Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:31-12-2015 Uruchomiony przez Artur (administrator) ARTUR-NQD6N0DEM (01-01-2016 22:11:14) Uruchomiony z C:\Documents and Settings\Artur\Pulpit\FRST Załadowane profile: Artur (Dostępne profile: Artur) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 8 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe () C:\WINDOWS\system32\TaskSwitch.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Oracle Corporation) C:\Program Files\common files\Java\Java Update\jusched.exe (Globe Software) D:\StatBar\StatBar\StatBar.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (Raxco Software, Inc.) C:\Program Files\common files\Raxco\Shared\PDEngine.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe () C:\WINDOWS\system32\PnkBstrA.exe (Microsoft Corporation) C:\Program Files\common files\microsoft shared\Windows Live\WLIDSVC.EXE (Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation) C:\Program Files\common files\microsoft shared\Windows Live\WLIDSVCM.EXE (Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe (Opera Software) C:\Program Files\Opera\34.0.2036.25\opera.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Opera Software) C:\Program Files\Opera\34.0.2036.25\opera_crashreporter.exe (Opera Software) C:\Program Files\Opera\34.0.2036.25\opera.exe (Opera Software) C:\Program Files\Opera\34.0.2036.25\opera.exe (Opera Software) C:\Program Files\Opera\34.0.2036.25\opera.exe (Opera Software) C:\Program Files\Opera\34.0.2036.25\opera.exe (Opera Software) C:\Program Files\Opera\34.0.2036.25\opera.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [CoolSwitch] => C:\windows\system32\taskswitch.exe [45632 2002-03-19] () HKLM\...\Run: [CTxfiHlp] => C:\WINDOWS\SYSTEM32\CTXFIHLP.EXE [18944 2006-08-11] (Creative Technology Ltd) HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [273528 2011-10-02] (RealNetworks, Inc.) HKLM\...\Run: [BCSSync] => D:\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) HKLM\...\Policies\Explorer: [NoRemoteRecursiveEvents] 1 HKLM\...\Policies\Explorer: [ClassicShell] 0 HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1 HKU\S-1-5-21-1292428093-616249376-839522115-1003\...\Run: [StatBar] => D:\StatBar\StatBar\StatBar.exe [335872 2003-07-25] (Globe Software) HKU\S-1-5-21-1292428093-616249376-839522115-1003\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3903056 2015-05-20] (Tonec Inc.) HKU\S-1-5-21-1292428093-616249376-839522115-1003\...\Policies\system: [NoVisualStyleChoice] 0 HKU\S-1-5-21-1292428093-616249376-839522115-1003\...\Policies\system: [NoColorChoice] 0 HKU\S-1-5-21-1292428093-616249376-839522115-1003\...\Policies\system: [NoSizeChoice] 0 HKU\S-1-5-21-1292428093-616249376-839522115-1003\...\Policies\Explorer: [NoSMConfigurePrograms] 1 HKU\S-1-5-21-1292428093-616249376-839522115-1003\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-21-1292428093-616249376-839522115-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1292428093-616249376-839522115-1003\...\Policies\Explorer: [NoChangeKeyboardNavigationIndicators] 0 HKU\S-1-5-21-1292428093-616249376-839522115-1003\...\Policies\Explorer: [ClassicShell] 0 HKU\S-1-5-21-1292428093-616249376-839522115-1003\...\Policies\Explorer: [NoSharedDocuments] 1 HKU\S-1-5-21-1292428093-616249376-839522115-1003\...\Policies\Explorer: [NoCDBurning] 1 HKU\S-1-5-21-1292428093-616249376-839522115-1003\...\Policies\Explorer: [TaskbarNoNotification] 1 ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => D:\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => D:\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => D:\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => D:\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => D:\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2014-04-21] (Tonec Inc.) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{82268693-DED3-43ED-9769-39A4FE653FDC}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1292428093-616249376-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1292428093-616249376-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.pl/ SearchScopes: HKU\S-1-5-21-1292428093-616249376-839522115-1003 -> DefaultScope {B321C38B-A876-452D-A73B-928334C65889} URL = hxxp://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKU\S-1-5-21-1292428093-616249376-839522115-1003 -> {B321C38B-A876-452D-A73B-928334C65889} URL = hxxp://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-05-20] (Internet Download Manager, Tonec Inc.) BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-30] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll [2015-06-09] () BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-30] (Oracle Corporation) Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2015-06-09] () Toolbar: HKU\S-1-5-21-1292428093-616249376-839522115-1003 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2015-06-09] () DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1349594002156 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll [2008-04-14] (Microsoft Corporation) Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll [2007-01-19] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll [2007-01-19] (Microsoft Corporation) Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2015-06-09] () FireFox: ======== FF ProfilePath: C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default FF Homepage: hxxps://www.google.pl/ FF Session Restore: -> [funkcja włączona] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-30] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1211151.dll [2014-04-15] (Adobe Systems, Inc.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-30] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-30] (Oracle Corporation) FF Plugin: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-11-08] () FF Plugin: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-11-08] () FF Plugin: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-11-08] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=12.0.1.669 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2011-10-02] (RealNetworks, Inc.) FF Plugin: @real.com/nprjplug;version=12.0.1.669 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2011-10-02] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=12.0.1.669 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2011-10-02] (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF SearchPlugin: C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\searchplugins\filmwebpl.xml [2015-03-09] FF SearchPlugin: C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\searchplugins\googlemaps.xml [2015-12-31] FF SearchPlugin: C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\searchplugins\szukaj-chomikuj.xml [2015-12-31] FF SearchPlugin: C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\searchplugins\youtube.xml [2015-12-31] FF Extension: LinkChecker - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\extensions\{49f3fc85-dcfe-4e42-9301-226ebe658509}.xpi [2015-06-05] FF Extension: EPUBReader - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-06-05] FF Extension: Greasemonkey - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-11-22] FF Extension: WOT - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-30] FF Extension: Google Translator for Firefox - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\extensions\translator@zoli.bod.xpi [2015-12-30] FF Extension: Lazarus: Form Recovery - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\extensions\lazarus@interclue.com.xpi [2015-12-30] FF Extension: Context Search - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\extensions\{902D2C4A-457A-4EF9-AD43-7014562929FF}.xpi [2015-12-31] FF Extension: Allegro.pl Search - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\extensions\allegrosearch@matylla.pl.xpi [2015-12-31] FF Extension: FireGestures - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\extensions\firegestures@xuldev.org.xpi [2016-01-01] FF Extension: NoScript - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-01-01] FF Extension: FEBE - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2016-01-01] FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-11-08] [Brak podpisu cyfrowego] FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-11-08] [Brak podpisu cyfrowego] FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-11-08] [Brak podpisu cyfrowego] FF Extension: Tile Tabs - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\extensions\tiletabs@DW-dev.xpi [2016-01-01] FF Extension: United States English Spellchecker - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\Extensions\en-US@dictionaries.addons.mozilla.org [2015-12-31] [Brak podpisu cyfrowego] FF Extension: YouTube Video and Audio Downloader - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2015-12-31] FF Extension: Gmail Notifier (restartless) - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2016-01-01] FF Extension: English (US) Language Pack - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2015-12-31] FF Extension: Polski Language Pack - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2015-12-31] FF Extension: Polski slownik poprawnej pisowni - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\Extensions\pl@dictionaries.addons.mozilla.org [2015-12-31] FF Extension: uBlock Origin - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\Extensions\uBlock0@raymondhill.net.xpi [2015-12-31] FF Extension: YouTube High Definition - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2015-12-30] FF Extension: YouTube Video Replay - C:\Documents and Settings\Artur\Dane aplikacji\Mozilla\Firefox\Profiles\9y8kl4fn.default\Extensions\{e1aaa9f8-4500-47f1-9a0a-b02bd60e4076}.xpi [2015-12-31] FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - D:\Trend Micro Internet Security\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension => nie znaleziono FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - D:\Trend Micro Internet Security\Trend Micro\AMSP\module\20004\FxExt\firefoxextension => nie znaleziono FF HKLM\...\Firefox\Extensions: [{24e5daf3-862d-4142-80ba-7cded1e66165}] - D:\Trend Micro Internet Security\Trend Micro\AMSP\module\20004\FxExt\firefoxextension => nie znaleziono FF HKLM\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com FF HKLM\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com FF HKLM\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com FF HKU\S-1-5-21-1292428093-616249376-839522115-1003\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\Artur\Dane aplikacji\IDM\idmmzcc5 FF Extension: IDM CC - C:\Documents and Settings\Artur\Dane aplikacji\IDM\idmmzcc5 [2016-01-01] [Brak podpisu cyfrowego] FF HKU\S-1-5-21-1292428093-616249376-839522115-1003\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\Artur\Dane aplikacji\IDM\idmmzcc5 StartMenuInternet: FIREFOX.EXE - D:\Mozilla Firefox\firefox.exe Chrome: ======= CHR HomePage: Profile 4 -> gazeta.pl/0,0.html?p=174 CHR Profile: C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-05] CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-05] CHR Extension: (Dysk Google) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05] CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-12-30] CHR Extension: (YouTube) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-05] CHR Extension: (Adblock Plus) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-12-31] CHR Extension: (OneTab) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2015-12-31] CHR Extension: (Google Search) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05] CHR Extension: (Kaspersky Protection) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-11-14] CHR Extension: (Arkusze Google) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-05] CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-20] CHR Extension: (Looper for YouTube) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\iggpfpnahkgpnindfkdncknoldgnccdg [2015-12-31] CHR Extension: (Instant Translate) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2015-12-31] CHR Extension: (Auto HD For YouTube™) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2015-12-31] CHR Extension: (Gazeta.pl) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\mgmkibjehmijilgdlafejbedipjcjeaj [2015-11-05] CHR Extension: (IDM Integration Module) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-11-05] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-05] CHR Extension: (Checker Plus for Gmail™) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2015-12-31] CHR Extension: (Gmail) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-05] CHR Profile: C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2 CHR Extension: (Google Slides) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-31] CHR Extension: (Google Docs) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-31] CHR Extension: (Google Drive) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-31] CHR Extension: (YouTube) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-31] CHR Extension: (Google Search) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-31] CHR Extension: (Kaspersky Protection) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-12-31] CHR Extension: (Google Sheets) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-31] CHR Extension: (Google Docs Offline) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-31] CHR Extension: (Gazeta.pl) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2\Extensions\mgmkibjehmijilgdlafejbedipjcjeaj [2015-12-31] CHR Extension: (IDM Integration Module) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-12-31] CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-31] CHR Extension: (Trend Micro Toolbar) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2015-12-31] CHR Extension: (Gmail) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-31] CHR Profile: C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4 CHR Extension: (Prezentacje Google) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-31] CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-31] CHR Extension: (Dysk Google) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-31] CHR Extension: (Session Manager) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi [2015-12-31] CHR Extension: (YouTube) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-31] CHR Extension: (OneTab) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2015-12-31] CHR Extension: (uBlock Origin) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-12-31] CHR Extension: (Google Search) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-31] CHR Extension: (Tampermonkey) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-12-31] CHR Extension: (Session Buddy) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2015-12-31] CHR Extension: (Arkusze Google) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-31] CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-31] CHR Extension: (Looper for YouTube) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\iggpfpnahkgpnindfkdncknoldgnccdg [2015-12-31] CHR Extension: (Instant Translate) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2015-12-31] CHR Extension: (SmallringFX DarkBlue Theme) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\kbfijmgohofmpjlcgmjplbpmkpchdhpk [2015-12-31] CHR Extension: (Auto HD For YouTube™) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2015-12-31] CHR Extension: (Ghostery) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-12-31] CHR Extension: (IDM Integration Module) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-12-31] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-31] CHR Extension: (Checker Plus for Gmail™) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2015-12-31] CHR Extension: (SpeakIt!) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\pgeolalilifpodheeocdmbhehgnkkbak [2015-12-31] CHR Extension: (Gmail) - C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-31] CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho CHR HKLM\...\Chrome\Extension: [mgmkibjehmijilgdlafejbedipjcjeaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-04-18] CHR HKLM\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx StartMenuInternet: chrome.exe - Chrome.exe Opera: ======= OPR Extension: (WOT) - C:\Documents and Settings\Artur\Dane aplikacji\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2015-12-30] OPR Extension: (Adblock Plus) - C:\Documents and Settings\Artur\Dane aplikacji\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-12-31] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AVP15.0.1; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO) S3 Futuremark SystemInfo Service; C:\Program Files\common files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [137488 2012-12-17] (Futuremark Corporation) S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [106248 2015-12-31] (SurfRight B.V.) R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) S3 Microsoft SharePoint Workspace Audit Service; D:\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation) R2 PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [2235328 2015-05-13] (Raxco Software, Inc.) R2 PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2266560 2015-05-13] (Raxco Software, Inc.) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76888 2012-12-07] () S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [292864 2007-03-26] (Nokia.) [Brak podpisu cyfrowego] S3 usnjsvc; C:\Program Files\MSN Messenger\usnsvc.exe [97136 2007-01-19] (Microsoft Corporation) S2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S1 ATITool; C:\WINDOWS\System32\DRIVERS\ATITool.sys [24064 2006-11-10] () [Brak podpisu cyfrowego] R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [281760 2010-03-10] () S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R0 cm_km_w; C:\WINDOWS\System32\DRIVERS\cm_km_w.sys [189136 2013-01-14] (Kaspersky Lab UK Ltd) S3 COMMONFX; C:\WINDOWS\System32\drivers\COMMONFX.SYS [99352 2009-06-23] (Creative Technology Ltd) S3 COMMONFX.SYS; C:\WINDOWS\System32\drivers\COMMONFX.SYS [99352 2009-06-23] (Creative Technology Ltd) S3 CTAUDFX; C:\WINDOWS\System32\drivers\CTAUDFX.SYS [555032 2009-06-23] (Creative Technology Ltd) S3 CTAUDFX.SYS; C:\WINDOWS\System32\drivers\CTAUDFX.SYS [555032 2009-06-23] (Creative Technology Ltd) S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [340704 2005-11-10] (Creative Technology Ltd) S3 CTERFXFX; C:\WINDOWS\System32\drivers\CTERFXFX.SYS [100888 2009-06-23] (Creative Technology Ltd) S3 CTERFXFX.SYS; C:\WINDOWS\System32\drivers\CTERFXFX.SYS [100888 2009-06-23] (Creative Technology Ltd) S3 ctlsb16; C:\WINDOWS\System32\drivers\ctlsb16.sys [96256 2001-08-17] (Copyright (C) Creative Technology Ltd. 1994-2001) S3 CTSBLFX; C:\WINDOWS\System32\drivers\CTSBLFX.SYS [566296 2009-06-23] (Creative Technology Ltd) S3 CTSBLFX.SYS; C:\WINDOWS\System32\drivers\CTSBLFX.SYS [566296 2009-06-23] (Creative Technology Ltd) R2 DefragFS; C:\WINDOWS\system32\Drivers\DefragFS.sys [104088 2012-09-11] (Raxco Software, Inc.) S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan) [Brak podpisu cyfrowego] S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [14944 2014-11-18] () S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10208 2014-11-18] () R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [766976 2006-08-11] (Creative Technology Ltd) R3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [154112 2006-08-11] (Creative Technology Ltd) S3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [180224 2006-08-11] (Creative Technology Ltd) R1 IDMTDI; C:\WINDOWS\System32\DRIVERS\idmtdi.sys [128528 2015-05-20] (Tonec Inc.) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [143968 2014-03-31] (Kaspersky Lab ZAO) R2 kldisk; C:\WINDOWS\System32\DRIVERS\kldisk.sys [36928 2014-07-02] (Kaspersky Lab ZAO) R3 klflt; C:\WINDOWS\System32\DRIVERS\klflt.sys [116744 2015-11-08] (Kaspersky Lab ZAO) R1 klhk; C:\WINDOWS\System32\DRIVERS\klhk.sys [36024 2014-08-12] (Kaspersky Lab ZAO) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [671928 2015-11-08] (Kaspersky Lab ZAO) R3 klim5; C:\WINDOWS\System32\DRIVERS\klim5.sys [36448 2013-04-19] (Kaspersky Lab ZAO) R3 klkbdflt; C:\WINDOWS\System32\DRIVERS\klkbdflt.sys [23648 2014-03-28] (Kaspersky Lab ZAO) R3 klmouflt; C:\WINDOWS\System32\DRIVERS\klmouflt.sys [24672 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO) R1 kltdf; C:\WINDOWS\System32\DRIVERS\kltdf.sys [60552 2014-08-21] (Kaspersky Lab ZAO) R1 kltdi; C:\WINDOWS\System32\DRIVERS\kltdi.sys [44992 2014-06-05] (Kaspersky Lab ZAO) R1 kneps; C:\WINDOWS\System32\DRIVERS\kneps.sys [146240 2014-07-09] (Kaspersky Lab ZAO) R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25888 2010-03-10] () R3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH) [Brak podpisu cyfrowego] R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [114904 2016-01-01] (Malwarebytes Corporation) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [12555680 2012-08-30] (NVIDIA Corporation) [Brak podpisu cyfrowego] R2 PDFSFilter; C:\WINDOWS\System32\DRIVERS\PDFsFilter.sys [69016 2012-08-23] (Raxco Software, Inc.) S3 RivaTuner32; C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys [9088 2009-08-22] () [Brak podpisu cyfrowego] R2 rspndr; C:\WINDOWS\System32\DRIVERS\rspndr.sys [62336 2006-11-08] (Microsoft Corporation) [Brak podpisu cyfrowego] R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [114408 2014-02-03] (Power Software Ltd) R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [Brak podpisu cyfrowego] R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [Brak podpisu cyfrowego] R0 sfsync02; C:\WINDOWS\System32\drivers\sfsync02.sys [19968 2005-08-10] (Protection Technology) [Brak podpisu cyfrowego] R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [66048 2005-09-29] (Protection Technology) [Brak podpisu cyfrowego] R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2014-04-10] (Duplex Secure Ltd.) S2 WF23880; C:\WINDOWS\System32\drivers\wf88vcap.sys [208851 2004-10-18] (Copyright @2000-2006 Leadtek Research Inc.) S2 WF88XBAR; C:\WINDOWS\System32\drivers\WF88XBAR.sys [10324 2004-10-18] (Copyright @2000-2006 Leadtek Research Inc.) S2 WFTUNE; C:\WINDOWS\System32\drivers\WF88TUNE.sys [34789 2004-10-18] (Copyright @2000-2006 Leadtek Research Inc.) R3 WmBEnum; C:\WINDOWS\System32\drivers\WmBEnum.sys [10144 2004-04-14] (Logitech Inc.) S3 WmFilter; C:\WINDOWS\System32\drivers\WmFilter.sys [21280 2004-04-14] (Logitech Inc.) S3 WmVirHid; C:\WINDOWS\System32\drivers\WmVirHid.sys [5600 2004-04-14] (Logitech Inc.) R3 WmXlCore; C:\WINDOWS\System32\drivers\WmXlCore.sys [44064 2004-04-14] (Logitech Inc.) R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [250496 2006-11-22] (Marvell) S4 IntelIde; Brak ImagePath U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) U2 TMAgent; Brak ImagePath U5 UnlockerDriver5; D:\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [Brak podpisu cyfrowego] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-01-01 21:59 - 2016-01-01 22:11 - 00000000 ____D C:\Documents and Settings\Artur\Pulpit\FRST 2016-01-01 20:59 - 2016-01-01 21:00 - 00040504 _____ C:\Documents and Settings\Artur\Pulpit\Gmer.txt 2016-01-01 20:29 - 2016-01-01 20:29 - 00380416 _____ C:\Documents and Settings\Artur\Pulpit\21etgmt0.exe 2016-01-01 20:28 - 2016-01-01 20:28 - 00138092 _____ C:\Documents and Settings\Artur\Pulpit\Shortcut.txt 2016-01-01 20:26 - 2016-01-01 20:28 - 00052575 _____ C:\Documents and Settings\Artur\Pulpit\Addition.txt 2016-01-01 20:25 - 2016-01-01 20:28 - 00064133 _____ C:\Documents and Settings\Artur\Pulpit\FRST.txt 2016-01-01 20:23 - 2016-01-01 22:11 - 00000000 ____D C:\FRST 2016-01-01 13:56 - 2016-01-01 13:56 - 00000000 ____D C:\Documents and Settings\Artur\Dane aplikacji\Registry Mechanic 2016-01-01 13:44 - 2016-01-01 13:44 - 00000000 ____D C:\Program Files\Junkware Removal Tool 2016-01-01 11:26 - 2016-01-01 11:30 - 00000000 ____D C:\Documents and Settings\Artur\Dane aplikacji\Q-Dir 2016-01-01 11:26 - 2016-01-01 11:29 - 00000000 ____D C:\Documents and Settings\Artur\Moje dokumenty\Favorites_Q_Dir 2016-01-01 11:26 - 2016-01-01 11:26 - 00001499 _____ C:\Documents and Settings\All Users\Pulpit\Q-Dir.lnk 2016-01-01 11:26 - 2016-01-01 11:26 - 00001499 _____ C:\Documents and Settings\All Users\Menu Start\Q-Dir.lnk 2016-01-01 11:26 - 2016-01-01 11:26 - 00000000 ____D C:\Program Files\Q-Dir 2016-01-01 11:26 - 2016-01-01 11:26 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Q-Dir 2016-01-01 11:25 - 2016-01-01 19:42 - 00005320 _____ C:\WINDOWS\Q-Dir.ini 2016-01-01 11:09 - 2016-01-01 11:10 - 00000000 ____D C:\Program Files\Menedżer plików 2015-12-30 04:16 - 2015-12-30 04:16 - 00012372 _____ C:\WINDOWS\system32\.crusader 2015-12-30 03:40 - 2015-12-30 04:00 - 00000000 ____D C:\Program Files\HitmanPro 2015-12-30 03:40 - 2015-12-30 03:40 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\HitmanPro 2015-12-30 03:39 - 2015-12-30 04:16 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\HitmanPro 2015-12-30 02:32 - 2015-12-30 02:32 - 00000000 ____D C:\Program Files\WOT 2015-12-30 01:27 - 2016-01-01 22:07 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-12-30 01:27 - 2015-12-30 01:51 - 00000800 _____ C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk 2015-12-30 01:27 - 2015-12-30 01:51 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware 2015-12-30 01:26 - 2015-12-30 01:51 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2015-12-30 01:26 - 2014-11-21 06:14 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-12-30 01:26 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-12-30 01:23 - 2015-12-30 01:26 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2015-12-30 01:01 - 2015-12-30 01:01 - 00000280 _____ C:\WINDOWS\system32\PDBootState 2015-12-30 00:45 - 2015-12-30 00:44 - 00095840 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2015-12-30 00:45 - 2015-12-30 00:43 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2015-12-30 00:36 - 2015-12-30 00:36 - 00001799 _____ C:\Documents and Settings\All Users\Pulpit\PerfectDisk.lnk 2015-12-30 00:36 - 2015-12-30 00:36 - 00001785 _____ C:\Documents and Settings\All Users\Menu Start\Programy\PerfectDisk.lnk 2015-12-30 00:36 - 2015-12-30 00:36 - 00000000 ____D C:\Program Files\Common Files\Raxco 2015-12-30 00:36 - 2015-12-30 00:36 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Raxco 2015-12-30 00:35 - 2015-12-30 00:41 - 00000000 ____D C:\Program Files\Raxco 2015-12-29 23:58 - 2015-12-29 23:58 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Powertoys for Windows XP 2015-12-29 23:58 - 2003-06-25 16:05 - 00266360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TweakUI.exe 2015-12-27 08:11 - 2013-03-11 10:21 - 00001708 _____ C:\Documents and Settings\Artur\Pulpit\Podłączanie pulpitu zdalnego.lnk 2015-12-27 07:42 - 2015-12-27 07:42 - 00262144 _____ C:\WINDOWS\system32\config\elam 2015-12-25 07:24 - 2016-01-01 22:06 - 00000456 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1451024658.job 2015-12-25 07:24 - 2016-01-01 11:23 - 00000670 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Opera 34.lnk 2015-12-25 07:21 - 2015-12-25 07:21 - 00000000 ____D C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Opera Software 2015-12-25 07:21 - 2015-12-25 07:21 - 00000000 ____D C:\Documents and Settings\Artur\Dane aplikacji\Opera Software 2015-12-25 04:43 - 2015-12-25 06:45 - 00000504 _____ C:\Documents and Settings\Artur\Pulpit\WinRAR.lnk 2015-12-25 04:43 - 2015-12-25 06:45 - 00000504 _____ C:\Documents and Settings\Artur\Menu Start\WinRAR.lnk 2015-12-25 04:43 - 2015-12-25 05:18 - 00000000 ____D C:\Documents and Settings\Artur\Menu Start\Programy\WinRAR 2015-12-25 04:43 - 2015-12-25 05:18 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\WinRAR 2015-12-24 21:23 - 2016-01-01 22:05 - 00000000 ____D C:\Documents and Settings\Artur\Dane aplikacji\DMCache 2015-12-24 21:23 - 2016-01-01 14:03 - 00000000 ____D C:\Documents and Settings\Artur\Dane aplikacji\IDM 2015-12-24 21:23 - 2015-12-25 04:41 - 00000000 ____D C:\Program Files\Internet Download Manager 2015-12-24 21:23 - 2015-12-24 21:23 - 00000000 ____D C:\Documents and Settings\Artur\Menu Start\Programy\Internet Download Manager 2015-12-24 21:23 - 2015-12-24 21:23 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Internet Download Manager 2015-12-24 21:23 - 2015-12-24 21:23 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\IDM 2015-12-24 07:34 - 2015-12-24 07:34 - 00000000 ____D C:\Documents and Settings\Artur\Dane aplikacji\Sony 2015-12-20 21:58 - 2015-12-20 22:00 - 00001081 _____ C:\Documents and Settings\Artur\Pulpit\VideoThumbnailsMaker.lnk 2015-12-20 21:55 - 2015-12-20 21:55 - 00000000 ____D C:\Program Files\Portable Video Thumbnails Maker Platinum 7.1.0.0 2015-12-20 18:07 - 2016-01-01 14:00 - 00019880 _____ C:\WINDOWS\Tasks\{04057F47-7D7F-0408-0411-7D090808117F}.job 2015-12-20 18:07 - 2015-12-20 18:07 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\8f856881-1bc3-0 2015-12-20 18:06 - 2015-12-20 18:07 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\8f856881-40b7-1 2015-12-20 18:04 - 2015-12-20 18:04 - 00000468 _____ C:\Documents and Settings\Artur\Pulpit\KMPlayer.lnk 2015-12-20 18:04 - 2015-12-20 18:04 - 00000000 ____D C:\Documents and Settings\Artur\Menu Start\Programy\The KMPlayer 2015-12-20 17:54 - 2015-12-20 17:54 - 00000000 ____D C:\Program Files\LAV Filters 2015-12-20 17:47 - 2015-12-20 17:47 - 00000627 _____ C:\Documents and Settings\Artur\Pulpit\Daum Potplayer.lnk 2015-12-20 17:47 - 2015-12-20 17:47 - 00000000 ____D C:\Program Files\DAUM 2015-12-20 17:47 - 2015-12-20 17:47 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Daum 2015-12-20 17:23 - 2015-12-20 17:23 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\GRETECH 2015-12-20 17:22 - 2015-12-20 17:22 - 00000675 _____ C:\Documents and Settings\Artur\Menu Start\GOM Player.lnk 2015-12-20 17:22 - 2015-12-20 17:22 - 00000675 _____ C:\Documents and Settings\All Users\Pulpit\GOM Player.lnk 2015-12-20 17:22 - 2015-12-20 17:22 - 00000000 ____D C:\Documents and Settings\Artur\Dane aplikacji\GRETECH 2015-12-20 17:22 - 2015-12-20 17:22 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\GOM Player ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-01-01 22:11 - 2007-09-11 10:10 - 00000000 ____D C:\Documents and Settings\Artur\Ustawienia lokalne\Temp 2016-01-01 22:09 - 2007-09-11 10:10 - 00000000 __SHD C:\Documents and Settings\Artur\Ustawienia lokalne\Historia 2016-01-01 22:07 - 2015-11-08 21:47 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab 2016-01-01 22:07 - 2007-09-11 10:09 - 00000000 __SHD C:\Documents and Settings\NetworkService\Ustawienia lokalne\Historia 2016-01-01 22:06 - 2015-11-08 20:57 - 00000222 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2016-01-01 22:06 - 2013-03-18 01:10 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-01 22:06 - 2012-09-07 19:19 - 00000314 _____ C:\WINDOWS\Tasks\GlaryInitialize.job 2016-01-01 22:06 - 2011-10-02 14:02 - 00000278 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1292428093-616249376-839522115-1003.job 2016-01-01 22:06 - 2007-09-11 10:09 - 00000000 __SHD C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia 2016-01-01 22:06 - 2007-09-11 10:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-01 22:05 - 2015-11-08 21:33 - 00321310 _____ C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat 2016-01-01 22:05 - 2011-12-31 18:41 - 00030912 _____ C:\WINDOWS\system32\BMXStateBkp-{00000005-00000000-00000005-00001102-00000004-10031102}.rfx 2016-01-01 22:05 - 2011-12-31 18:41 - 00030912 _____ C:\WINDOWS\system32\BMXState-{00000005-00000000-00000005-00001102-00000004-10031102}.rfx 2016-01-01 22:05 - 2011-12-31 18:41 - 00030120 _____ C:\WINDOWS\system32\BMXCtrlState-{00000005-00000000-00000005-00001102-00000004-10031102}.rfx 2016-01-01 22:05 - 2011-12-31 18:41 - 00030120 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000005-00000000-00000005-00001102-00000004-10031102}.rfx 2016-01-01 22:05 - 2011-12-31 18:41 - 00011564 _____ C:\WINDOWS\system32\DVCState-{00000005-00000000-00000005-00001102-00000004-10031102}.rfx 2016-01-01 22:05 - 2011-12-31 18:41 - 00001080 _____ C:\WINDOWS\system32\settingsbkup.sfm 2016-01-01 22:05 - 2011-12-31 18:41 - 00001080 _____ C:\WINDOWS\system32\settings.sfm 2016-01-01 22:05 - 2007-09-11 10:10 - 00000188 ___SH C:\Documents and Settings\Artur\ntuser.ini 2016-01-01 22:05 - 2007-09-11 10:09 - 00032392 _____ C:\WINDOWS\SchedLgU.Txt 2016-01-01 22:03 - 2011-01-30 14:36 - 00000980 _____ C:\Documents and Settings\Artur\Menu Start\Programy\Internet Explorer.lnk 2016-01-01 22:03 - 2008-07-06 06:24 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\OpenSSL 2016-01-01 22:03 - 2007-09-11 10:10 - 00000000 ___RD C:\Documents and Settings\Artur\Menu Start\Programy 2016-01-01 22:00 - 2011-05-23 12:55 - 00000000 __SHD C:\Documents and Settings\UpdatusUser\Ustawienia lokalne\Historia 2016-01-01 22:00 - 2007-09-11 10:46 - 00000000 __SHD C:\Documents and Settings\Default User\Ustawienia lokalne\Historia 2016-01-01 22:00 - 2007-09-11 10:09 - 00000000 ____D C:\Documents and Settings\LocalService\Ustawienia lokalne\Temp 2016-01-01 21:59 - 2007-09-11 10:10 - 00000000 ____D C:\Documents and Settings\Artur\Pulpit 2016-01-01 21:58 - 2013-03-18 01:10 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-01 21:12 - 2012-10-07 02:54 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-01-01 20:44 - 2015-11-23 04:26 - 00000160 _____ C:\native log.txt 2016-01-01 20:26 - 2007-09-11 11:39 - 00000000 ____D C:\WINDOWS 2016-01-01 20:12 - 2015-11-04 00:28 - 00000000 __HDC C:\WINDOWS\$NtUninstallwinusb0100$ 2016-01-01 19:58 - 2010-08-01 04:24 - 08927946 _____ C:\WINDOWS\ntbtlog.txt 2016-01-01 19:49 - 2015-11-08 21:33 - 00865224 _____ C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1292428093-616249376-839522115-1003-0.dat 2016-01-01 19:47 - 2012-09-14 21:56 - 00001774 ____H C:\Documents and Settings\Artur\Moje dokumenty\Default.rdp 2016-01-01 16:36 - 2010-05-15 13:02 - 00000000 ____D C:\Documents and Settings\Artur\Dane aplikacji\vlc 2016-01-01 14:02 - 2013-06-06 17:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-01-01 14:02 - 2001-07-21 23:17 - 00002228 _____ C:\WINDOWS\system32\wpa.dbl 2016-01-01 14:00 - 2012-10-03 07:29 - 00262144 _____ C:\WINDOWS\system32\config\WindowsPowerShell.evt 2016-01-01 14:00 - 2012-06-19 21:07 - 00065536 _____ C:\WINDOWS\system32\config\OAlerts.evt 2016-01-01 13:57 - 2007-09-11 23:24 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\TEMP 2016-01-01 13:56 - 2007-09-11 10:10 - 00000000 __RHD C:\Documents and Settings\Artur\Dane aplikacji 2016-01-01 13:55 - 2011-04-14 10:42 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\RapidShare Manager 2016-01-01 13:47 - 2010-11-27 11:56 - 00000000 ____D C:\Documents and Settings\Artur\Dane aplikacji\uTorrent 2016-01-01 11:26 - 2007-09-11 10:46 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2016-01-01 11:26 - 2007-09-11 10:46 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start 2016-01-01 11:26 - 2007-09-11 10:46 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2016-01-01 11:26 - 2007-09-11 10:10 - 00000000 ___RD C:\Documents and Settings\Artur\Moje dokumenty 2016-01-01 11:24 - 2013-03-18 01:11 - 00001828 _____ C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2016-01-01 11:24 - 2009-02-06 05:08 - 00000504 _____ C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk 2016-01-01 11:23 - 2012-09-10 20:24 - 00000504 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk 2016-01-01 11:23 - 2011-01-30 14:56 - 00001505 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Opera.lnk 2016-01-01 11:23 - 2011-01-30 14:56 - 00001499 _____ C:\Documents and Settings\All Users\Pulpit\Opera.lnk 2016-01-01 11:22 - 2010-02-01 14:34 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat 2016-01-01 10:29 - 2012-01-04 22:18 - 00000000 ____D C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Temp 2016-01-01 04:45 - 2013-06-06 17:41 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Silverlight 2016-01-01 04:36 - 2014-07-08 06:47 - 00000000 ____D C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\Adobe 2016-01-01 04:33 - 2014-03-06 08:24 - 00000726 _____ C:\Documents and Settings\All Users\Pulpit\VLC media player.lnk 2016-01-01 02:52 - 2007-09-11 10:10 - 00000000 ___HD C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji 2015-12-31 12:47 - 2015-11-08 17:59 - 00054156 ____H C:\WINDOWS\QTFont.qfn 2015-12-30 23:19 - 2013-01-22 09:16 - 00000000 ____D C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\ChomikBox 2015-12-30 23:19 - 2009-10-31 20:59 - 00000000 ____D C:\Documents and Settings\Artur\.gstreamer-0.10 2015-12-30 04:16 - 2007-09-11 10:45 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2015-12-30 03:02 - 2007-09-11 11:39 - 00000000 ____D C:\WINDOWS\security 2015-12-30 02:55 - 2012-10-07 02:54 - 00796864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-12-30 02:55 - 2012-10-07 02:54 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-12-30 01:27 - 2012-10-06 08:39 - 00000000 ____D C:\Documents and Settings\Artur\Dane aplikacji\Malwarebytes 2015-12-30 00:56 - 2012-10-11 15:40 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2015-12-30 00:54 - 2007-09-11 10:10 - 00000000 ____D C:\Documents and Settings\Artur 2015-12-30 00:45 - 2014-11-09 00:44 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Java 2015-12-30 00:43 - 2012-10-07 00:06 - 00000000 ____D C:\Program Files\Java 2015-12-30 00:20 - 2007-09-11 10:10 - 00000000 ___HD C:\Documents and Settings\Artur\Ustawienia lokalne 2015-12-29 23:15 - 2014-12-21 23:36 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Futuremark 2015-12-29 23:15 - 2007-09-11 16:00 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2015-12-27 07:59 - 2011-12-30 08:14 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job 2015-12-27 00:54 - 2011-10-02 14:02 - 00000286 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1292428093-616249376-839522115-1003.job 2015-12-26 23:17 - 2012-09-17 14:08 - 00000600 _____ C:\Documents and Settings\Artur\Dane aplikacji\winscp.rnd 2015-12-25 17:07 - 2007-09-11 11:39 - 00000000 ___HD C:\WINDOWS\inf 2015-12-25 07:26 - 2010-09-07 18:59 - 00000000 ____D C:\Program Files\Opera 2015-12-25 04:45 - 2007-09-11 11:51 - 00000000 ____D C:\Documents and Settings\Artur\Dane aplikacji\WinRAR 2015-12-25 04:43 - 2007-09-11 10:10 - 00000000 ___RD C:\Documents and Settings\Artur\Menu Start 2015-12-24 21:31 - 2015-05-10 20:21 - 00000719 _____ C:\Documents and Settings\Artur\Pulpit\Internet Download Manager.lnk 2015-12-24 21:16 - 2015-02-16 01:45 - 00000825 _____ C:\Documents and Settings\Artur\Menu Start\µTorrent.lnk 2015-12-24 21:16 - 2013-10-10 23:13 - 00000825 _____ C:\Documents and Settings\Artur\Pulpit\µTorrent.lnk 2015-12-23 14:28 - 2015-11-08 20:57 - 00000216 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2015-12-20 23:53 - 2010-02-04 06:41 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\ALLPlayer 2015-12-20 21:48 - 2007-09-11 10:13 - 00147968 _____ C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-12-20 21:45 - 2012-06-02 18:22 - 00002323 _____ C:\Documents and Settings\All Users\Pulpit\SceneGrabber.NET.lnk 2015-12-20 17:13 - 2007-09-11 10:10 - 00000000 ___RD C:\Documents and Settings\Artur\Moje dokumenty\Moja muzyka 2015-12-20 00:24 - 2013-09-25 18:08 - 00000000 ____D C:\Documents and Settings\Artur\Pulpit\Screenshots 2015-12-05 09:46 - 2007-12-01 16:16 - 00000000 ____D C:\Documents and Settings\Artur\Dane aplikacji\foobar2000 ==================== Pliki w katalogu głównym wybranych folderów ======= 2010-04-26 23:31 - 2010-04-26 23:31 - 0000008 _____ () C:\Documents and Settings\Artur\Dane aplikacji\NMM-MetaData.db 2008-09-14 12:46 - 2009-04-26 09:55 - 0022328 _____ () C:\Documents and Settings\Artur\Dane aplikacji\PnkBstrK.sys 2011-12-21 21:48 - 2011-12-21 21:48 - 0000022 ___SH () C:\Documents and Settings\Artur\Dane aplikacji\Sys2662.Config.Repository.bin 2012-09-17 14:08 - 2015-12-26 23:17 - 0000600 _____ () C:\Documents and Settings\Artur\Dane aplikacji\winscp.rnd 2007-09-11 10:13 - 2015-12-20 21:48 - 0147968 _____ () C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2010-08-01 09:55 - 2010-08-01 09:55 - 0000512 _____ () C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\FASTWiz.html 2010-08-01 09:55 - 2010-08-01 09:55 - 0000635 _____ () C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\FASTWiz.log 2007-09-12 11:05 - 2007-09-12 11:05 - 0000130 _____ () C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\fusioncache.dat 2015-11-04 02:46 - 2015-11-04 02:46 - 0000036 _____ () C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\housecall.guid.cache 2012-09-18 10:54 - 2014-12-02 05:52 - 0000600 _____ () C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\PUTTY.RND 2013-01-27 20:47 - 2013-01-27 20:47 - 0050968 _____ () C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\recently-used.xbel 2015-11-05 14:34 - 2015-11-08 16:11 - 0000010 _____ () C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\sponge.last.runtime.cache 2011-10-05 08:37 - 2011-10-05 08:37 - 0017408 _____ () C:\Documents and Settings\Artur\Ustawienia lokalne\Dane aplikacji\WebpageIcons.db 2007-09-11 14:42 - 2007-09-11 14:42 - 0000305 _____ () C:\Documents and Settings\All Users\Dane aplikacji\addr_file.html 2010-09-17 00:45 - 2010-09-17 00:45 - 0001824 _____ () C:\Documents and Settings\All Users\Dane aplikacji\__wdump.txt Pliki do przeniesienia lub usunięcia: ==================== C:\Windows\Tasks\{04057F47-7D7F-0408-0411-7D090808117F}.job ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo ==================== Koniec FRST.txt ============================