15:58 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2018-07-01 12:04 - 2018-07-01 12:06 - 000000000 ____D C:\KasperskyAnt 2018-07-01 11:12 - 2018-07-01 11:13 - 000000000 ____D C:\ClamWin 2018-06-30 23:04 - 2018-06-30 23:04 - 002558968 _____ (Symantec Corporation) C:\Users\Helmut1\Downloads\NPE.exe 2018-06-30 22:05 - 2018-07-19 18:33 - 000390304 _____ C:\Windows\system32\FNTCACHE.DAT 2018-06-30 21:56 - 2018-07-15 00:45 - 000000000 ____D C:\Users\Helmut1\AppData\Local\ChemTable Software 2018-06-30 21:55 - 2018-06-30 21:55 - 000001027 _____ C:\Users\Public\Desktop\Autorun Organizer.lnk 2018-06-30 21:55 - 2018-06-30 21:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autorun Organizer 2018-06-30 21:55 - 2018-06-30 21:55 - 000000000 ____D C:\ProgramData\Chemtable Software 2018-06-30 21:55 - 2018-06-30 21:55 - 000000000 ____D C:\Program Files\Autorun Organizer 2018-06-30 21:26 - 2018-06-30 21:26 - 000047192 _____ (Toolwiz.com) C:\Windows\system32\Drivers\KSafeDISK.sys 2018-06-30 21:26 - 2018-06-30 21:26 - 000026200 _____ (Toolwiz.com) C:\Windows\system32\Drivers\BTOWSFF.sys 2018-06-30 21:25 - 2018-07-01 16:22 - 000000000 ____D C:\Users\Helmut1\AppData\Local\ToolwizCareFree 2018-06-30 21:25 - 2018-06-30 21:25 - 000043864 _____ (Toolwiz.com) C:\Windows\system32\Drivers\BTOWSVF.sys 2018-06-30 21:25 - 2018-06-30 21:25 - 000000887 _____ C:\Users\Helmut1\Desktop\Toolwiz Care.lnk 2018-06-30 21:25 - 2018-06-30 21:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ToolwizCareFree 2018-06-30 21:25 - 2018-06-30 21:25 - 000000000 ____D C:\Program Files\ToolwizCareFree 2018-06-30 21:24 - 2018-07-19 18:37 - 000105744 _____ C:\Users\Helmut1\AppData\Local\GDIPFONTCACHEV1.DAT 2018-06-30 21:22 - 2018-03-21 21:32 - 007524184 _____ (ToolWiz) C:\Users\Helmut1\Downloads\Setup_ToolwizCare.exe 2018-06-30 19:35 - 2018-06-30 19:35 - 000000000 ____D C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216} 2018-06-30 19:34 - 2018-07-19 16:38 - 000000000 ____D C:\Program Files\Common Files\IObit 2018-06-30 19:30 - 2018-06-30 19:30 - 008892544 _____ (WiseCleaner.com ) C:\Users\Helmut1\Downloads\WiseCare365_komputerswiat.exe 2018-06-29 17:21 - 2018-06-29 17:21 - 000873360 _____ (GridinSoft LLC) C:\Users\Helmut1\Downloads\setup-antimalware.exe 2018-06-29 17:13 - 2018-06-29 17:13 - 023086408 _____ (Solvusoft Corporation) C:\Users\Helmut1\Downloads\Setup_WinThruster_2018.exe 2018-06-28 22:24 - 2018-06-28 22:24 - 000000000 ____D C:\Users\Helmut1\AppData\Local\ESET 2018-06-28 19:52 - 2018-06-28 19:53 - 036541347 _____ C:\Users\Helmut1\Downloads\tweaking.com_windows_repair_aio.zip 2018-06-28 19:01 - 2018-06-28 19:01 - 000000416 _____ C:\Windows\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job 2018-06-28 18:26 - 2018-06-28 18:27 - 000000000 ____D C:\HardwareControl 2018-06-27 17:30 - 2018-06-27 17:46 - 000000000 ____D C:\Windows\acerePowerTemp 2018-06-26 19:31 - 2018-06-26 19:31 - 000002180 _____ C:\Users\Helmut1\Documents\cc_20180626_193130.reg 2018-06-26 18:21 - 2018-06-26 19:01 - 000000000 ____D C:\EPower1 2018-06-26 00:06 - 2018-06-26 00:07 - 000050724 _____ C:\Users\Helmut1\Documents\cc_20180626_000647.reg 2018-06-25 19:36 - 2018-01-17 09:59 - 000205256 _____ (COMODO) C:\Windows\system32\iseguard32.dll 2018-06-25 19:36 - 2018-01-17 09:59 - 000040672 _____ (COMODO) C:\Windows\system32\Drivers\isedrv.sys 2018-06-25 18:39 - 2018-06-25 18:47 - 000000000 ____D C:\ProgramData\SecTaskMan 2018-06-25 16:43 - 2018-06-25 19:53 - 000000000 ____D C:\Security 2018-06-25 16:37 - 2018-06-25 16:37 - 000001923 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk 2018-06-25 16:37 - 2018-06-25 16:37 - 000001911 _____ C:\Users\Public\Desktop\Belarc Advisor.lnk 2018-06-25 16:37 - 2018-06-25 16:37 - 000000000 ____D C:\Program Files\Belarc 2018-06-24 21:31 - 2018-06-24 21:31 - 000000000 ____D C:\Windows\system32\GatherLogs 2018-06-24 21:29 - 2018-06-28 11:57 - 000000012 _____ C:\Windows\CUAppUsage.Dat 2018-06-24 20:16 - 2018-06-28 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO 2018-06-23 21:35 - 2005-04-07 18:08 - 000078208 _____ (Acer Value Labs, USA) C:\Windows\system32\Drivers\epm-shd.sys 2018-06-23 21:35 - 2004-09-01 23:57 - 000221258 _____ (Acer Labs USA) C:\Windows\system32\Epm-Po.dll 2018-06-23 21:35 - 2004-07-19 13:10 - 000004096 _____ (Acer Value Labs, USA) C:\Windows\system32\Drivers\epm-psd.sys 2018-06-23 21:01 - 2018-06-23 21:01 - 000000000 ____D C:\ProgramData\Kerish Products 2018-06-23 18:47 - 2018-06-23 18:47 - 000011324 _____ C:\Users\Helmut1\Documents\cc_20180623_184725.reg 2018-06-23 18:05 - 2018-06-28 11:53 - 000000000 ____D C:\Users\Public\Documents\Ashampoo 2018-06-22 23:36 - 2018-06-23 21:14 - 000000000 ____D C:\Users\Helmut1\Documents\EasyDuplicateFinder 2018-06-21 23:29 - 2018-06-21 23:34 - 000000000 ____D C:\A-Cprocess 2018-06-21 23:11 - 2018-06-21 23:12 - 000000000 ____D C:\A-PricExplorer 2018-06-21 23:09 - 2018-06-21 23:09 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\Process Hacker 2 2018-06-21 23:05 - 2018-06-21 23:06 - 000000000 ____D C:\A-ProcHacker 2018-06-21 23:00 - 2018-06-21 23:01 - 000000000 ____D C:\A-PtocMonitor 2018-06-21 16:26 - 2018-06-21 20:04 - 000000000 ____D C:\A-DaneKomputera 2018-06-21 15:15 - 2018-06-21 16:08 - 000000000 ____D C:\LicenseCrawler 2018-06-20 22:44 - 2018-06-29 01:25 - 000000000 ____D C:\Epower 2018-06-20 20:07 - 2018-06-21 18:41 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\GlarySoft 2018-06-20 20:07 - 2018-06-20 20:07 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\DiskDefrag 2018-06-20 16:24 - 2018-06-23 00:04 - 000000000 ____D C:\Power Management_eMachines_4.05.3006_Win7x86x64 2018-06-20 16:09 - 2018-06-20 16:09 - 000000000 _____ C:\Windows\system32\Drivers\etc\lmhosts 2018-06-20 16:07 - 2018-06-20 16:07 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\Yahoo 2018-06-20 16:07 - 2018-06-20 16:07 - 000000000 ____D C:\Users\Helmut1\AppData\Local\Yahoo 2018-06-19 22:50 - 2018-06-22 19:18 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\Geek Uninstaller 2018-06-19 22:49 - 2018-06-19 22:50 - 000000000 ____D C:\Geek 2018-06-19 22:08 - 2018-06-19 22:08 - 000158864 _____ C:\Users\Helmut1\Documents\cc_20180619_220811.reg 2018-06-19 21:45 - 2018-06-19 21:45 - 000000000 ____D C:\QuickClean 2018-06-19 21:28 - 2018-06-19 21:28 - 000019072 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\PS2.sys 2018-06-19 17:24 - 2018-06-28 11:38 - 000000000 ____D C:\Users\Helmut1\AppData\Local\AVAST Software 2018-06-19 17:18 - 2018-06-19 17:18 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\AVAST Software 2018-06-19 17:15 - 2018-06-19 17:14 - 000310784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2018-06-19 17:15 - 2018-06-19 17:14 - 000205344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys 2018-06-19 17:15 - 2018-06-19 17:14 - 000167040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2018-06-19 17:15 - 2018-06-19 17:14 - 000071840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2018-06-19 17:15 - 2018-06-19 17:14 - 000042808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2018-06-19 17:15 - 2018-06-19 17:13 - 000276688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblogx.sys 2018-06-19 17:15 - 2018-06-19 17:13 - 000185432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriverx.sys 2018-06-19 17:15 - 2018-06-19 17:13 - 000184632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys 2018-06-19 17:15 - 2018-06-19 17:13 - 000157368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidshx.sys 2018-06-19 17:15 - 2018-06-19 17:13 - 000050336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbunivx.sys ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-07-19 18:32 - 2006-11-02 14:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-07-19 18:29 - 2008-01-21 08:21 - 001769024 _____ C:\Windows\system32\PerfStringBackup.INI 2018-07-19 18:29 - 2008-01-21 08:20 - 000755798 _____ C:\Windows\system32\perfh015.dat 2018-07-19 18:29 - 2008-01-21 08:20 - 000167948 _____ C:\Windows\system32\perfc015.dat 2018-07-19 18:29 - 2006-11-02 13:18 - 000000000 ____D C:\Windows\inf 2018-07-19 17:56 - 2018-06-06 17:08 - 000000000 ____D C:\Users\Helmut1\AppData\Local\CrashDumps 2018-07-19 16:38 - 2013-06-06 16:17 - 000000000 ____D C:\Users\Helmut1\AppData\LocalLow\IObit 2018-07-19 16:38 - 2013-06-06 16:17 - 000000000 ____D C:\ProgramData\IObit 2018-07-19 16:02 - 2006-11-02 14:58 - 000032512 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2018-07-17 18:18 - 2016-04-28 19:29 - 000000000 ____D C:\Users\Public\Documents\FreeMalwareSweep 2018-07-17 17:36 - 2018-06-02 14:42 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_886 2018-07-17 15:57 - 2011-04-26 17:50 - 000001356 _____ C:\Users\Helmut1\AppData\Local\d3d9caps.dat 2018-07-14 22:24 - 2010-03-29 22:04 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\FileZilla 2018-07-11 12:09 - 2010-05-26 21:14 - 000000110 _____ C:\Users\Helmut1\AppData\Roaming\burnaware.ini 2018-07-09 12:53 - 2018-06-02 14:42 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_783 2018-07-08 23:30 - 2010-01-08 03:14 - 000000000 ____D C:\Users\Helmut1\AppData\Local\Google 2018-07-08 23:29 - 2009-03-20 01:42 - 000000000 ____D C:\Program Files\Google 2018-07-08 23:26 - 2018-05-31 18:16 - 000000000 ____D C:\Users\Helmut1\AppData\Local\Deployment 2018-07-08 11:04 - 2009-03-20 01:27 - 000000000 ___HD C:\Program Files\InstallShield Installation Information 2018-07-08 10:37 - 2010-03-30 20:22 - 000000000 ____D C:\Program Files\Panda Security 2018-07-07 14:58 - 2010-10-06 20:04 - 000000000 ____D C:\Users\Helmut1\Downloads\Tmp 2018-07-06 20:15 - 2018-06-13 17:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com 2018-07-06 20:14 - 2018-06-13 17:39 - 000000000 ____D C:\Program Files\Tweaking.com 2018-07-05 23:27 - 2018-05-04 18:36 - 000000062 _____ C:\Windows\VBAddin.INI 2018-07-04 22:26 - 2016-04-27 14:46 - 000000000 ____D C:\Users\Helmut1\AppData\Local\Apps\2.0 2018-07-04 21:42 - 2018-06-02 14:42 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_429 2018-07-04 20:12 - 2010-04-13 19:41 - 000000000 ____D C:\Windows\Minidump 2018-07-04 20:10 - 2018-06-02 14:42 - 000000853 _____ C:\Windows\system32\Drivers\etc\hosts_bak_577 2018-07-01 15:35 - 2010-01-08 03:11 - 000000000 ____D C:\Users\Helmut1 2018-06-30 23:49 - 2018-06-03 15:28 - 000000000 ____D C:\Tweaking.com - Windows Repair 2018-06-30 21:51 - 2013-12-06 18:41 - 000000000 ____D C:\Users\Helmut1\Downloads\menubars 2018-06-30 21:05 - 2015-02-03 20:03 - 000000000 __RHD C:\MSOCache 2018-06-30 21:05 - 2006-11-02 13:18 - 000000000 ___SD C:\Windows\Downloaded Program Files 2018-06-30 20:15 - 2013-06-06 16:17 - 000000000 ____D C:\Program Files\IObit 2018-06-30 20:08 - 2009-03-20 01:58 - 000000000 ____D C:\Windows\system32\Macromed 2018-06-30 19:36 - 2013-11-09 14:38 - 000000000 ____D C:\ProgramData\ProductData 2018-06-30 19:36 - 2013-06-06 16:17 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\IObit 2018-06-29 01:25 - 2016-06-07 21:40 - 000000000 ____D C:\Users\Helmut1\AppData\Local\EjaculatorSoberizing 2018-06-29 01:25 - 2016-06-07 20:53 - 000000000 ____D C:\Users\Helmut1\AppData\Local\CraneInterferers 2018-06-28 23:51 - 2011-12-18 00:32 - 000000000 ____D C:\Rob8 2018-06-28 21:52 - 2015-01-26 21:44 - 000000000 ____D C:\AdwCleaner 2018-06-28 20:55 - 2012-01-30 17:55 - 000000000 ____D C:\ProgramData\Comodo 2018-06-28 20:41 - 2018-06-02 14:42 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_131 2018-06-28 19:04 - 2012-01-30 17:55 - 000000000 ____D C:\Program Files\Comodo 2018-06-28 13:21 - 2018-06-02 14:42 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_490 2018-06-28 11:51 - 2006-11-02 13:18 - 000000000 __RSD C:\Windows\Media 2018-06-28 11:39 - 2017-09-19 18:17 - 000000000 ____D C:\ProgramData\AVAST Software 2018-06-28 10:57 - 2018-06-02 14:42 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_348 2018-06-27 21:32 - 2009-03-20 01:58 - 000000000 ____D C:\ProgramData\Adobe 2018-06-27 19:47 - 2018-06-17 21:58 - 000000000 ____D C:\Program Files\System Ninja 2018-06-27 19:20 - 2018-06-02 14:42 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_293 2018-06-26 20:52 - 2010-03-18 20:02 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\Notepad++ 2018-06-25 22:37 - 2017-09-05 20:10 - 000000000 ____D C:\Windows\Downloaded Installations 2018-06-25 22:37 - 2010-03-18 20:02 - 000000000 ____D C:\Program Files\Notepad++ 2018-06-25 22:37 - 2010-01-11 01:32 - 000000000 ____D C:\Program Files\OpenOffice.org 3 2018-06-25 19:25 - 2006-11-02 12:23 - 000002577 _____ C:\Windows\system32\config.nt 2018-06-24 18:01 - 2018-06-04 21:30 - 000000000 ____D C:\x86 2018-06-24 18:01 - 2016-04-25 20:48 - 000000000 ____D C:\Program Files\Common Files\Vbox 2018-06-24 18:01 - 2014-01-31 15:43 - 000000000 ____D C:\UwAmp 2018-06-24 18:01 - 2012-06-08 20:03 - 000000000 ____D C:\Admin 2018-06-24 18:01 - 2011-01-20 20:18 - 000000000 ____D C:\images 2018-06-24 18:01 - 2010-11-12 21:02 - 000000000 ____D C:\Templatka 2018-06-24 18:01 - 2010-06-22 19:50 - 000000000 ____D C:\phocagallery 2018-06-24 18:01 - 2010-04-06 19:37 - 000000000 ____D C:\cukrzycy 2018-06-24 18:01 - 2006-11-02 13:18 - 000000000 ____D C:\Program Files\Common Files\System 2018-06-23 18:40 - 2015-04-17 15:09 - 000000000 ____D C:\basic 2018-06-23 18:40 - 2011-05-20 21:12 - 000000000 ____D C:\PHP5 2018-06-23 18:00 - 2013-06-05 16:37 - 000000000 ____D C:\ProgramData\Ashampoo 2018-06-22 21:11 - 2014-02-27 16:47 - 000000000 ____D C:\rhuk_milkyway 2018-06-22 21:11 - 2010-10-11 20:56 - 000000000 ____D C:\rhuk 2018-06-22 20:47 - 2015-06-24 18:08 - 000000000 ____D C:\PisMikolow 2018-06-22 20:46 - 2016-06-11 19:39 - 000000000 ____D C:\Autoruns 2018-06-22 20:41 - 2018-04-09 17:18 - 000000000 ____D C:\ABasic132 2018-06-22 20:41 - 2015-12-07 19:56 - 000000000 ____D C:\@RestoreQuarantine 2018-06-22 20:41 - 2014-01-31 17:26 - 000000000 ____D C:\8.5 2018-06-22 20:41 - 2010-11-04 21:38 - 000000000 ____D C:\Joomla_szablony 2018-06-22 19:16 - 2018-06-04 21:30 - 000000000 ____D C:\Users\Helmut1\AppData\Local\FreeFixer 2018-06-22 19:16 - 2016-04-28 19:30 - 000000000 ____D C:\Users\Helmut1\AppData\Local\AvgSetupLog 2018-06-22 19:16 - 2010-07-02 19:03 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\GoodSync 2018-06-22 19:16 - 2010-04-05 20:57 - 000000000 ____D C:\Users\Helmut1\AppData\Roaming\Sylpheed 2018-06-21 18:41 - 2018-05-01 21:39 - 000000000 ____D C:\ProgramData\GlarySoft 2018-06-20 21:31 - 2010-09-17 18:31 - 000000000 ____D C:\Users\Helmut1\AppData\Local\Apple Computer 2018-06-20 21:30 - 2014-01-06 17:01 - 000000000 ____D C:\Users\Helmut1\AppData\LocalLow\IObit Apps 2018-06-20 21:30 - 2013-02-25 16:03 - 000000000 ____D C:\Users\Helmut1\.mucommander 2018-06-20 21:30 - 2011-06-28 15:27 - 000000000 ____D C:\Users\Helmut1\.gimp-2.6 2018-06-20 21:30 - 2010-09-30 20:40 - 000000000 ____D C:\Users\Helmut1\.jedit 2018-06-20 21:30 - 2010-01-28 01:29 - 000000000 ____D C:\Users\Helmut1\AppData\Local\Adobe 2018-06-20 21:29 - 2013-05-28 14:49 - 000000000 ____D C:\Qoobox 2018-06-20 21:29 - 2013-05-14 20:33 - 000000000 ____D C:\ProgramData\notracks.com 2018-06-20 21:29 - 2010-09-10 21:00 - 000000000 ____D C:\Rob 2018-06-20 21:29 - 2010-05-05 19:48 - 000000000 ____D C:\Programy-testower 2018-06-20 21:29 - 2010-02-25 17:40 - 000000000 ____D C:\ProgramData\avg9 2018-06-20 21:27 - 2017-09-25 21:47 - 000000000 ____D C:\Kompozer 2018-06-20 21:27 - 2017-05-08 20:03 - 000000000 ____D C:\Program Files\!Program_LOGO_v1.1 2018-06-20 21:27 - 2016-06-07 17:20 - 000000000 ____D C:\ProgramData\Foxit ContentPlatform 2018-06-20 21:27 - 2015-12-08 15:57 - 000000000 ____D C:\Program Files\Inbox Storage 2018-06-20 21:27 - 2015-05-18 19:42 - 000000000 ____D C:\Program Files\FreeBASIC 2018-06-20 21:27 - 2015-02-02 14:27 - 000000000 ____D C:\ProgramData\HitmanPro 2018-06-20 21:27 - 2014-04-30 18:42 - 000000000 ____D C:\Ourpapa 2018-06-20 21:27 - 2013-07-17 17:22 - 000000000 ____D C:\ProgramData\KSPlus 2018-06-20 21:27 - 2013-06-03 21:13 - 000000000 ____D C:\ProgramData\AVG 2018-06-20 21:27 - 2013-01-05 20:51 - 000000000 ____D C:\Karolinka 2018-06-20 21:27 - 2012-07-20 18:54 - 000000000 ____D C:\Program Files\AnyClient 2018-06-20 21:27 - 2011-06-03 13:58 - 000000000 ____D C:\K-Meleon0.9.13 2018-06-20 21:27 - 2010-12-21 20:15 - 000000000 ____D C:\ProgramData\A-PDF 2018-06-20 21:27 - 2010-10-14 21:17 - 000000000 ____D C:\Program Files\movAMP PL 2018-06-20 21:27 - 2010-10-03 22:08 - 000000000 ____D C:\Joomla Template 2018-06-20 21:27 - 2010-02-25 17:40 - 000000000 ____D C:\Program Files\AVG 2018-06-20 21:27 - 2010-01-08 03:12 - 000000000 ____D C:\ProgramData\Google 2018-06-20 21:26 - 2018-06-11 15:27 - 000000000 ____D C:\FreeFixer 2018-06-20 21:26 - 2018-06-05 18:45 - 000000000 ____D C:\CompRepairTree 2018-06-20 21:26 - 2016-05-04 19:34 - 000000000 ____D C:\AGH 2018-06-20 21:24 - 2011-11-16 20:13 - 000000000 ____D C:\Życzeni Boże Narodzenie 2018-06-20 21:09 - 2018-06-12 13:42 - 000000000 ____D C:\Autorun 2018-06-20 21:08 - 2010-04-09 21:38 - 000000000 ____D C:\Adresy_Stron_WWW 2018-06-20 21:06 - 2013-12-30 21:11 - 000000000 ____D C:\_spe 2018-06-20 21:04 - 2014-04-29 17:41 - 000000000 ____D C:\Pismo-swiete 2018-06-20 20:49 - 2018-06-04 21:10 - 000000000 ___HD C:\$AV_AVG 2018-06-20 20:49 - 2015-01-31 20:29 - 000000000 ____D C:\GW_Basic 2018-06-20 20:39 - 2010-12-09 21:03 - 000000000 ____D C:\Rob3 2018-06-20 20:39 - 2010-11-04 20:07 - 000000000 ____D C:\Gimp_podstawy 2018-06-19 20:32 - 2010-07-25 19:33 - 000000000 ____D C:\Windows\pss ==================== Pliki w katalogu głównym wybranych folderów ======= 2010-08-28 22:43 - 2010-08-28 22:43 - 000577335 _____ () C:\ProgramData\adb.exe 2010-08-28 22:43 - 2010-08-28 22:43 - 000356009 _____ () C:\ProgramData\fastboot.exe 2010-05-26 21:14 - 2018-07-11 12:09 - 000000110 _____ () C:\Users\Helmut1\AppData\Roaming\burnaware.ini 2013-09-11 18:19 - 2013-09-11 18:20 - 000000125 _____ () C:\Users\Helmut1\AppData\Roaming\gmic_faves 2016-06-10 19:28 - 2016-07-13 15:46 - 000000053 _____ () C:\Users\Helmut1\AppData\Roaming\LogFile.txt 2016-06-03 18:09 - 2016-06-09 20:02 - 000000053 _____ () C:\Users\Helmut1\AppData\Roaming\pdfcompressor.ini 2011-11-19 17:57 - 2011-11-20 17:21 - 000012288 _____ () C:\Users\Helmut1\AppData\Roaming\Settings.cfg 2014-04-29 16:21 - 2014-04-29 16:24 - 000558080 _____ () C:\Users\Helmut1\AppData\Roaming\SharedSettings.ccs 2013-09-11 18:21 - 2013-09-11 18:21 - 002015918 _____ () C:\Users\Helmut1\AppData\Roaming\update1570.gmic 2013-07-27 19:42 - 2014-09-22 17:33 - 000000207 _____ () C:\Users\Helmut1\AppData\Roaming\WB.CFG 2010-08-08 18:46 - 2010-11-05 18:57 - 000000600 _____ () C:\Users\Helmut1\AppData\Roaming\winscp.rnd 2013-01-12 14:12 - 2013-11-19 21:19 - 011014704 _____ () C:\Users\Helmut1\AppData\Local\av.log 2011-04-26 17:50 - 2018-07-17 15:57 - 000001356 _____ () C:\Users\Helmut1\AppData\Local\d3d9caps.dat 2016-04-27 15:00 - 2016-04-27 14:59 - 000041472 _____ () C:\Users\Helmut1\AppData\Local\High-dexon.dat 2016-04-27 15:00 - 2016-04-27 14:59 - 000000187 _____ () C:\Users\Helmut1\AppData\Local\High-dexon.exe.config 2010-04-27 20:36 - 2010-04-27 20:36 - 000000008 __RSH () C:\Users\Helmut1\AppData\Local\os ztwdt. fs 2010-03-30 20:20 - 2010-03-30 20:20 - 000001834 _____ () C:\Users\Helmut1\AppData\Local\unins000.dat 2010-03-30 20:20 - 2010-03-30 20:20 - 000692744 _____ () C:\Users\Helmut1\AppData\Local\unins000.exe 2016-04-27 14:56 - 2016-04-27 14:56 - 000041472 _____ () C:\Users\Helmut1\AppData\Local\Zoobam.dat 2016-04-27 14:56 - 2016-04-27 14:56 - 000000187 _____ () C:\Users\Helmut1\AppData\Local\Zoobam.exe.config ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2018-07-19 18:42 ==================== Koniec FRST.txt ============================