Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:14-09-2015
Uruchomiony przez Grzesiek (administrator)  ----------- (14-09-2015 16:37:11)
Uruchomiony z C:\Documents and Settings\Grzesiek\Pulpit
Załadowane profile: Grzesiek & Administrator (Dostępne profile: Grzesiek & Administrator)
Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Język: Polski
Internet Explorer Wersja 8 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\AVGRSX.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\AVGCSRVX.EXE
() C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
(ATI Technologies Inc.) C:\WINDOWS\System32\ATI2EVXX.EXE
(ATI Technologies Inc.) C:\WINDOWS\System32\ATI2EVXX.EXE
(Atheros) C:\WINDOWS\System32\acs.exe
() C:\Program Files\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgfws.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
() C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
() C:\Program Files\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(Atheros Communications, Inc.) C:\Program Files\Atheros\ACU.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Handle) C:\Documents and Settings\Grzesiek\Dane aplikacji\Win System\handle.exe
() C:\WINDOWS\System32\PnkBstrA.exe
(AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(VMware, Inc.) C:\WINDOWS\System32\vmnat.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(VMware, Inc.) C:\WINDOWS\System32\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\WINDOWS\System32\wuauclt.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
() C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
() C:\Program Files\ASUS\ATK Hotkey\WDC.exe
() C:\Program Files\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe
() C:\Program Files\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1024000 2007-11-15] (Synaptics, Inc.)
HKLM\...\Run: [Power_Gear] => C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [90112 2006-07-26] (ASUSTeK Computer Inc.)
HKLM\...\Run: [MsgTranAgt] => C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe [106496 2007-11-04] ()
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2008-01-11] ()
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ATKOSD2\ATKOSD2.exe [7766016 2008-01-23] ()
HKLM\...\Run: [ATKHOTKEY] => C:\Program Files\ASUS\ATK Hotkey\HControl.exe [217088 2008-06-26] (ASUS)
HKLM\...\Run: [ACU] => C:\Program Files\Atheros\ACU.exe [450648 2008-04-09] (Atheros Communications, Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3775912 2015-08-24] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20145368 2013-12-08] (Realtek Semiconductor Corp.)
HKLM\...\Run: [MSIAfterburner] => C:\Program Files\MSI Afterburner\MSIAfterburner.exe [578272 2015-05-25] ()
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2008-04-22] (ATI Technologies Inc.)
HKU\S-1-5-21-4155731693-2777952503-2262636072-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-4155731693-2777952503-2262636072-1005\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
Startup: C:\Documents and Settings\Default User\Menu Start\Programy\Autostart\CCC.lnk [2012-04-12]
ShortcutTarget: CCC.lnk -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\CCC.lnk [2012-04-12]
ShortcutTarget: CCC.lnk -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Startup: C:\Documents and Settings\Grzesiek\Menu Start\Programy\Autostart\CCC.lnk [2012-08-26]
ShortcutTarget: CCC.lnk -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restart

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\..\Interfaces\{02EACF17-175C-419B-AB5A-F5E40E027D81}: [NameServer] 212.23.103.8 212.23.103.9

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150217
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pl&pid=N360&pvid=6.4.0.9
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pl&pid=N360&pvid=6.4.0.9
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pl&pid=N360&pvid=6.4.0.9
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4155731693-2777952503-2262636072-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4155731693-2777952503-2262636072-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-21-4155731693-2777952503-2262636072-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=pl&pid=N360&pvid=6.4.0.9
HKU\S-1-5-21-4155731693-2777952503-2262636072-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4155731693-2777952503-2262636072-500\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "www.google.com" <======= UWAGA
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4155731693-2777952503-2262636072-1005 -> DefaultScope {szukaj.gazeta.pl} URL = hxxp://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms}
SearchScopes: HKU\S-1-5-21-4155731693-2777952503-2262636072-1005 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={8CD6C2AB-23F7-4CD6-ACA9-AC803358F03B}&mid=3b83ad126e2347d088d8d16b536f8992-922fdca5ddba524f894874f67e45149557bdce23&lang=pl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 18:37:28&v=4.0.0.19&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4155731693-2777952503-2262636072-1005 -> {szukaj.gazeta.pl} URL = hxxp://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms}
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11] (BitComet)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-22] (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-08-29] (AVG)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-22] (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-04-22] (Sun Microsystems, Inc.)
Toolbar: HKLM - Brak nazwy - {10921475-03CE-4E04-90CE-E2E7EF20C814} -  Brak pliku
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll [2015-01-28] (AVG Secure Search)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\t417rs2k.default-1376523513171
FF SelectedSearchEngine: sweet-page
FF Homepage: www.gogle.pl
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-23] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.1.6\\npsitesafety.dll [Brak pliku]
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-02-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-04-22] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npVividasPlayer.dll [2013-02-24] ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npVividasPlayer.dll [2013-02-24] ( )
FF SearchPlugin: C:\Documents and Settings\Grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\t417rs2k.default-1376523513171\searchplugins\szukaj-gazeta-pl.xml [2015-07-18]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-08-29]
FF Extension: Fasterfox Lite - C:\Documents and Settings\Grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\t417rs2k.default-1376523513171\Extensions\FasterFox_Lite@BigRedBrent [2015-05-29]
FF Extension: Flashblock - C:\Documents and Settings\Grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\t417rs2k.default-1376523513171\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-05-29]
FF Extension: BitComet Video Downloader - C:\Documents and Settings\Grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\t417rs2k.default-1376523513171\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2014-06-13]
FF Extension: Foxy Secure - C:\Documents and Settings\Grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\t417rs2k.default-1376523513171\Extensions\admin@foxysecure.com [2014-06-25]
FF Extension: NoScript - C:\Documents and Settings\Grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\t417rs2k.default-1376523513171\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-08-17]
FF Extension: Adblock Plus - C:\Documents and Settings\Grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\t417rs2k.default-1376523513171\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-15]
FF Extension: Video DownloadHelper - C:\Documents and Settings\Grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\t417rs2k.default-1376523513171\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-29]
FF Extension: FastestFox - C:\Documents and Settings\Grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\t417rs2k.default-1376523513171\Extensions\smarterwiki@wikiatic.com.xpi [2013-08-17]
FF Extension: FoxTab - C:\Documents and Settings\Grzesiek\Dane aplikacji\Mozilla\Firefox\Profiles\t417rs2k.default-1376523513171\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi [2013-08-21]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-04-18]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-04-23]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2012-04-22]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HomePage: Default -> hxxps://mysearch.avg.com/?rvt=1
CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1441830412&z=d18ebbe947e6f0c98fffe47g4z0z4gdbccfe8zfg0o&from=cor&uid=HitachiXHTS542516K9SA00_080718BB6300ACKPATLGX" 
CHR DefaultSearchURL: Default -> hxxp://www.sweet-page.com/web/?type=ds&ts=1441830412&z=d18ebbe947e6f0c98fffe47g4z0z4gdbccfe8zfg0o&from=cor&uid=HitachiXHTS542516K9SA00_080718BB6300ACKPATLGX&q={searchTerms}
CHR DefaultSearchKeyword: Default -> sweet-page
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Documents and Settings\Grzesiek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Documents and Settings\Grzesiek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-10-12]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Grzesiek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-12]
CHR Extension: (AVG Secure Search) - C:\Documents and Settings\Grzesiek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2014-11-08]
CHR HKLM\...\Chrome\Extension: [mgmkibjehmijilgdlafejbedipjcjeaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
StartMenuInternet: chrome.exe - Chrome.exe

==================== Usługi (filtrowane) ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 ACS; C:\WINDOWS\system32\acs.exe [467028 2008-04-09] (Atheros) [Brak podpisu cyfrowego]
R2 ALDITALKVerbindungsassistent_Service; C:\Program Files\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-09-16] ()
R2 avgfws; C:\Program Files\AVG\AVG2015\avgfws.exe [1560592 2015-08-24] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3637160 2015-08-24] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [335656 2015-08-24] (AVG Technologies CZ, s.r.o.)
R2 HandleService; C:\Documents and Settings\Grzesiek\Dane aplikacji\Win System\handle.exe [637952 2014-06-10] (Handle) [Brak podpisu cyfrowego]
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 PEVSystemStart; C:\ComboFix\SWREG.3XE [518144 2000-08-31] (SteelWerX) [Brak podpisu cyfrowego]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2015-07-09] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2161976 2015-02-12] (AVG Technologies)
S4 UI Assistant Service; C:\Program Files\Mobile Partner Manager\AssistantServices.exe [252784 2010-07-16] ()
R2 UxTuneUp; C:\WINDOWS\System32\uxtuneup.dll [36664 2015-02-12] (AVG Technologies)
R2 VMnetDHCP; C:\WINDOWS\system32\vmnetdhcp.exe [357016 2012-08-15] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [719512 2012-08-01] (VMware, Inc.)
R2 VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [435864 2012-08-15] (VMware, Inc.)
R2 vToolbarUpdater40.1.6; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe [1874320 2015-08-29] (AVG Secure Search)
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-08-29] ()

===================== Sterowniki (filtrowane) ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2014-03-10] (Creative)
R3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1987840 2013-11-11] (Atheros Communications, Inc.)
R3 ASNDIS5; C:\Program Files\ASUS\ATK Hotkey\ASNDIS5.SYS [16269 2004-05-27] (Printing Communications Assoc., Inc. (PCAUSA)) [Brak podpisu cyfrowego]
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [238512 2015-08-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [222640 2015-08-19] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-07-23] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [207328 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [290272 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [189872 2015-08-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [230832 2015-08-04] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [242240 2012-11-11] (DT Soft Ltd)
R2 hcmon; C:\WINDOWS\system32\drivers\hcmon.sys [41496 2012-08-01] (VMware, Inc.)
R3 kbfiltr; C:\WINDOWS\System32\DRIVERS\kbfiltr.sys [5632 2007-01-24] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2014-03-10] (Creative Technology Ltd.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [7680 2006-12-17] (ATK0100)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R1 Ndisprot; C:\WINDOWS\System32\DRIVERS\ndisprot.sys [21504 2009-12-17] (Windows (R) 2000 DDK provider) [Brak podpisu cyfrowego]
R3 SiSGbeXP; C:\WINDOWS\System32\DRIVERS\SiSGbeXP.sys [43392 2008-03-02] (Silicon Integrated Systems Corp.)
S3 ssudserd; C:\WINDOWS\System32\DRIVERS\ssudserd.sys [181432 2012-06-04] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2015-01-13] (TuneUp Software)
R3 vmkbd; C:\WINDOWS\system32\drivers\VMkbd.sys [25624 2012-08-15] (VMware, Inc.)
S3 VMnetAdapter; C:\WINDOWS\System32\DRIVERS\vmnetadapter.sys [16664 2012-08-15] (VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\System32\DRIVERS\vmnetbridge.sys [33944 2012-08-15] (VMware, Inc.)
R2 VMnetuserif; C:\WINDOWS\system32\drivers\vmnetuserif.sys [25752 2012-08-15] (VMware, Inc.)
R2 vmx86; C:\WINDOWS\system32\Drivers\vmx86.sys [61848 2012-08-15] (VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\drivers\vsock.sys [61296 2012-07-06] (VMware, Inc.)
R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [57408 2008-02-08] (Atheros Communications, Inc.) [Brak podpisu cyfrowego]
S1 4850786drv; system32\DRIVERS\4850786drv.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [113280 2009-10-20] (Huawei Technologies Co., Ltd.)
S4 IntelIde; Brak ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Brak podpisu cyfrowego]
S3 WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [X]

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2015-09-14 16:37 - 2015-09-14 16:37 - 00025202 _____ C:\Documents and Settings\Grzesiek\Pulpit\FRST.txt
2015-09-14 16:36 - 2015-09-14 16:37 - 00000000 ____D C:\FRST
2015-09-14 16:36 - 2015-09-14 16:36 - 01694208 _____ (Farbar) C:\Documents and Settings\Grzesiek\Pulpit\FRST.exe
2015-09-14 16:30 - 2015-09-14 16:30 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-09-14 16:30 - 2015-09-14 16:30 - 00000050 _____ C:\WINDOWS\wiaservc.log
2015-09-14 16:30 - 2015-09-14 16:30 - 00000000 _____ C:\WINDOWS\Sti_Trace.log
2015-09-14 16:29 - 2015-09-14 16:29 - 00000264 _____ C:\WINDOWS\SchedLgU.Txt
2015-09-14 16:27 - 2015-09-14 16:28 - 00014814 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-14 16:13 - 2015-09-14 16:26 - 00000135 _____ C:\VundoFix.txt
2015-09-14 14:02 - 2015-09-14 14:02 - 00000000 __SHD C:\FOUND.002
2015-09-14 13:40 - 2015-09-14 13:41 - 00094208 _____ C:\WINDOWS\DUMP78ba.tmp
2015-09-13 21:03 - 2015-09-13 21:03 - 00000000 ____D C:\VundoFix Backups
2015-09-11 18:45 - 2015-09-13 19:29 - 00002267 _____ C:\Documents and Settings\All Users\Pulpit\Skype.lnk
2015-09-11 18:45 - 2015-09-11 18:45 - 00000000 ___RD C:\Program Files\Skype
2015-09-11 18:45 - 2015-09-11 18:45 - 00000000 ____D C:\Program Files\Common Files\Skype
2015-09-11 18:45 - 2015-09-11 18:45 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Skype
2015-09-10 20:11 - 2015-09-10 20:11 - 00000000 __SHD C:\FOUND.001
2015-09-10 19:49 - 2015-09-10 19:49 - 00000000 __SHD C:\Recycled
2015-09-10 18:23 - 2015-09-10 18:23 - 00000000 __SHD C:\FOUND.000
2015-09-10 17:01 - 2015-09-10 17:01 - 00000000 ___SD C:\ComboFix
2015-09-10 16:19 - 2015-09-10 16:36 - 05635119 ____R (Swearware) C:\Documents and Settings\Grzesiek\Pulpit\ComboFix.exe
2015-09-09 22:31 - 2015-09-09 22:31 - 00000000 ____D C:\Documents and Settings\Grzesiek\Ustawienia lokalne\Dane aplikacji\Opera Software
2015-09-09 22:31 - 2015-09-09 22:31 - 00000000 ____D C:\Documents and Settings\Grzesiek\Dane aplikacji\Opera Software
2015-09-09 22:29 - 2015-09-09 22:29 - 00000000 ____D C:\Documents and Settings\Grzesiek\Dane aplikacji\Shortcut
2015-09-09 19:13 - 2015-09-09 19:13 - 00000000 ____D C:\Documents and Settings\Grzesiek\Dane aplikacji\Skype
2015-09-09 18:51 - 2015-09-09 18:51 - 00000638 _____ C:\Documents and Settings\Grzesiek\Pulpit\Odkurzacz.lnk
2015-09-09 18:51 - 2015-09-09 18:51 - 00000000 ____D C:\Program Files\Odkurzacz
2015-09-09 18:51 - 2015-09-09 18:51 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Odkurzacz
2015-09-09 18:49 - 2015-09-09 22:30 - 00000174 _____ C:\Documents and Settings\All Users\Dane aplikacji\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-09-09 17:33 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2015-09-09 17:33 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-09-09 17:33 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-09-09 17:33 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-09-09 17:33 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-09-09 17:33 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe
2015-09-09 17:33 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe
2015-09-09 17:33 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe
2015-09-07 15:34 - 2015-09-07 15:34 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-09-01 00:24 - 2015-09-01 00:24 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2015-08-31 23:22 - 2015-08-31 23:22 - 00000000 __SHD C:\Documents and Settings\All Users\Dane aplikacji\DSS
2015-08-31 23:22 - 2015-08-31 23:22 - 00000000 ____D C:\Documents and Settings\Grzesiek\Moje dokumenty\EA Games
2015-08-31 23:18 - 2015-08-31 23:18 - 00001472 _____ C:\Documents and Settings\All Users\Pulpit\Medal of Honor (TM).lnk
2015-08-31 23:18 - 2015-08-31 23:18 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Electronic Arts
2015-08-27 10:23 - 2015-08-27 10:23 - 00000000 ____D C:\Documents and Settings\Grzesiek\Dane aplikacji\EurekaLog

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2015-09-14 16:30 - 2006-08-27 14:38 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2015-09-14 16:29 - 2012-04-12 01:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-14 16:28 - 2012-04-12 12:16 - 00000188 ___SH C:\Documents and Settings\Grzesiek\ntuser.ini
2015-09-14 14:34 - 2014-07-15 22:11 - 00098520 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-14 13:56 - 2012-04-13 19:56 - 00327680 _____ C:\WINDOWS\system32\config\TuneUp.evt
2015-09-14 13:56 - 2012-04-12 12:23 - 00524288 _____ C:\WINDOWS\system32\config\ACS.evt
2015-09-10 23:54 - 2015-01-28 21:24 - 25196907 _____ C:\Documents and Settings\Grzesiek\debug.log
2015-09-09 18:49 - 2014-07-06 14:04 - 00000940 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk
2015-09-06 13:11 - 2012-04-12 12:16 - 00090112 _____ C:\Documents and Settings\Grzesiek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-31 21:10 - 2015-07-10 00:08 - 00001280 _____ C:\Documents and Settings\Grzesiek\Moje dokumenty\TombRaider.log
2015-08-29 13:30 - 2014-11-06 18:38 - 00150236 _____ C:\WINDOWS\system32\debug.log
2015-08-26 18:36 - 2012-04-15 22:40 - 132039072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-23 16:29 - 2012-04-12 13:05 - 00778440 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-08-23 16:29 - 2012-04-12 13:05 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-08-19 11:52 - 2015-02-10 16:46 - 00238512 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverlx.sys
2015-08-19 11:52 - 2013-02-08 04:37 - 00222640 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidshx.sys

==================== Pliki w katalogu głównym wybranych folderów =======

2012-04-12 12:16 - 2012-04-22 14:14 - 0000133 _____ () C:\Documents and Settings\Grzesiek\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
2012-04-12 12:48 - 2012-04-12 13:14 - 0017408 _____ () C:\Documents and Settings\Grzesiek\Ustawienia lokalne\Dane aplikacji\WebpageIcons.db
2012-04-12 12:16 - 2015-09-06 13:11 - 0090112 _____ () C:\Documents and Settings\Grzesiek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap =================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

==================== Koniec  FRST.txt ============================