Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:12-12-2015 01 Uruchomiony przez NoNme (administrator) NONAME (13-12-2015 09:37:25) Uruchomiony z H:\ Załadowane profile: NoNme (Dostępne profile: NoNme & Administrator) Platform: Microsoft Windows XP Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 8 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (IObit) C:\Program Files\IObit\Advanced SystemCare\ASCService.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\sqlservr.exe () C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\ouc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Compal Electronics, Inc.) C:\Program Files\Compal\Smart Battery\SMBTray.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [nwiz] => nwiz.exe /install HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [647168 2007-01-17] (Motorola Inc.) HKLM\...\Run: [SMBTray] => C:\Program Files\Compal\Smart Battery\SMBTray.exe [525872 2007-05-03] (Compal Electronics, Inc.) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [20145368 2015-01-17] (Realtek Semiconductor Corp.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998104 2015-07-07] (Adobe Systems Incorporated) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM\...\Run: [] => [X] HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\Run: [Advanced SystemCare 9] => C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe [2010912 2015-11-30] (IObit) HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\MountPoints2: {24887bc0-9dc5-11e4-875d-001b380ec349} - H:\AutoRun.exe HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\MountPoints2: {2ad9713e-b07e-11e4-8772-001b380ec349} - H:\AutoRun.exe HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\MountPoints2: {2bd884c7-6edb-11e3-9b54-001b386b0626} - H:\Install.exe HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\MountPoints2: {3c7de254-43f9-11e5-879e-001b380ec349} - H:\setup.exe HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\MountPoints2: {49a9ca18-9e32-11e4-8765-001b380ec349} - I:\AutoRun.exe HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\MountPoints2: {49a9ca1a-9e32-11e4-8765-001b380ec349} - I:\AutoRun.exe HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\MountPoints2: {49a9ca1e-9e32-11e4-8765-001b380ec349} - I:\AutoRun.exe HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\MountPoints2: {49a9ca21-9e32-11e4-8765-001b380ec349} - H:\AutoRun.exe HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\MountPoints2: {80b97db4-1d55-11e3-9b2d-0015afe4ad71} - H:\AutoRun.exe HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\MountPoints2: {88efae7e-a3c6-11e4-876c-001b380ec349} - K:\AutoRun.exe HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\MountPoints2: {930bc9a9-9e5f-11e4-876a-001b380ec349} - I:\Nokia_Ovi_Suite_3_0_0_291_ALL.exe HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\MountPoints2: {9e696245-1b29-11e3-9b29-0015afe4ad71} - I:\AutoRun.exe HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\MountPoints2: {9e696248-1b29-11e3-9b29-0015afe4ad71} - H:\AutoRun.exe HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\MountPoints2: {c0601968-1f3e-11e5-8791-001b380ec349} - H:\setup.exe HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\MountPoints2: {d7534a78-4efe-11e3-9b42-0015afe4ad71} - H:\AutoRun.exe HKU\S-1-5-21-789336058-1078081533-1417001333-1004\...\MountPoints2: {f46c731c-1bb1-11e3-9b2b-0015afe4ad71} - H:\AutoRun.exe Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BTTray.lnk [2013-09-07] ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Documents and Settings\NoNme\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk [2015-06-05] ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKU\S-1-5-21-789336058-1078081533-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.pl HKU\S-1-5-21-789336058-1078081533-1417001333-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\Iobit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation) Toolbar: HKLM - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - D:\Iobit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Documents and Settings\NoNme\Dane aplikacji\Mozilla\Firefox\Profiles\1mdab65g.default FF SelectedSearchEngine: Google FF Homepage: www.google.pl FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-19] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2007-11-07] (Microsoft Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF user.js: detected! => C:\Documents and Settings\NoNme\Dane aplikacji\Mozilla\Firefox\Profiles\1mdab65g.default\user.js [2015-12-12] FF Extension: Advanced SystemCare Surfing Protection - C:\Documents and Settings\NoNme\Dane aplikacji\Mozilla\Firefox\Profiles\1mdab65g.default\extensions\iobitascsurfingprotection@iobit.com [2015-06-30] [Brak podpisu cyfrowego] FF Extension: Flagfox - C:\Documents and Settings\NoNme\Dane aplikacji\Mozilla\Firefox\Profiles\1mdab65g.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2015-11-06] FF Extension: Adblock Plus - C:\Documents and Settings\NoNme\Dane aplikacji\Mozilla\Firefox\Profiles\1mdab65g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-01] StartMenuInternet: FIREFOX.EXE - D:\Firefox\firefox.exe Chrome: ======= CHR Profile: C:\Documents and Settings\NoNme\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) UWAGA: => Nie wykonano weryfikacji podpisów cyfrowych plików. Usługa "Usługi kryptograficzne" nie jest uruchomiona. R2 AdvancedSystemCareService9; C:\Program Files\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit) S2 HWDeviceService.exe; C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe [271712 2011-03-14] () R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit) S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 MSSQL$INSERTGT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\sqlservr.exe [43040096 2011-06-17] (Microsoft Corporation) S2 PLAY ONLINE. RunOuc; C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe [246112 2015-01-17] () S4 SQLAgent$INSERTGT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.INSERTGT\MSSQL\Binn\SQLAGENT.EXE [370016 2011-06-17] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2015-01-17] (Creative) S3 andnetadb; C:\WINDOWS\System32\Drivers\lgandnetadb.sys [25856 2014-05-27] (Google Inc) S3 AndnetBus; C:\WINDOWS\System32\DRIVERS\lgandnetbus.sys [15744 2014-05-27] (LG Electronics Inc.) S3 AndNetDiag; C:\WINDOWS\System32\DRIVERS\lgandnetdiag.sys [24064 2014-07-07] (LG Electronics Inc.) S3 ANDNetModem; C:\WINDOWS\System32\DRIVERS\lgandnetmodem.sys [28672 2014-07-07] (LG Electronics Inc.) S3 androidusb; C:\WINDOWS\System32\Drivers\androidusb.sys [25728 2011-02-11] (Google Inc) S3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1318464 2008-08-14] (Atheros Communications, Inc.) S3 BrScnUsb; C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.) R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [329901 2006-10-15] (Broadcom Corporation.) S3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [30459 2006-10-09] (Broadcom Corporation.) R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [863402 2006-11-28] (Broadcom Corporation.) S3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [149123 2006-10-15] (Broadcom Corporation.) S3 btwhid; C:\WINDOWS\System32\DRIVERS\btwhid.sys [47907 2006-11-28] (Broadcom Corporation.) S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [52984 2015-01-17] (Broadcom Corporation.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) S3 cpuz138; C:\Documents and Settings\NoNme\Ustawienia lokalne\Temp\cpuz138\cpuz138_x32.sys [27832 2015-12-12] (CPUID) S0 EMSC; C:\WINDOWS\System32\DRIVERS\EMSC.SYS [9856 2007-03-14] () S3 huawei_cdcacm; C:\WINDOWS\System32\DRIVERS\ew_jucdcacm.sys [89856 2015-01-17] (Huawei Technologies Co., Ltd.) S3 huawei_cdcecm; C:\WINDOWS\System32\DRIVERS\ew_jucdcecm.sys [66688 2015-01-17] (Huawei Technologies Co., Ltd.) S3 huawei_ext_ctrl; C:\WINDOWS\System32\DRIVERS\ew_juextctrl.sys [26624 2015-01-17] (Huawei Technologies Co., Ltd.) R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2015-01-17] (REALiX(tm)) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2015-01-17] (Creative Technology Ltd.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R3 NETwLx32; C:\WINDOWS\System32\DRIVERS\NETwLx32.sys [6616816 2015-01-17] (Intel Corporation) S3 qcusbnet; C:\WINDOWS\System32\DRIVERS\innosusbnet.sys [425984 2012-10-26] (QUALCOMM Incorporated) S3 qcusbser; C:\WINDOWS\System32\DRIVERS\innosusbser.sys [311936 2012-10-26] (QUALCOMM Incorporated) S4 RsFx0151; C:\WINDOWS\System32\DRIVERS\RsFx0151.sys [240736 2011-06-17] (Microsoft Corporation) S3 cpuz137; Brak ImagePath U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [239488 2015-01-17] (Huawei Technologies Co., Ltd.) U0 RemoteRegistry; Brak ImagePath U3 TlntSvr; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Trzy miesiące - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-12-13 09:37 - 2015-12-13 09:37 - 00000000 ____D C:\FRST 2015-12-12 19:37 - 2015-12-12 19:55 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-12-12 19:37 - 2015-12-12 19:37 - 00000777 _____ C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk 2015-12-12 19:37 - 2015-12-12 19:37 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2015-12-12 19:37 - 2015-12-12 19:37 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware 2015-12-12 19:37 - 2015-12-12 19:37 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2015-12-12 19:37 - 2015-10-05 09:50 - 00121560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-12-12 19:37 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-12-12 19:19 - 2015-12-12 19:23 - 00108724 _____ C:\WINDOWS\ntbtlog.txt 2015-12-12 19:08 - 2015-12-12 19:16 - 00000000 ___SD C:\32788R22FWJFW 2015-12-12 19:01 - 2015-12-12 19:08 - 00001804 _____ C:\Documents and Settings\All Users\Pulpit\Advanced SystemCare 9.lnk 2015-12-12 19:01 - 2015-12-12 19:01 - 00000709 _____ C:\Documents and Settings\All Users\Menu Start\Programy\IObit Uninstaller.lnk 2015-12-12 19:01 - 2015-12-12 19:01 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\IObit Uninstaller 2015-12-12 19:01 - 2015-12-12 19:01 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Advanced SystemCare 2015-12-12 19:01 - 2015-12-12 19:01 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} 2015-12-12 18:57 - 2015-12-12 18:57 - 00000000 ____D C:\Documents and Settings\NoNme\Dane aplikacji\ProductData 2015-11-29 11:36 - 2015-12-12 19:07 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\ProductData 2015-11-29 11:21 - 2015-11-29 11:21 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_lgandnetadb_01005.Wdf 2015-11-12 21:50 - 2015-11-12 21:50 - 00000522 _____ C:\Documents and Settings\NoNme\Pulpit\Skrót do CV Olimpia Łaniecka.lnk 2015-11-06 20:39 - 2015-11-29 11:32 - 00000000 ____D C:\WINDOWS\Minidump 2015-11-06 20:04 - 2015-11-06 20:04 - 00000000 ____D C:\Documents and Settings\NoNme\Ustawienia lokalne\Dane aplikacji\PCHealth 2015-10-19 21:26 - 2015-10-19 21:26 - 00000000 __SHD C:\Documents and Settings\NetworkService\IETldCache 2015-10-14 19:06 - 2015-10-14 19:06 - 00000000 __SHD C:\Documents and Settings\NoNme\IETldCache 2015-10-08 16:31 - 2015-10-08 16:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB951376-v2$ 2015-10-08 16:30 - 2015-10-08 16:34 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt 2015-10-08 16:29 - 2015-10-08 16:30 - 00000000 __HDC C:\WINDOWS\ie8 2015-10-08 16:28 - 2015-10-08 16:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB946648$ 2015-10-08 16:25 - 2015-10-08 16:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2387149$ 2015-10-08 16:24 - 2015-10-08 16:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2659262$ 2015-10-08 16:24 - 2015-10-08 16:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2564958$ 2015-10-08 16:21 - 2015-10-08 16:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$ 2015-10-08 16:21 - 2015-10-08 16:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2536276-v2$ 2015-10-08 16:21 - 2015-10-08 16:21 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2296011$ 2015-10-08 16:18 - 2015-10-08 16:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$ 2015-10-08 16:15 - 2015-10-08 16:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975558_WM8$ 2015-10-08 16:15 - 2015-10-08 16:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB955759$ 2015-10-08 16:10 - 2015-10-08 16:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2378111_WM9$ 2015-10-08 16:07 - 2015-10-08 16:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2686509$ 2015-10-08 16:07 - 2015-10-08 16:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2485663$ 2015-10-08 16:06 - 2015-10-08 16:06 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$ 2015-10-08 16:05 - 2015-10-08 16:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB954155_WM9$ 2015-10-08 16:05 - 2015-10-08 16:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$ 2015-10-08 16:04 - 2015-10-08 16:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB972270$ 2015-10-08 16:02 - 2015-10-08 16:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB956844$ 2015-10-08 15:59 - 2015-10-08 15:59 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973869$ 2015-10-08 15:59 - 2015-10-08 15:59 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2592799$ 2015-10-08 15:54 - 2015-10-08 15:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB941569$ 2015-10-08 15:53 - 2015-10-08 15:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB950762$ 2015-10-08 15:53 - 2015-10-08 15:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2807986$ 2015-10-08 15:53 - 2015-10-08 15:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2535512$ 2015-10-08 15:52 - 2015-10-08 15:52 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2570947$ 2015-10-08 15:46 - 2015-10-08 15:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978695_WM9$ 2015-10-08 15:46 - 2015-10-08 15:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB952287$ 2015-10-08 15:46 - 2015-10-08 15:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$ 2015-10-08 15:42 - 2015-10-08 15:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973904$ 2015-10-08 15:42 - 2015-10-08 15:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973540_WM9$ 2015-10-08 15:42 - 2015-10-08 15:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2603381$ 2015-10-08 15:41 - 2015-10-08 15:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB929399$ 2015-10-08 15:40 - 2015-10-08 15:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB952069_WM9$ 2015-10-08 15:40 - 2015-10-08 15:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2698365$ 2015-10-08 15:37 - 2015-10-08 15:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB979309$ 2015-10-08 15:36 - 2015-10-08 15:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB979482$ 2015-10-08 15:36 - 2015-10-08 15:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB978706$ 2015-10-08 15:36 - 2015-10-08 15:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB960803$ 2015-10-08 15:36 - 2015-10-08 15:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2934207$ 2015-10-08 15:36 - 2015-10-08 15:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2727528$ 2015-10-08 15:36 - 2015-10-08 15:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2723135-v2$ 2015-10-08 15:35 - 2015-10-08 15:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB973815$ 2015-10-08 15:35 - 2015-10-08 15:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$ 2015-10-08 15:35 - 2015-10-08 15:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2813345$ 2015-10-08 15:35 - 2015-10-08 15:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2509553$ 2015-10-08 15:34 - 2015-10-08 15:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2676562$ 2015-10-08 15:29 - 2015-10-08 15:29 - 00000000 ____D C:\Program Files\MSXML 4.0 2015-10-08 15:24 - 2015-10-08 15:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB982665$ 2015-10-08 15:19 - 2015-10-08 15:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2478960$ 2015-10-08 15:19 - 2015-10-08 15:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2393802$ 2015-10-08 15:18 - 2015-10-08 15:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$ 2015-10-08 15:18 - 2015-10-08 15:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2661637$ 2015-10-08 15:18 - 2015-10-08 15:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2620712$ 2015-10-08 15:18 - 2015-10-08 15:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2584146$ 2015-10-08 15:18 - 2015-10-08 15:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2566454$ 2015-10-08 15:15 - 2015-10-08 15:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB975467$ 2015-10-08 15:15 - 2015-10-08 15:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB968389$ 2015-10-08 15:12 - 2008-06-14 18:36 - 00273024 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2015-10-08 15:12 - 2008-06-14 18:36 - 00273024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthport.sys 2015-10-08 15:10 - 2011-07-15 14:29 - 00456320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mrxsmb.sys 2015-10-08 15:06 - 2013-07-03 03:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys 2015-10-08 15:03 - 2013-07-17 01:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys 2015-10-08 15:03 - 2013-07-17 01:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys 2015-10-08 14:53 - 2014-02-27 00:28 - 00023040 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe 2015-10-08 14:53 - 2014-02-27 00:28 - 00023040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe 2015-10-08 14:53 - 2013-08-09 01:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys 2015-10-08 14:53 - 2013-08-09 01:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys 2015-10-08 14:49 - 2012-04-11 14:55 - 02149888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlmp.exe 2015-10-08 14:49 - 2012-04-11 14:55 - 02070400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlpa.exe 2015-10-08 14:49 - 2012-04-11 14:55 - 02028032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrpamp.exe 2015-10-08 14:49 - 2012-04-11 14:54 - 02193920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntoskrnl.exe 2015-10-08 14:49 - 2012-01-11 20:07 - 00003072 ____N C:\WINDOWS\system32\iacenc.dll 2015-10-08 14:49 - 2012-01-11 20:07 - 00003072 ____C C:\WINDOWS\system32\dllcache\iacenc.dll 2015-10-06 18:11 - 2015-11-06 20:25 - 00002513 _____ C:\Documents and Settings\NoNme\Pulpit\Microsoft Office Word 2007 ..lnk 2015-10-06 18:11 - 2015-10-06 18:11 - 00002513 _____ C:\Documents and Settings\NoNme\Pulpit\Microsoft Office Word 2007.lnk 2015-10-06 17:56 - 2015-10-06 17:56 - 00000000 ___SD C:\Documents and Settings\NoNme\Pulpit\Mój Komputer 2015-10-06 17:52 - 2015-10-06 17:52 - 01691136 _____ C:\Documents and Settings\NoNme\Pulpit\AdwCleaner_5.exe 2015-10-06 17:49 - 2015-10-06 17:49 - 00000000 ___RD C:\Documents and Settings\NoNme\Moje dokumenty\Moje wideo 2015-10-06 17:48 - 2015-10-06 17:48 - 00000000 ____D C:\WINDOWS\erdnt 2015-10-06 17:25 - 2015-10-08 16:31 - 00000000 ___HD C:\WINDOWS\$hf_mig$ 2015-10-06 17:25 - 2015-10-06 17:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB898461$ 2015-10-06 17:25 - 2015-10-06 17:25 - 00000000 ____D C:\WINDOWS\system32\PreInstall 2015-09-28 20:54 - 2015-09-28 21:13 - 00000000 ____D C:\Documents and Settings\NoNme\Pulpit\s5 2015-09-23 16:29 - 2015-09-23 16:29 - 00084248 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys 2015-09-23 15:52 - 2015-09-23 15:52 - 00000000 ____D C:\WINDOWS\Hewlett-Packard 2015-09-20 14:24 - 2015-09-20 14:24 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\OnlineUpdate 2015-09-20 14:24 - 2015-09-20 14:24 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\log ==================== Trzy miesiące - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-12-13 09:37 - 2013-09-07 13:36 - 00000000 ____D C:\WINDOWS 2015-12-13 09:37 - 2013-09-07 12:08 - 00000000 ____D C:\Documents and Settings\NoNme\Ustawienia lokalne\Temp 2015-12-13 09:31 - 2013-09-07 12:07 - 00000188 __SHC C:\Documents and Settings\LocalService\ntuser.ini 2015-12-13 09:30 - 2013-09-07 12:06 - 00000188 __SHC C:\Documents and Settings\NetworkService\ntuser.ini 2015-12-12 20:01 - 2013-09-07 12:08 - 00000188 ___SH C:\Documents and Settings\NoNme\ntuser.ini 2015-12-12 19:57 - 2013-09-07 12:08 - 00000000 ____D C:\Documents and Settings\NoNme\Pulpit 2015-12-12 19:37 - 2013-09-07 13:43 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2015-12-12 19:37 - 2013-09-07 13:43 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2015-12-12 19:37 - 2013-09-07 13:43 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2015-12-12 19:12 - 2015-01-17 11:27 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Comodo Downloader 2015-12-12 19:01 - 2015-06-30 17:27 - 00000709 _____ C:\Documents and Settings\All Users\Pulpit\IObit Uninstaller.lnk 2015-12-12 19:01 - 2014-08-04 12:01 - 00000000 ____D C:\Documents and Settings\NoNme\Dane aplikacji\IObit 2015-12-12 19:01 - 2014-08-04 12:00 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\IObit 2015-12-12 19:01 - 2013-09-07 12:08 - 00000000 ___HD C:\Documents and Settings\NoNme\Szablony 2015-12-12 19:01 - 2000-01-16 23:40 - 00000000 ____D C:\Program Files\Common Files\IObit 2015-12-12 19:00 - 2014-08-04 12:00 - 00000000 ____D C:\Program Files\IObit 2015-12-12 18:57 - 2013-09-07 12:08 - 00000000 __RHD C:\Documents and Settings\NoNme\Dane aplikacji 2015-12-12 18:56 - 2008-04-15 13:00 - 00011936 _____ C:\WINDOWS\system32\wpa.dbl 2015-11-29 11:34 - 2013-09-07 12:06 - 00000000 __SHD C:\Documents and Settings\NetworkService 2015-11-29 11:15 - 2013-11-20 10:36 - 00065536 _____ C:\WINDOWS\system32\config\ODiag.evt 2015-11-29 11:14 - 2013-09-07 13:36 - 00000000 ___HD C:\WINDOWS\inf ==================== Pliki w katalogu głównym wybranych folderów ======= 2013-10-15 22:03 - 2013-11-20 00:03 - 0000093 ____C () C:\Documents and Settings\NoNme\Dane aplikacji\WB.CFG 2013-10-15 22:03 - 2013-11-20 00:03 - 0000006 ____C () C:\Documents and Settings\NoNme\Dane aplikacji\WBPU-TTL.DAT 2013-09-07 14:13 - 2015-08-13 23:29 - 0053248 ____C () C:\Documents and Settings\NoNme\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini Pliki do przeniesienia lub usunięcia: ==================== C:\Windows\Tasks\At1.job C:\Windows\Tasks\At2.job C:\Windows\Tasks\At3.job C:\Windows\Tasks\At4.job ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 1044992 ____A (Microsoft Corporation) DA9656BBE3A4770C22B41CECE287F419 C:\WINDOWS\system32\winlogon.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0510464 ____A (Microsoft Corporation) 51FD2E13D723857B9CA239AE77150F48 C:\WINDOWS\system32\svchost.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0024064 ____A (Microsoft Corporation) BCF08C36EC5D9DD6FE08BF06C94D3708 C:\WINDOWS\system32\services.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0109056 ____A (Microsoft Corporation) 3E3AE424E27C4CEFE4CAB368C7B570EA C:\WINDOWS\system32\User32.dll [2008-04-15 13:00] - [2008-04-15 13:00] - 0580096 ____A (Microsoft Corporation) A435C5C069AFD901751AC323AD238793 C:\WINDOWS\system32\userinit.exe [2008-04-15 13:00] - [2008-04-15 13:00] - 0036352 ____A (Microsoft Corporation) 23345EA41B19E42D08EE48913B21E301 C:\WINDOWS\system32\rpcss.dll [2008-04-15 13:00] - [2008-04-15 13:00] - 0399360 ____A (Microsoft Corporation) 02396DAB9DD407B06539981F477F3FEC C:\WINDOWS\system32\dnsapi.dll [2008-04-15 13:00] - [2011-03-03 07:55] - 0149504 ____A (Microsoft Corporation) 6599CFCB40329C37282E4E80E813E799 C:\WINDOWS\system32\Drivers\volsnap.sys [2008-04-15 13:00] - [2008-04-15 13:00] - 0052864 ____A (Microsoft Corporation) 56B191AC5FC0DF219949C95A6C87AFE7 ==================== Koniec FRST.txt ============================