Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:05-03-2016 01 Uruchomiony przez samsung (administrator) YOUR-D9F4EA9690 (18-03-2016 20:28:21) Uruchomiony z C:\Documents and Settings\samsung\Moje dokumenty\Downloads Załadowane profile: samsung (Dostępne profile: samsung) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 8 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Tencent) C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QQPCRTP.exe () C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) C:\PROGRA~1\COMMON~1\McAfee\MNA\McNASvc.exe (McAfee, Inc.) C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe (McAfee, Inc.) C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe (McAfee, Inc.) C:\Program Files\McAfee\MPF\MpfSrv.exe (McAfee, Inc.) C:\Program Files\McAfee\MSK\msksrver.exe (TData.com) C:\Program Files\TData\TData.exe (McAfee, Inc.) C:\PROGRA~1\McAfee.com\Agent\mcagent.exe (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.5.0\bin\jusched.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe (SAMSUNG Electronics Co., Ltd.) C:\Program Files\Samsung\MagicKBD\MagicKBD.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\MagicKBD\PerformanceManager.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Intel Corporation) C:\WINDOWS\system32\igfxext.exe () C:\PROGRA~1\Samsung\SAMSUN~2\SUPNOT~1.EXE (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre1.5.0\bin\jusched.exe [36972 2009-08-24] (Sun Microsystems, Inc.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17881600 2009-05-21] (Realtek Semiconductor Corp.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1044480 2008-08-28] (Synaptics, Inc.) HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated) HKLM\...\Run: [SUPBackground] => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [298664 2009-05-20] () HKLM\...\Run: [BatteryManager] => C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe [3153408 2009-06-01] () HKLM\...\Run: [MagicKeyboard] => C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe [151552 2006-05-14] () HKLM\...\Run: [DMHotKey] => C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe [466944 2006-12-27] (SAMSUNG Electronics) HKLM\...\Run: [fsi] => C:\Program Files\Phoenix Technologies Ltd\FailSafe\FailSafeLauncher.exe [9216 2009-07-07] () HKLM\...\Run: [mcagent_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [645328 2009-01-08] (McAfee, Inc.) HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.) HKLM\...\Run: [ QQPCTray] => C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QQPCTRAY.EXE [355296 2016-03-18] (Tencent) HKU\S-1-5-21-3507507629-3610909-541461595-1005\...\Run: [BatteryLifeExtender] => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [550912 2009-03-13] (Samsung Electronics. Co. Ltd.) HKU\S-1-5-21-3507507629-3610909-541461595-1005\...\Run: [ChomikBox] => C:\Program Files\ChomikBox\ChomikBox.exe [3939840 2015-12-10] ( ) HKU\S-1-5-21-3507507629-3610909-541461595-1005\...\Run: [GG] => C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe [4078144 2016-01-27] (GG Network S.A.) HKU\S-1-5-21-3507507629-3610909-541461595-1005\...\MountPoints2: {a646249a-008e-11df-9bb8-806d6172696f} - E:\Install.exe HKU\S-1-5-21-3507507629-3610909-541461595-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\IMAGIN~1.SCR [1744896 2007-02-26] (TopThinks, INC.) ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => Brak pliku Startup: C:\Documents and Settings\samsung\Menu Start\Programy\Autostart\Adobe Gamma.lnk [2016-01-02] ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) BootExecute: autocheck autochk * ffnd.exe {949E979C-EB1F-11DB-92AC-22C456D89593} CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{322A91FE-6692-44B6-A3A5-2FF61892B754}: [DhcpNameServer] 192.168.43.1 Internet Explorer: ================== HKU\S-1-5-21-3507507629-3610909-541461595-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=8&ar=msnhome URLSearchHook: [S-1-5-21-3507507629-3610909-541461595-1005] UWAGA => Brak domyślnego URLSearchHook URLSearchHook: HKU\S-1-5-21-3507507629-3610909-541461595-1005 - (Brak nazwy) - {0633EE93-D776-472f-A0FF-E1416B8B2E3D} - Brak pliku SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN SearchScopes: HKU\S-1-5-21-3507507629-3610909-541461595-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = SearchScopes: HKU\S-1-5-21-3507507629-3610909-541461595-1005 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated) BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> C:\Program Files\McAfee\MSK\MskAPBho.dll [2009-01-09] () BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-01-09] (McAfee, Inc.) BHO: Pomocnik rejestracji usługi Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2008-09-04] () Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2008-09-04] () DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2008-09-04] () FireFox: ======== FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.) FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @qq.com/QQPCMgr -> C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\npQMExtensionsMozilla.dll [2016-03-18] (Tencent Technology (Shenzhen) Company Limited) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.) FF HKLM\...\Firefox\Extensions: [{B7082FAA-CB62-4872-9106-E42DD88EDE45}] - C:\Program Files\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2016-01-03] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2016-01-10] [Brak podpisu cyfrowego] Chrome: ======= CHR Profile: C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-02] CHR Extension: (Dokumenty Google) - C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-02] CHR Extension: (Dysk Google) - C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-02] CHR Extension: (YouTube) - C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-02] CHR Extension: (Google Search) - C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-02] CHR Extension: (Arkusze Google) - C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-02] CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-02] CHR Extension: (电脑管家上网防护) - C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-03-18] CHR Extension: (Gmail) - C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-02] CHR Profile: C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1 CHR Extension: (Dokumenty Google) - C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-18] CHR Extension: (Dysk Google) - C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-18] CHR Extension: (YouTube) - C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-18] CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-18] CHR Extension: (Gmail) - C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-18] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-01-02] (Adobe Systems) [Brak podpisu cyfrowego] S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [198432 2008-09-18] () R2 mcmscsvc; C:\Program Files\McAfee\MSC\mcmscsvc.exe [797864 2009-01-08] (McAfee, Inc.) R2 McNASvc; c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe [2482848 2009-01-09] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [365072 2009-01-09] (McAfee, Inc.) R2 McProxy; c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe [359952 2009-01-09] (McAfee, Inc.) R2 McShield; C:\Program Files\McAfee\VirusScan\Mcshield.exe [144704 2009-01-09] (McAfee, Inc.) S4 McSysmon; C:\Program Files\McAfee\VirusScan\mcsysmon.exe [606736 2009-01-09] (McAfee, Inc.) R2 MpfService; C:\Program Files\McAfee\MPF\MPFSrv.exe [884360 2009-01-09] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\McAfee\MSK\MskSrver.exe [26640 2009-01-09] (McAfee, Inc.) R2 QQPCRTP; C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QQPCRTP.exe [301728 2016-03-18] (Tencent) S3 TAOFrame; C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\TAOFrame.exe [297952 2016-03-18] (Tencent) R2 TDataSvr; C:\Program Files\TData\TData.exe [104680 2016-03-18] (TData.com) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-06] (Creative) R3 AR5416; C:\WINDOWS\System32\DRIVERS\athw.sys [1570240 2009-06-04] (Atheros Communications, Inc.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) R2 DOSMEMIO; C:\WINDOWS\system32\MEMIO.SYS [4300 2005-10-27] () [Brak podpisu cyfrowego] R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [55152 2009-02-06] (Microsoft Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [79304 2009-01-09] (McAfee, Inc.) R3 mfebopk; C:\WINDOWS\System32\drivers\mfebopk.sys [35272 2009-01-09] (McAfee, Inc.) R1 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [213640 2009-01-09] (McAfee, Inc.) S3 mferkdk; C:\WINDOWS\System32\drivers\mferkdk.sys [34216 2009-01-09] (McAfee, Inc.) S3 mfesmfk; C:\WINDOWS\System32\drivers\mfesmfk.sys [40552 2009-01-09] (McAfee, Inc.) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.) R2 MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [120136 2008-10-23] (McAfee, Inc.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R2 QQSysMon; C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\QQSysMon.sys [108984 2016-03-18] (电脑管家) R2 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator.sys [114616 2016-03-18] (Tencent) R2 TAOKernelDriver; C:\WINDOWS\system32\Drivers\TAOKernelXP.sys [138552 2016-03-18] (Tencent Technology(Shenzhen) Company Limited) R3 TFsFlt; C:\WINDOWS\System32\Drivers\TFsFlt.sys [150072 2016-03-18] (电脑管家) R3 TS888; C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\TS888.sys [39928 2016-03-18] (Tencent) R1 TSDefenseBt; C:\WINDOWS\System32\DRIVERS\TSDefenseBt.sys [14008 2016-03-18] (Tencent) R0 TsFltMgr; C:\WINDOWS\System32\drivers\TsFltMgr.sys [128280 2016-01-14] (电脑管家) R1 TSKSP; C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\TSKsp.sys [210072 2016-03-18] (电脑管家) S3 TSSK; C:\WINDOWS\System32\tssk.sys [67896 2016-03-18] (电脑管家) R1 TSSysKit; C:\Program Files\Tencent\QQPCMgr\11.1.16923.222\TSSysKit.sys [101560 2016-03-18] (电脑管家) R3 VMC33F; C:\WINDOWS\System32\Drivers\VMC33F.sys [237952 2009-07-01] (Vimicro Corporation) S4 IntelIde; Brak ImagePath S3 massfilter; system32\drivers\massfilter.sys [X] U1 WS2IFSL; Brak ImagePath S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-03-18 19:43 - 2010-03-08 11:10 - 00009216 _____ (Kephyr) C:\WINDOWS\system32\ffnd.exe 2016-03-18 17:19 - 2016-03-18 17:24 - 00000000 ____D C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\FreeFixer 2016-03-18 17:19 - 2016-03-18 17:19 - 00000000 ____D C:\Program Files\FreeFixer 2016-03-18 17:19 - 2016-03-18 17:19 - 00000000 ____D C:\Documents and Settings\samsung\Menu Start\Programy\FreeFixer 2016-03-18 17:19 - 2016-03-18 17:19 - 00000000 ____D C:\Documents and Settings\samsung\Dane aplikacji\FreeFixer 2016-03-18 17:05 - 2016-03-18 17:09 - 00039928 _____ (Tencent) C:\WINDOWS\system32\Drivers\TS888.sys 2016-03-18 16:12 - 2016-03-18 16:14 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-03-18 16:12 - 2016-03-18 16:12 - 00000777 _____ C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk 2016-03-18 16:12 - 2016-03-18 16:12 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware 2016-03-18 16:11 - 2016-03-18 16:12 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2016-03-18 16:11 - 2016-03-18 16:11 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes 2016-03-18 16:11 - 2015-03-17 06:15 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-03-18 16:11 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2016-03-18 15:10 - 2016-03-18 20:28 - 00000000 ____D C:\FRST 2016-03-18 14:45 - 2016-03-18 17:19 - 00000068 _____ C:\WINDOWS\QMNetworkMgr.ini 2016-03-18 14:43 - 2016-03-18 14:43 - 00005120 _____ C:\Documents and Settings\samsung\Dane aplikacji\GiftBag.db 2016-03-18 14:43 - 2016-03-18 14:43 - 00000000 ____D C:\Documents and Settings\All Users\TXQMPC 2016-03-18 14:43 - 2016-03-18 14:41 - 00138552 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelXP.sys 2016-03-18 14:43 - 2016-03-18 14:41 - 00114616 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator.sys 2016-03-18 14:43 - 2016-03-18 14:41 - 00014008 _____ (Tencent) C:\WINDOWS\system32\Drivers\TSDefenseBt.sys 2016-03-18 14:42 - 2016-03-18 15:21 - 00000000 ____D C:\Documents and Settings\LocalService\Dane aplikacji\Tencent 2016-03-18 14:42 - 2016-03-18 14:43 - 00000000 ____D C:\Program Files\Common Files\Tencent 2016-03-18 14:42 - 2016-03-18 14:42 - 00000839 _____ C:\Documents and Settings\All Users\Menu Start\强力卸载电脑上的软件 .lnk 2016-03-18 14:42 - 2016-03-18 14:41 - 00150072 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFlt.sys 2016-03-18 14:42 - 2016-03-18 14:41 - 00067896 _____ (电脑管家) C:\WINDOWS\system32\TSSK.sys 2016-03-18 14:42 - 2016-01-14 10:47 - 00128280 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TsFltMgr.sys 2016-03-18 14:41 - 2016-03-18 14:41 - 00000000 _____ C:\Documents and Settings\samsung\Pulpit\$电脑管家-清理垃圾$.qmgc 2016-03-18 14:38 - 2016-03-18 15:21 - 00000000 ____D C:\Documents and Settings\samsung\Dane aplikacji\Tencent 2016-03-18 14:38 - 2016-03-18 14:45 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Tencent 2016-03-18 14:38 - 2016-03-18 14:38 - 00000000 ____D C:\Program Files\Tencent 2016-03-18 14:33 - 2016-03-18 17:02 - 00000000 ____D C:\Program Files\TData 2016-03-18 14:33 - 2012-06-09 17:17 - 16777216 _____ C:\Documents and Settings\samsung\Pulpit\Pokemon Fuligin.GBA 2016-03-18 14:31 - 2016-03-18 14:31 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy 2016-03-18 00:32 - 2016-03-18 00:32 - 00000000 ____D C:\Documents and Settings\samsung\Pulpit\condiment 2016-03-18 00:17 - 2016-03-18 13:12 - 04491376 _____ C:\Documents and Settings\samsung\Pulpit\ten.psd 2016-03-17 20:24 - 2016-03-17 20:24 - 00420435 _____ C:\Documents and Settings\samsung\Pulpit\Włókniarz.rar 2016-03-17 20:06 - 2016-03-17 20:11 - 00000000 ____D C:\Documents and Settings\samsung\Pulpit\Włókniarz 2016-03-17 19:49 - 2016-03-17 20:11 - 02108619 _____ C:\Documents and Settings\samsung\Pulpit\Kopia Szablon SofSpun W.psd 2016-03-17 19:49 - 2016-03-17 20:11 - 00459841 _____ C:\Documents and Settings\samsung\Pulpit\Włókniarz.psd 2016-03-17 15:25 - 2016-03-17 15:25 - 00110578 _____ C:\Documents and Settings\samsung\Pulpit\f.zip 2016-03-17 13:44 - 2016-03-17 13:44 - 00000310 _____ C:\Documents and Settings\samsung\Moje dokumenty\any2.txt 2016-03-17 12:25 - 2016-03-17 12:25 - 05059379 _____ C:\Documents and Settings\samsung\Moje dokumenty\kolory micha.pdf 2016-03-17 12:22 - 2016-03-17 12:22 - 00051298 _____ C:\Documents and Settings\samsung\Moje dokumenty\kolory micha.odt 2016-03-15 17:43 - 2016-03-15 17:43 - 01465351 _____ C:\Documents and Settings\samsung\Pulpit\korona2.psd 2016-03-15 16:32 - 2016-03-15 16:32 - 03287126 _____ C:\Documents and Settings\samsung\Pulpit\dent.psd 2016-03-15 15:38 - 2016-03-15 15:38 - 01339325 _____ C:\Documents and Settings\samsung\Pulpit\AdamxAdam.psd 2016-03-14 15:18 - 2016-03-14 15:18 - 00074087 _____ C:\Documents and Settings\samsung\Pulpit\ZK 896.pdf 2016-03-13 17:21 - 2016-03-13 17:21 - 00000000 ____D C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\Blizzard Entertainment 2016-03-13 17:21 - 2016-03-13 17:21 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Blizzard Entertainment 2016-03-13 17:11 - 2016-03-13 17:12 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Battle.net 2016-03-11 16:40 - 2016-03-15 15:37 - 01265621 _____ C:\Documents and Settings\samsung\Pulpit\frog vectory.psd 2016-03-08 12:39 - 2016-03-08 13:43 - 01702151 _____ C:\Documents and Settings\samsung\Pulpit\imploder.psd 2016-03-03 21:03 - 2016-03-05 18:03 - 00000000 ____D C:\Documents and Settings\samsung\Pulpit\Dzien Kobiet 2016-03-03 20:22 - 2016-03-09 15:21 - 00976460 _____ C:\Documents and Settings\samsung\Pulpit\Puzzelki.psd 2016-03-03 18:56 - 2016-03-03 18:56 - 00343325 _____ C:\Documents and Settings\samsung\Pulpit\puzle.psd 2016-03-03 18:22 - 2016-03-03 21:18 - 01171563 _____ C:\Documents and Settings\samsung\Pulpit\Szablon SofSpun W.psd 2016-03-03 17:54 - 2015-01-19 09:58 - 00000843 ____N C:\Documents and Settings\samsung\Pulpit\License.txt 2016-03-03 17:54 - 2015-01-14 10:22 - 30962710 _____ C:\Documents and Settings\samsung\Pulpit\02.eps 2016-03-03 17:54 - 2015-01-14 10:21 - 02041289 _____ C:\Documents and Settings\samsung\Pulpit\02.ai 2016-03-03 17:54 - 2012-03-08 03:42 - 00050452 _____ C:\Documents and Settings\samsung\Pulpit\crossword_letter_tiles.svg 2016-03-03 17:54 - 2012-03-06 13:51 - 00206421 _____ C:\Documents and Settings\samsung\Pulpit\vector-puzzle-pieces.ai 2016-03-03 17:21 - 2016-03-03 17:21 - 00007520 _____ C:\Documents and Settings\samsung\Pulpit\depositphotos_10675225-White-t-shirt-design-template.pdf 2016-03-03 17:14 - 2016-03-15 13:39 - 00153626 _____ C:\Documents and Settings\samsung\Pulpit\Kolory folii.pdf 2016-03-03 16:29 - 2016-03-03 16:29 - 00000185 _____ C:\Documents and Settings\samsung\Moje dokumenty\marca poczatek.txt 2016-03-03 14:21 - 2016-03-03 20:47 - 00000000 ____D C:\Documents and Settings\samsung\Pulpit\Dzień Kobiet Insp 2016-03-02 20:35 - 2016-03-02 20:35 - 00001077 _____ C:\Documents and Settings\samsung\Moje dokumenty\kolory i aukcja.txt 2016-03-01 13:01 - 2016-03-01 13:03 - 00097280 ___SH C:\Documents and Settings\samsung\Pulpit\Thumbs.db 2016-03-01 12:59 - 2016-03-01 13:00 - 01262903 _____ C:\Documents and Settings\samsung\Pulpit\Fartuchy i Polo.pdf 2016-02-29 14:50 - 2016-02-29 14:56 - 00000000 ____D C:\Documents and Settings\samsung\Pulpit\bluzy 2016-02-26 13:34 - 2016-02-26 13:34 - 00292335 _____ C:\Documents and Settings\samsung\Pulpit\Faktura VAT nr. 1 02 2016.pdf 2016-02-26 13:09 - 2016-02-26 13:09 - 00003213 _____ C:\Documents and Settings\samsung\Moje dokumenty\wyjaz.txt 2016-02-24 15:41 - 2016-02-26 11:44 - 00000095 _____ C:\Documents and Settings\samsung\Moje dokumenty\Daty poza standardem.txt 2016-02-23 18:17 - 2016-02-26 13:05 - 00001241 _____ C:\Documents and Settings\samsung\Moje dokumenty\tshirt slowa kluczowe.txt 2016-02-22 15:06 - 2016-02-22 15:36 - 00031479 _____ C:\Documents and Settings\samsung\Moje dokumenty\Artykuly Termotransfer.pl 2016-02-22 15:06 - 2016-02-22 15:36 - 00013302 _____ C:\Documents and Settings\samsung\Moje dokumenty\Q&A.odt 2016-02-22 14:46 - 2016-02-22 15:03 - 00080511 _____ C:\Documents and Settings\samsung\Moje dokumenty\nadruk baza wiedzy.odt 2016-02-17 13:16 - 2016-02-17 13:16 - 00014762 _____ C:\Documents and Settings\samsung\Moje dokumenty\ruleta.odt 2016-02-17 13:16 - 2016-02-17 13:16 - 00000141 ____H C:\Documents and Settings\samsung\Moje dokumenty\.~lock.ruleta.odt# ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-03-18 20:29 - 2010-01-13 23:02 - 00000000 ____D C:\Documents and Settings\samsung\Ustawienia lokalne\Temp 2016-03-18 18:22 - 2010-01-13 18:29 - 00000466 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{62D23A93-2359-4AC7-94C4-54B28EE877A1}.job 2016-03-18 17:19 - 2010-01-13 23:02 - 00000000 __RHD C:\Documents and Settings\samsung\Dane aplikacji 2016-03-18 17:19 - 2010-01-13 23:02 - 00000000 ___RD C:\Documents and Settings\samsung\Menu Start\Programy 2016-03-18 17:19 - 2010-01-13 23:02 - 00000000 ___HD C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji 2016-03-18 17:08 - 2016-02-04 16:58 - 00000000 ____D C:\Documents and Settings\samsung\Dane aplikacji\GG 2016-03-18 17:08 - 2016-01-31 18:45 - 00000000 ____D C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\ChomikBox 2016-03-18 17:07 - 2016-01-31 18:46 - 00000000 ____D C:\Documents and Settings\samsung\.gstreamer-0.10 2016-03-18 17:05 - 2009-08-24 14:05 - 00017279 _____ C:\WINDOWS\system32\Config.MPF 2016-03-18 17:04 - 2016-01-06 13:53 - 00000226 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2016-03-18 17:04 - 2016-01-05 20:03 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2564958$ 2016-03-18 17:04 - 2016-01-02 13:09 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-03-18 17:04 - 2009-08-24 13:18 - 00032606 _____ C:\WINDOWS\SchedLgU.Txt 2016-03-18 17:04 - 2009-08-24 13:18 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-03-18 17:03 - 2010-01-13 23:02 - 00000188 ___SH C:\Documents and Settings\samsung\ntuser.ini 2016-03-18 17:03 - 2010-01-13 23:02 - 00000000 ____D C:\Documents and Settings\samsung 2016-03-18 17:02 - 2009-08-24 15:08 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2016-03-18 16:12 - 2009-08-24 15:08 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2016-03-18 16:11 - 2009-08-24 15:07 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2016-03-18 15:51 - 2010-01-13 23:02 - 00089640 _____ C:\Documents and Settings\samsung\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2016-03-18 15:33 - 2009-08-24 15:07 - 00603432 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-03-18 14:58 - 2010-01-13 23:02 - 00000000 ____D C:\Documents and Settings\samsung\Pulpit 2016-03-18 14:52 - 2009-08-24 15:02 - 00000000 ____D C:\WINDOWS\system 2016-03-18 14:43 - 2009-08-24 15:07 - 00000000 ____D C:\Documents and Settings\All Users 2016-03-18 14:42 - 2009-08-24 15:08 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start 2016-03-18 14:42 - 2009-08-24 13:18 - 00000000 ____D C:\Documents and Settings\LocalService\Dane aplikacji 2016-03-18 14:41 - 2016-01-02 13:16 - 00001825 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome.lnk 2016-03-18 14:41 - 2016-01-02 13:16 - 00001819 _____ C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk 2016-03-18 13:14 - 2016-01-22 11:00 - 00000000 ____D C:\Documents and Settings\samsung\Pulpit\Inspiracje 2016-03-18 01:48 - 2010-01-13 23:02 - 00000000 ___RD C:\Documents and Settings\samsung\Moje dokumenty\Moje obrazy 2016-03-17 21:29 - 2016-01-13 13:24 - 00000000 ____D C:\Documents and Settings\samsung\Pulpit\Nowe 2016-03-17 19:33 - 2016-01-10 22:48 - 03568038 _____ C:\Documents and Settings\samsung\Pulpit\logo.psd 2016-03-17 13:44 - 2010-01-13 23:02 - 00000000 ___RD C:\Documents and Settings\samsung\Moje dokumenty 2016-03-17 13:42 - 2010-01-13 23:02 - 00000000 ____D C:\Documents and Settings\samsung\Dane aplikacji\Adobe 2016-03-08 15:00 - 2016-01-06 13:53 - 00000220 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2016-03-07 12:20 - 2009-08-24 21:44 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl 2016-02-28 17:03 - 2016-01-28 14:18 - 00000000 ____D C:\Documents and Settings\samsung\Pulpit\Pomocne smieci 2016-02-17 14:49 - 2016-02-16 14:36 - 00000000 ____D C:\Program Files\PokerStars.EU ==================== Pliki w katalogu głównym wybranych folderów ======= 2016-03-18 14:43 - 2016-03-18 14:43 - 0005120 _____ () C:\Documents and Settings\samsung\Dane aplikacji\GiftBag.db Niektóre pliki w TEMP: ==================== C:\Documents and Settings\samsung\Ustawienia lokalne\Temp\qqpcmgr_v11.1.16923.222_45101_Silence.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo ==================== Koniec FRST.txt ============================