Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:09-01-2015 Uruchomiony przez Administrator (administrator) BAIT (10-01-2016 14:21:07) Uruchomiony z E:\FF Download Załadowane profile: postgres & Administrator (Dostępne profile: postgres & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 6 (Domyślna przeglądarka: IE) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe (HP) C:\WINDOWS\system32\HPSIsvc.exe () C:\WINDOWS\system32\srvany.exe () C:\WINDOWS\KMService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe (PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cistray.exe () C:\WINDOWS\system32\svhost.exe (Flux Software LLC) C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\FluxSoftware\Flux\flux.exe (BitTorrent Inc.) C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent\uTorrent.exe (BitTorrent Inc.) C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent\updates\3.4.5_41372\utorrentie.exe (BitTorrent Inc.) C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent\updates\3.4.5_41372\utorrentie.exe (Sysinternals - www.sysinternals.com) C:\Documents and Settings\Administrator\Pulpit\Programy\procexp.exe () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\fpdb.exe () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\HUD_main.exe (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe (COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\MagicHoldem_service.exe (Microsoft Corporation) C:\PROGRA~2\MICROS~1\Office14\OUTLOOK.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (AIMP DevTeam) C:\Programy_\AIMP3\AIMP3.exe (TU-Funs LIMITED) C:\Documents and Settings\All Users\Dane aplikacji\UWdMU\WdMan.exe (tsvr.com) C:\Documents and Settings\Administrator\Dane aplikacji\TSv\TSvr.exe (TODO: <公司名>) C:\Program Files\SFK\SSFK.exe (TODO: <公司名>) C:\Program Files\SFK\SSFK.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Kesemoholdings Limited) C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\MagicHoldem.exe (Kesemoholdings Limited) C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\MagicHoldem.exe (Kesemoholdings Limited) C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\MagicHoldem.exe (PokerStars) C:\Programy_\PokerStars2\PokerStars.exe () C:\Programy_\PokerStars2\gameutil2.exe () C:\Programy_\PokerStars2\br\PokerStarsBr.exe () C:\Programy_\PokerStars2\br\PokerStarsBr.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1361088 2015-08-10] (COMODO) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKLM\...\RunOnce: [IERESETATTRIB] => %SystemRoot%\system32\cmd.exe /d /q /c %SystemRoot%\system32\ieudinit.exe -ResetFileAttributes HKLM\...\RunOnce: [IE_BROWSEWM] => %SystemRoot%\system32\regsvr32.exe /s %SystemRoot%\system32\browsewm.dll HKLM\...\RunOnce: [IE_CDFVIEW] => %SystemRoot%\system32\regsvr32.exe /s %SystemRoot%\system32\cdfview.dll HKLM\...\RunOnce: [IE_DANIM] => %SystemRoot%\system32\regsvr32.exe /s %SystemRoot%\system32\danim.dll HKLM\...\RunOnce: [IE_DATIME] => %SystemRoot%\system32\regsvr32.exe /s %SystemRoot%\system32\datime.dll HKLM\...\RunOnce: [IE_LMRT] => %SystemRoot%\system32\regsvr32.exe /s %SystemRoot%\system32\lmrt.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_01] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\msdxm.ocx HKLM\...\RunOnce: [WMPWMP7_PTRAR_02] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmpui.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_03] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmpcore.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_04] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmp.ocx HKLM\...\RunOnce: [WMPWMP7_PTRAR_05] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmpcd.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_06] => %systemroot%\system32\regsvr32.exe /s "C:\Program Files\Windows Media Player\wmpband.dll" HKLM\...\RunOnce: [WMPWMP7_PTRAR_07] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmp.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_08] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmpshell.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_09] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmpasf.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_10] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmpdxm.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_11] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmpencen.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_12] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmpsrcwp.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_13] => %systemroot%\system32\cmd.exe /C "C:\Program Files\Windows Media Player\WMPEnc.exe" /RegServer HKLM\...\RunOnce: [WMPWMP7_PTRAR_14] => C:\WINDOWS\inf\unregmp2.exe [318976 2012-01-07] (Microsoft Corporation) HKLM\...\RunOnce: [WMPWMP7_PTRAR_15] => %systemroot%\system32\regsvr32.exe /s "C:\Program Files\Windows Media Connect 2\wmcsci.dll" HKLM\...\RunOnce: [WMPWMP7_PTRAR_16] => %systemroot%\system32\regsvr32.exe /s "C:\Program Files\Windows Media Connect 2\wmccpl.dll" HKLM\...\RunOnce: [WMPWMP7_PTRAR_17] => C:\WINDOWS\system32\cmd.exe /C "C:\Program Files\Windows Media Connect 2\Wmccds.exe" install HKLM\...\RunOnce: [WMPWMP7_PTRAR_20] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\Audiodev.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_21] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\dxmasf.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_22] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\qasf.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_23] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\msdxm.ocx HKLM\...\RunOnce: [WMPWMP7_PTRAR_24] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmp.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_25] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmpdxm.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_26] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmpasf.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_27] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmstream.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_28] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmnetmgr.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_29] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmv8dmod.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_30] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmvdmod.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_31] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmvdmoe2.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_32] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\qasf.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_33] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmadmoe.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_34] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmspdmod.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_35] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmspdmoe.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_36] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmsdmoe2.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_37] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmadmod.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_38] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\mpg4dmod.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_39] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\mp43dmod.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_40] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\mp4sdmod.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_41] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmsdmod.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_42] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\laprxy.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_43] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmvcore.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_44] => C:\WINDOWS\system32\logagent.exe [100864 2012-01-07] (Microsoft Corporation) HKLM\...\RunOnce: [WMPWMP7_PTRAR_45] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\drmclien.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_46] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\drmstor.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_47] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\drmv2clt.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_48] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\blackbox.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_49] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\msnetobj.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_50] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wpdconns.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_51] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wpdsp.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_52] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\WpdMtp.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_53] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\WpdMtpUS.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_54] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmvadvd.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_55] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wmvadve.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_56] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\MsPMSNSv.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_57] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wvc1dmod.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_58] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\wvc1dmoe.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_59] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\MSWMDM.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_60] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\MsPMSP.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_61] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\WMDMPS.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_62] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\WMDMLOG.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_63] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\cewmdm.dll HKLM\...\RunOnce: [WMPWMP7_PTRAR_64] => %systemroot%\system32\regsvr32.exe /s %systemroot%\system32\MSSCP.dll Winlogon\Notify\WBSrv: C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll [2015-01-31] (Stardock Corporation) HKLM\...\Policies\Explorer: [NoDesktopCleanupWizard] 1 HKLM\...\Policies\Explorer: [NoRemoteRecursiveEvents] 1 HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-19\...\Policies\Explorer: [NoSMHelp] 1 HKU\S-1-5-19\...\Policies\Explorer: [ForceClassicControlPanel] 1 HKU\S-1-5-19\...\Policies\Explorer: [NoSMMyPictures] 1 HKU\S-1-5-19\...\Policies\Explorer: [NoSMConfigurePrograms] 1 HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\...\Policies\Explorer: [NoSMHelp] 1 HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\...\Policies\Explorer: [ForceClassicControlPanel] 1 HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\...\Policies\Explorer: [NoSMMyPictures] 1 HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\...\Policies\Explorer: [NoSMConfigurePrograms] 1 HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\Run: [svhost] => C:\WINDOWS\System32\svhost.exe [444416 2015-01-26] () HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\Run: [f.lux] => C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\FluxSoftware\Flux\flux.exe [1017224 2015-02-06] (Flux Software LLC) HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\Run: [uTorrent] => C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent\uTorrent.exe [2026520 2015-12-04] (BitTorrent Inc.) HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\Policies\Explorer: [NoSMHelp] 1 HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\Policies\Explorer: [ForceClassicControlPanel] 1 HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\Policies\Explorer: [NoSMMyPictures] 1 HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\Policies\Explorer: [NoSMConfigurePrograms] 1 HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\MountPoints2: {3d87006c-a4b0-11e5-87a4-001fd06bb610} - G:\autorun.exe HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\MountPoints2: {8661d3e4-1e29-11e5-8779-001fd06bb610} - G:\setup.exe HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\MountPoints2: {9a2eba91-3f83-11e5-8782-001fd06bb610} - G:\setup.exe HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\MountPoints2: {9a2eba94-3f83-11e5-8782-001fd06bb610} - J:\setup.exe HKU\S-1-5-18\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N HKU\S-1-5-18\...\Policies\Explorer: [NoSMHelp] 1 HKU\S-1-5-18\...\Policies\Explorer: [ForceClassicControlPanel] 1 HKU\S-1-5-18\...\Policies\Explorer: [NoSMMyPictures] 1 HKU\S-1-5-18\...\Policies\Explorer: [NoSMConfigurePrograms] 1 HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> logon.scr AppInit_DLLs: wbsys.dll => C:\WINDOWS\system32\wbsys.dll [42672 2015-01-31] (Stardock.Net, Inc) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Programy_\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Programy_\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Programy_\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Programy_\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Programy_\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\AutorunsDisabled [2015-01-26] () BootExecute: ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Hosts: W pliku Hosts jest więcej niż jedno wejście. Sprawdź sekcję Hosts w Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{3385065D-16DE-4C4F-B28E-356E38F5D022}: [NameServer] 156.154.70.25,156.154.71.25 Tcpip\..\Interfaces\{3385065D-16DE-4C4F-B28E-356E38F5D022}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-1491950412-2009852829-4049741679-500\Software\Microsoft\Internet Explorer\Main,Local Page = hxxp://www.google.pl/ HKU\S-1-5-21-1491950412-2009852829-4049741679-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yoursites123.com/?type=hp&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 HKU\S-1-5-21-1491950412-2009852829-4049741679-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yoursites123.com/?type=hp&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 URLSearchHook: HKU\S-1-5-21-1491950412-2009852829-4049741679-1003 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) URLSearchHook: HKU\S-1-5-21-1491950412-2009852829-4049741679-500 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) SearchScopes: HKLM -> DefaultScope - brak wartości SearchScopes: HKU\S-1-5-21-1491950412-2009852829-4049741679-500 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://yoursites123.com/web?type=ds&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255&q={searchTerms} SearchScopes: HKU\S-1-5-21-1491950412-2009852829-4049741679-500 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://yoursites123.com/web?type=ds&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255&q={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Programy_\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-30] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Programy_\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-30] (Oracle Corporation) Toolbar: HKLM - QT Breadcrumbs Address Bar - {af83e43c-dd2b-4787-826b-31b17dee52ed} - C:\WINDOWS\system32\mscoree.dll [2010-03-18] (Microsoft Corporation) Toolbar: HKLM - QT TabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\WINDOWS\system32\mscoree.dll [2010-03-18] (Microsoft Corporation) Toolbar: HKLM - QT Tab Standard Buttons - {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - C:\WINDOWS\system32\mscoree.dll [2010-03-18] (Microsoft Corporation) Toolbar: HKU\S-1-5-21-1491950412-2009852829-4049741679-500 -> Brak nazwy - {EEF280F3-B6ED-46D8-A8FD-57BD0C4A9ECF} - Brak pliku Handler: AutorunsDisabled\ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2009-05-23] (Microsoft Corporation) Filter: AutorunsDisabled\text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL [2010-02-28] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437 FF NewTab: hxxp://www.yoursites123.com/newtab/?type=nt&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 FF DefaultSearchEngine: yoursites123 FF SelectedSearchEngine: webssearches FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-09] () FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-30] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-30] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Programy_\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google) FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Administrator\Dane aplikacji\mozilla\plugins\npo1d.dll [2014-06-06] (Google) FF SearchPlugin: C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\searchplugins\webssearches.xml [2015-12-14] FF SearchPlugin: C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\searchplugins\yoursites123.xml [2016-01-08] FF Extension: Anti-Porn Pro - The Best Anti-Porn Addon! - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\extensions\azhang@cloudacl.com.xpi [2015-05-29] FF Extension: Multirow Bookmarks Toolbar Plus - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\extensions\{4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064}.xpi [2015-05-30] FF Extension: Greasemonkey - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-12-18] FF Extension: LastPass - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\extensions\support@lastpass.com [2016-01-04] FF Extension: Firebug - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\Extensions\firebug@software.joehewitt.com.xpi [2015-10-27] FF Extension: Ghostery - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\Extensions\firefox@ghostery.com.xpi [2015-12-30] FF Extension: MEGA - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\Extensions\firefox@mega.co.nz.xpi [2015-12-24] FF Extension: Eliminator Slajdów - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\Extensions\jid0-GaZOxvWNYcafEsmayJDIG3XXVi8@jetpack.xpi [2015-09-17] FF Extension: Unseen - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\Extensions\unseen@tangrs.xpi [2015-05-29] FF Extension: uBlock - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2015-12-05] FF Extension: SeoQuake - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\Extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}.xpi [2015-12-18] FF Extension: Video DownloadHelper - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30] FF Extension: Adblock Plus - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-26] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\extensions\fftoolbar2014@etech.com => nie znaleziono FF HKLM\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\extensions\deskCutv2@gmail.com => nie znaleziono FF HKLM\...\Firefox\Extensions: [yahooprotected@gmail.com] - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\extensions\yahooprotected@gmail.com => nie znaleziono FF HKLM\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\extensions\default_newtabff@gmail.com => nie znaleziono StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.yoursites123.com/?type=sc&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 Chrome: ======= CHR HomePage: Default -> hxxp://www.yoursites123.com/?type=hp&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 CHR StartupUrls: Default -> "hxxp://www.yoursites123.com/?type=hp&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255" CHR DefaultSearchURL: Default -> hxxp://yoursites123.com/web?type=ds&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255&q={searchTerms} CHR DefaultSearchKeyword: Default -> yoursites123 CHR Profile: C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-19] CHR Extension: (Dysk Google) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-19] CHR Extension: (YouTube) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-19] CHR Extension: (Google Search) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-19] CHR Extension: (Arkusze Google) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-19] CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-19] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-19] CHR Extension: (Gmail) - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-19] StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe hxxp://www.yoursites123.com/?type=sc&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 StartMenuInternet: Google Chrome.2FMBYYJ4B447ORG7KFR2LWLLZY - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe StartMenuInternet: Google Chrome.HTNMJTF2D73PCI5HCM3ZEM5NIM - C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4353840 2015-09-15] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1664704 2015-08-10] (COMODO) S3 Disc Soft Lite Bus Service; C:\Programy_\DAEMON Tools Lite\DiscSoftBusService.exe [1082200 2015-12-20] (Disc Soft Ltd) R2 IhPul; C:\Documents and Settings\Administrator\Dane aplikacji\TSv\TSvr.exe [580752 2016-01-08] (tsvr.com) R2 KMService; C:\WINDOWS\system32\srvany.exe [8192 2015-01-26] () [Brak podpisu cyfrowego] R2 MagicHoldem; C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\MagicHoldemLauncher.exe [286505 2016-01-04] (Kessem Holdings Limited) [Brak podpisu cyfrowego] S4 Microsoft SharePoint Workspace Audit Service; C:\Programy_\Microsoft Office\Office14\GROOVE.EXE [30969208 2015-06-28] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2015-01-26] (NVIDIA Corporation) R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [Brak podpisu cyfrowego] S2 server; C:\Program Files\Window Update\server Update\server.exe [289496 2015-12-20] () S2 spupdsvc; C:\WINDOWS\system32\spupdsvc.exe [26144 2008-11-07] (Microsoft Corporation) R2 SSFK; C:\Program Files\SFK\SSFK.exe [158400 2016-01-08] (TODO: <公司名>) R2 stisvc; C:\WINDOWS\system32\wiaservc.dll [350720 2009-02-27] (Microsoft Corporation) [Brak podpisu cyfrowego] R2 WdMan; C:\Documents and Settings\All Users\Dane aplikacji\UWdMU\WdMan.exe [326656 2016-01-08] (TU-Funs LIMITED) [Brak podpisu cyfrowego] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) S3 androidusb; C:\WINDOWS\System32\Drivers\androidusb.sys [25728 2015-08-12] (Google Inc) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [15808 2015-08-05] (COMODO) R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [631872 2015-08-05] (COMODO) R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [30144 2015-08-05] (COMODO) R3 dtlitescsibus; C:\WINDOWS\System32\DRIVERS\dtlitescsibus.sys [26168 2015-12-20] (Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\DRIVERS\dtliteusbbus.sys [40504 2015-12-20] (Disc Soft Ltd) R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [105664 2015-08-05] (COMODO) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) R0 mv61xxmm; C:\WINDOWS\system32\Drivers\mv61xxmm.sys [14184 2014-05-17] (Marvell Semiconductor Inc.) R0 mv64xxmm; C:\WINDOWS\system32\Drivers\mv64xxmm.sys [5632 2014-05-17] (Marvell Semiconductor Inc.) [Brak podpisu cyfrowego] R0 mvxxmm; C:\WINDOWS\system32\Drivers\mvxxmm.sys [14184 2014-05-17] (Marvell Semiconductor Inc.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) S3 paeusbaudio; C:\WINDOWS\System32\DRIVERS\paeusbaudio.sys [195448 2012-05-24] () S3 paeusbaudiodsp; C:\WINDOWS\System32\DRIVERS\paeusbaudiodsp.sys [60280 2012-05-24] () S3 paeusbaudioks; C:\WINDOWS\System32\DRIVERS\paeusbaudioks.sys [42872 2012-05-24] () S3 qcusbnet; C:\WINDOWS\System32\DRIVERS\innosusbnet.sys [425984 2015-08-12] (QUALCOMM Incorporated) S3 qcusbser; C:\WINDOWS\System32\DRIVERS\innosusbser.sys [311936 2015-08-12] (QUALCOMM Incorporated) R0 SscRdBus; C:\WINDOWS\System32\DRIVERS\SscRdBus.sys [129096 2013-08-01] (SuperSpeed LLC) R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2014-05-17] (Microsoft Corporation) [Brak podpisu cyfrowego] S4 IntelIde; Brak ImagePath U4 WinRM; Brak ImagePath U1 WS2IFSL; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-01-10 14:19 - 2016-01-10 14:21 - 00000000 ____D C:\FRST 2016-01-10 10:33 - 2016-01-10 12:33 - 00000001 _____ C:\WINDOWS\system32\pl.html 2016-01-10 09:54 - 2016-01-10 14:03 - 00549034 _____ C:\WINDOWS\system322016-01-10.cfg 2016-01-09 10:02 - 2014-03-06 18:58 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\OLD748.tmp 2016-01-09 10:02 - 2014-03-06 18:58 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\OLD747.tmp 2016-01-09 10:02 - 2012-01-07 23:17 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\OLD743.tmp 2016-01-09 10:02 - 2012-01-07 23:17 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\OLD742.tmp 2016-01-09 10:02 - 2012-01-07 23:17 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\OLD741.tmp 2016-01-09 09:54 - 2016-01-09 09:54 - 00000103 _____ C:\WINDOWS\pro.INI 2016-01-09 08:40 - 2016-01-09 17:24 - 00536596 _____ C:\WINDOWS\system322016-01-09.cfg 2016-01-08 09:40 - 2016-01-08 22:55 - 00000000 ____D C:\Program Files\WinZipper 2016-01-08 09:40 - 2016-01-08 09:40 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\WinZipper 2016-01-08 09:38 - 2016-01-10 13:31 - 00000000 ____D C:\Program Files\SFK 2016-01-08 09:38 - 2016-01-08 09:38 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\TSv 2016-01-08 09:36 - 2016-01-08 09:37 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\UWdMU 2016-01-08 09:36 - 2016-01-08 09:36 - 00000146 _____ C:\Documents and Settings\All Users\Dane aplikacji\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2016-01-08 06:29 - 2016-01-08 23:03 - 00530856 _____ C:\WINDOWS\system322016-01-08.cfg 2016-01-07 08:06 - 2016-01-07 22:45 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-01-07 08:04 - 2016-01-07 23:45 - 00521033 _____ C:\WINDOWS\system322016-01-07.cfg 2016-01-06 19:09 - 2016-01-06 19:09 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\calibre-cache 2016-01-06 18:54 - 2016-01-06 20:15 - 00000000 ____D C:\Documents and Settings\Administrator\Moje dokumenty\Biblioteka calibre 2016-01-06 18:54 - 2016-01-06 19:23 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\calibre 2016-01-06 18:48 - 2016-01-06 18:49 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\calibre - E-book Management 2016-01-06 00:00 - 2016-01-06 23:10 - 00511084 _____ C:\WINDOWS\system322016-01-06.cfg 2016-01-05 00:00 - 2016-01-05 23:59 - 00470096 _____ C:\WINDOWS\system322016-01-05.cfg 2016-01-04 23:48 - 2016-01-04 23:55 - 00000218 _____ C:\Documents and Settings\Administrator\Pulpit\Nowy Dokument tekstowy (2).txt 2016-01-04 20:57 - 2016-01-04 20:57 - 00000169 _____ C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem_SettingsPath.txt 2016-01-04 20:56 - 2016-01-04 20:56 - 00001265 _____ C:\Documents and Settings\Administrator\Pulpit\MagicHoldem.lnk 2016-01-04 20:56 - 2016-01-04 20:56 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\MagicHoldem 2016-01-04 20:56 - 2016-01-04 20:56 - 00000000 ____D C:\Documents and Settings\Administrator\Menu Start\Programy\MagicHoldem 2016-01-04 20:55 - 2016-01-08 08:47 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem 2016-01-04 20:50 - 2016-01-04 20:50 - 00000548 _____ C:\WINDOWS\IE4 Error Log.txt 2016-01-04 00:00 - 2016-01-04 23:59 - 00445847 _____ C:\WINDOWS\system322016-01-04.cfg 2016-01-03 00:01 - 2016-01-03 23:57 - 00425244 _____ C:\WINDOWS\system322016-01-03.cfg 2016-01-02 00:00 - 2016-01-02 23:59 - 00397724 _____ C:\WINDOWS\system322016-01-02.cfg 2016-01-01 11:53 - 2016-01-01 23:58 - 00363021 _____ C:\WINDOWS\system322016-01-01.cfg 2015-12-31 10:16 - 2015-12-31 19:20 - 00333331 _____ C:\WINDOWS\system322015-12-31.cfg 2015-12-30 14:32 - 2015-12-30 14:33 - 00000000 ____D C:\Documents and Settings\Administrator\Pulpit\fpdb-0.40.5 2015-12-30 00:01 - 2015-12-30 22:59 - 00323538 _____ C:\WINDOWS\system322015-12-30.cfg 2015-12-29 00:23 - 2015-12-29 23:58 - 00311433 _____ C:\WINDOWS\system322015-12-29.cfg 2015-12-28 22:00 - 2015-12-28 22:00 - 00000000 ____D C:\Program Files\Common Files\Skype 2015-12-28 22:00 - 2015-12-28 22:00 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Skype 2015-12-28 09:35 - 2015-12-28 09:35 - 00009328 _____ C:\index.html 2015-12-28 08:58 - 2015-12-28 23:25 - 00302788 _____ C:\WINDOWS\system322015-12-28.cfg 2015-12-27 00:45 - 2015-12-27 18:07 - 00294203 _____ C:\WINDOWS\system322015-12-27.cfg 2015-12-26 12:52 - 2015-12-26 12:52 - 00000000 ____D C:\Program Files\yessearches-bnd 2015-12-26 12:39 - 2015-12-26 12:39 - 00001197 _____ C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\recently-used.xbel 2015-12-26 12:31 - 2015-12-26 12:32 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Deployment 2015-12-26 11:49 - 2015-12-26 23:39 - 00285142 _____ C:\WINDOWS\system322015-12-26.cfg 2015-12-25 12:17 - 2015-12-25 12:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB958655-v2$ 2015-12-25 12:17 - 2015-12-25 12:17 - 00000000 ____D C:\WINDOWS\system32\DllCache 2015-12-25 12:16 - 2015-12-25 12:17 - 04445184 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msi.dll 2015-12-25 10:07 - 2015-12-25 19:47 - 00267018 _____ C:\WINDOWS\system322015-12-25.cfg 2015-12-24 14:00 - 2016-01-04 20:57 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Kesemoholdings_Limited 2015-12-24 12:58 - 2015-12-24 13:01 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Poker Pro Labs 2015-12-24 12:58 - 2015-12-24 12:58 - 00000000 ____D C:\Documents and Settings\Administrator\Moje dokumenty\Poker Pro Labs 2015-12-24 12:52 - 2015-12-24 12:55 - 00000000 ____D C:\Program Files\Poker Pro Labs 2015-12-24 08:44 - 2015-12-24 23:05 - 00200432 _____ C:\WINDOWS\system322015-12-24.cfg 2015-12-23 00:18 - 2015-12-23 23:36 - 00174597 _____ C:\WINDOWS\system322015-12-23.cfg 2015-12-22 15:17 - 2015-12-22 23:15 - 00154725 _____ C:\WINDOWS\system322015-12-22.cfg 2015-12-21 18:34 - 2015-12-21 18:34 - 00272384 _____ (CANON INC.) C:\WINDOWS\system32\CNMLM9Y.DLL 2015-12-21 18:34 - 2015-12-21 18:34 - 00015872 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA.dll 2015-12-21 18:34 - 2008-12-01 11:20 - 00012544 _____ C:\WINDOWS\system32\CNC173CD.TBL 2015-12-21 00:05 - 2015-12-21 23:41 - 00146113 _____ C:\WINDOWS\system322015-12-21.cfg 2015-12-20 23:50 - 2016-01-03 00:07 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\Might & Magic Heroes VI 2015-12-20 23:50 - 2015-12-21 00:00 - 00000000 ____D C:\Documents and Settings\Administrator\Moje dokumenty\Might & Magic Heroes VI 2015-12-20 23:50 - 2015-12-20 23:50 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Orbit 2015-12-20 23:43 - 2015-12-20 23:43 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Chromium 2015-12-20 23:36 - 2015-12-20 23:37 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Ubisoft 2015-12-20 23:36 - 2015-12-20 23:36 - 00000695 _____ C:\Documents and Settings\All Users\Pulpit\Might & Magic Heroes VI - Shades of Darkness.lnk 2015-12-20 23:34 - 2015-12-20 23:34 - 00000000 ____D C:\Program Files\Ubisoft 2015-12-20 23:34 - 2015-12-20 23:34 - 00000000 ____D C:\Documents and Settings\Administrator\Menu Start\Programy\Ubisoft 2015-12-20 23:30 - 2015-12-20 23:30 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Disc_Soft_Ltd 2015-12-20 23:27 - 2016-01-10 13:28 - 00001534 _____ C:\WINDOWS\Tasks\task Update.job 2015-12-20 23:26 - 2015-12-20 23:28 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\DAEMON Tools Lite 2015-12-20 23:26 - 2015-12-20 23:26 - 00040504 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys 2015-12-20 23:26 - 2015-12-20 23:26 - 00026168 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys 2015-12-20 23:26 - 2015-12-20 23:26 - 00000000 ____D C:\Program Files\Window Update 2015-12-20 23:25 - 2015-12-20 23:25 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite 2015-12-20 09:37 - 2015-12-20 23:50 - 00127436 _____ C:\WINDOWS\system322015-12-20.cfg 2015-12-19 13:57 - 2015-12-19 13:57 - 00000000 _____ C:\m.txt 2015-12-19 00:03 - 2015-12-19 23:24 - 00115653 _____ C:\WINDOWS\system322015-12-19.cfg 2015-12-18 11:05 - 2015-12-26 22:14 - 00000342 _____ C:\1.html 2015-12-18 08:34 - 2015-12-18 22:20 - 00059751 _____ C:\WINDOWS\system322015-12-18.cfg 2015-12-17 08:34 - 2015-12-17 23:27 - 00011623 _____ C:\WINDOWS\system322015-12-17.cfg 2015-12-16 22:15 - 2015-12-18 15:54 - 00000000 ____D C:\logus 2015-12-16 08:44 - 2015-12-16 23:50 - 00012735 _____ C:\WINDOWS\system322015-12-16.cfg 2015-12-15 22:19 - 2015-12-15 13:17 - 00000000 ____D C:\Documents and Settings\Administrator\Pulpit\CAŁA STRONA 2015-12-15 21:59 - 2015-12-15 22:00 - 79450192 _____ C:\Documents and Settings\Administrator\Pulpit\CAŁA STRONA.rar 2015-12-15 13:46 - 2015-12-15 22:19 - 00000000 ____D C:\Documents and Settings\Administrator\Moje dokumenty\Pobrane 2015-12-15 08:34 - 2015-12-15 22:45 - 00619223 _____ C:\WINDOWS\system322015-12-15.cfg 2015-12-14 23:02 - 2016-01-08 09:36 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Tmp0x0x 2015-12-14 23:02 - 2015-12-14 23:06 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\istartpageing 2015-12-14 14:32 - 2015-12-14 14:32 - 00090112 _____ C:\WINDOWS\Minidump\Mini121415-01.dmp 2015-12-14 09:36 - 2015-12-14 09:36 - 00000000 ____D C:\Documents and Settings\postgres\Ustawienia lokalne\Dane aplikacji\COMODO 2015-12-14 09:07 - 2015-12-14 23:16 - 00603653 _____ C:\WINDOWS\system322015-12-14.cfg 2015-12-13 20:50 - 2015-12-13 21:12 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\PokerTracker 4 2015-12-13 20:50 - 2015-12-13 20:50 - 00004967 _____ C:\Documents and Settings\All Users\Dane aplikacji\flwjycbm.bab 2015-12-13 20:50 - 2015-12-13 20:50 - 00000016 _____ C:\Documents and Settings\All Users\Dane aplikacji\mntemp 2015-12-13 20:50 - 2015-12-13 20:50 - 00000000 ____D C:\Documents and Settings\Administrator\Menu Start\Programy\PokerTracker 4 2015-12-13 09:36 - 2015-12-13 23:21 - 00569580 _____ C:\WINDOWS\system322015-12-13.cfg 2015-12-12 11:13 - 2015-12-12 22:49 - 00553166 _____ C:\WINDOWS\system322015-12-12.cfg ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-01-10 14:21 - 2015-01-26 20:10 - 00549034 _____ C:\WINDOWS\system32\svchost.html 2016-01-10 14:21 - 2015-01-26 17:43 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent 2016-01-10 14:21 - 2015-01-26 15:25 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\NetSpeedMonitor 2016-01-10 14:21 - 2015-01-26 15:01 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp 2016-01-10 14:20 - 2015-01-26 16:05 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\AIMP3 2016-01-10 14:19 - 2015-06-28 23:35 - 00000000 ____D C:\Documents and Settings\Administrator\Moje dokumenty\Pliki programu Outlook 2016-01-10 14:19 - 2015-01-26 15:27 - 00000000 ____D C:\WINDOWS 2016-01-10 14:15 - 2015-01-26 19:08 - 01474784 _____ C:\WINDOWS\system32\Drivers\sfi.dat 2016-01-10 14:06 - 2015-09-08 09:04 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-10 14:03 - 2015-02-06 21:28 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-01-10 13:39 - 2015-01-26 19:34 - 00009758 _____ C:\WINDOWS\system32\nvAppTimestamps 2016-01-10 13:38 - 2015-10-30 12:50 - 00015725 _____ C:\Documents and Settings\Administrator\Pulpit\poker.xlsx 2016-01-10 13:38 - 2015-01-26 14:56 - 00000000 ____D C:\Documents and Settings\Administrator\Pulpit 2016-01-10 13:08 - 2015-01-26 19:08 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job 2016-01-10 12:55 - 2015-01-26 19:08 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job 2016-01-10 12:03 - 2015-06-28 23:40 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\LastPass 2016-01-10 10:10 - 2015-06-28 23:35 - 00000000 ____D C:\Documents and Settings\Administrator\Moje dokumenty\fullrecalldb 2016-01-10 09:25 - 2015-01-26 17:54 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat 2016-01-10 09:25 - 2015-01-26 14:56 - 00032406 _____ C:\WINDOWS\SchedLgU.Txt 2016-01-09 16:52 - 2015-01-26 17:43 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\vlc 2016-01-09 15:37 - 2015-01-26 16:10 - 00120320 _____ C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-01-09 10:02 - 2015-01-26 15:27 - 00000000 ___HD C:\WINDOWS\inf 2016-01-09 09:56 - 2015-01-26 19:29 - 00000000 ____D C:\WINDOWS\LastGood 2016-01-09 09:53 - 2015-06-28 23:37 - 00000000 ____D C:\Programy_ 2016-01-09 09:53 - 2015-01-26 15:34 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy 2016-01-09 09:53 - 2015-01-26 15:04 - 00000000 ____D C:\Program Files\7-Zip 2016-01-09 09:51 - 2015-01-26 19:03 - 00796864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2016-01-09 09:51 - 2015-01-26 19:03 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2016-01-09 09:51 - 2015-01-26 16:13 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe 2016-01-08 22:06 - 2015-09-08 09:04 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-08 19:08 - 2015-01-26 19:08 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job 2016-01-08 09:40 - 2015-01-26 14:56 - 00000000 __RHD C:\Documents and Settings\Administrator\Dane aplikacji 2016-01-08 09:37 - 2015-09-08 09:05 - 00002009 _____ C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2016-01-08 09:37 - 2015-01-26 15:56 - 00001858 _____ C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk 2016-01-08 09:36 - 2015-01-26 15:32 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2016-01-08 09:25 - 2015-06-28 23:46 - 00001444 _____ C:\Documents and Settings\Administrator\Pulpit\MM.txt 2016-01-08 08:38 - 2015-08-28 07:10 - 00000000 ____D C:\Documents and Settings\Administrator\Pulpit\Dabest 2016-01-07 22:45 - 2015-01-26 15:56 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-01-07 19:50 - 2015-06-28 23:44 - 00000000 ____D C:\Documents and Settings\Administrator\Pulpit\1M 2016-01-07 09:37 - 2015-06-28 23:46 - 00000883 _____ C:\Documents and Settings\Administrator\Pulpit\video.txt 2016-01-06 20:01 - 2015-06-28 23:46 - 00000000 ____D C:\Documents and Settings\Administrator\Pulpit\UO 2016-01-06 20:00 - 2015-06-28 23:46 - 00000000 ____D C:\Documents and Settings\Administrator\Pulpit\Programy 2016-01-06 20:00 - 2015-01-26 15:34 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2016-01-06 19:24 - 2015-01-26 14:56 - 00000000 ___RD C:\Documents and Settings\Administrator\Moje dokumenty 2016-01-06 19:09 - 2015-01-26 14:56 - 00000000 ___HD C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji 2016-01-04 23:10 - 2015-06-28 23:39 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\Skype 2016-01-04 20:56 - 2015-01-26 14:56 - 00000000 ___RD C:\Documents and Settings\Administrator\Menu Start\Programy 2016-01-04 20:52 - 2015-11-01 16:46 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Hold'em_Manager 2016-01-04 20:41 - 2015-11-01 16:52 - 00000000 ____D C:\Documents and Settings\Administrator\.matplotlib 2016-01-04 20:39 - 2015-01-26 19:08 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job 2016-01-04 20:38 - 2015-01-26 14:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-04 20:38 - 2015-01-26 14:56 - 00000000 __SHD C:\WINDOWS\CSC 2016-01-04 20:38 - 2008-04-15 21:00 - 00002184 _____ C:\WINDOWS\system32\wpa.dbl 2015-12-30 15:12 - 2015-01-26 14:56 - 00000000 ____D C:\Documents and Settings\Administrator 2015-12-29 10:03 - 2015-06-28 23:45 - 00000000 ____D C:\Documents and Settings\Administrator\Pulpit\Katalogowanie 2015-12-28 22:00 - 2015-06-28 23:42 - 00000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Skype 2015-12-28 22:00 - 2015-01-26 17:54 - 00000000 ___RD C:\Program Files\Skype 2015-12-28 22:00 - 2015-01-26 17:54 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Skype 2015-12-28 10:00 - 2015-01-26 16:00 - 00003257 _____ C:\WINDOWS\WINCMD.INI 2015-12-28 09:34 - 2015-01-26 16:00 - 00003276 _____ C:\WINDOWS\wcx_ftp.ini 2015-12-26 13:05 - 2015-01-26 15:30 - 00000211 ___SH C:\boot.ini 2015-12-26 13:05 - 2008-04-15 21:00 - 00000582 _____ C:\WINDOWS\win.ini 2015-12-26 13:05 - 2008-04-15 21:00 - 00000227 _____ C:\WINDOWS\system.ini 2015-12-25 15:17 - 2015-11-01 16:49 - 00000000 ____D C:\Documents and Settings\Administrator\Pulpit\Poker 2015-12-25 12:17 - 2015-01-26 15:35 - 00001393 _____ C:\WINDOWS\imsins.BAK 2015-12-25 12:11 - 2015-11-01 16:52 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\fpdb 2015-12-24 10:40 - 2015-01-26 15:06 - 01106020 _____ C:\WINDOWS\setupapi.log.0.old 2015-12-21 18:35 - 2015-01-26 15:27 - 00000000 ____D C:\WINDOWS\Media 2015-12-20 23:48 - 2015-01-26 16:29 - 00131072 _____ C:\WINDOWS\system32\config\OAlerts.evt 2015-12-20 23:48 - 2015-01-26 14:56 - 00000188 ___SH C:\Documents and Settings\LocalService\ntuser.ini 2015-12-20 23:48 - 2015-01-26 14:56 - 00000188 ___SH C:\Documents and Settings\Administrator\ntuser.ini 2015-12-20 23:35 - 2015-01-26 15:06 - 00000000 ____D C:\WINDOWS\system32\directx 2015-12-20 23:29 - 2015-01-26 15:12 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2015-12-20 23:27 - 2015-01-26 15:34 - 00000000 ___RD C:\Documents and Settings\All Users\Dokumenty 2015-12-15 22:43 - 2015-01-26 16:50 - 00000000 ____D C:\Documents and Settings\Administrator\Dane aplikacji\Adobe 2015-12-15 20:51 - 2015-02-07 05:12 - 00000000 ____D C:\VProRecovery 2015-12-14 14:32 - 2015-06-29 07:06 - 00000000 ____D C:\WINDOWS\Minidump 2015-12-13 20:52 - 2015-11-01 16:03 - 00000188 ___SH C:\Documents and Settings\postgres\ntuser.ini 2015-12-12 11:45 - 2015-06-28 23:46 - 00000000 ____D C:\Documents and Settings\Administrator\Pulpit\Pic ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-06-30 19:22 - 2015-06-30 19:22 - 0000049 ____H () C:\Documents and Settings\Administrator\Dane aplikacji\MaxBulk registration.ini 2015-01-26 16:10 - 2016-01-09 15:37 - 0120320 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-01-04 20:57 - 2016-01-04 20:57 - 0000169 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem_SettingsPath.txt 2015-12-26 12:39 - 2015-12-26 12:39 - 0001197 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\recently-used.xbel 2015-12-13 20:50 - 2015-12-13 20:50 - 0004967 _____ () C:\Documents and Settings\All Users\Dane aplikacji\flwjycbm.bab 2015-12-13 20:50 - 2015-12-13 20:50 - 0000016 _____ () C:\Documents and Settings\All Users\Dane aplikacji\mntemp 2016-01-08 09:36 - 2016-01-08 09:36 - 0000146 _____ () C:\Documents and Settings\All Users\Dane aplikacji\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Pliki do przeniesienia lub usunięcia: ==================== C:\Documents and Settings\Administrator\Del1281.bat C:\Documents and Settings\Default User\Del1281.bat C:\Documents and Settings\postgres\Del1281.bat Niektóre pliki w TEMP: ==================== C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\A~NSISu_.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\bandoffer.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\bandoffer[1].exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\bitool.dll C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\ICReinstall_NapiProjekt(19170)-dp.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\KMP_3.2.0.0.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\siinst.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\SkypeSetup.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\SoftonicAssistant_v0-1-6.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\strings.dll C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\utt19A.tmp.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\utt1A2.tmp.exe C:\Documents and Settings\Administrator\Ustawienia lokalne\Temp\WLAN.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe [2011-08-01 02:09] - [2011-08-01 02:09] - 2549760 ____A (Microsoft Corporation) DCA5A6EF20D7AC2B0214C1D7FD4AAE5F C:\WINDOWS\system32\winlogon.exe [2009-02-27 19:15] - [2009-02-27 19:15] - 0559616 ____A (Microsoft Corporation) CEF41B7F252C18D841769D72EA33D086 C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll [2009-05-20 23:25] - [2009-05-20 23:25] - 0631296 ____A (Microsoft Corporation) EFF0EB33111C9CB9EE5244A6B270F856 C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo ==================== Koniec FRST.txt ============================