Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 17-09-2016
Uruchomiony przez Czesiek (administrator)  IZUNIA (18-09-2016 11:04:22)
Uruchomiony z C:\Documents and Settings\Czesiek\Pulpit\dez
Załadowane profile: Czesiek (Dostępne profile: Iza & Czesiek)
Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 2 (X86) Język: Polski
Internet Explorer Wersja 6 (Domyślna przeglądarka: FF)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\BIN\S24EvMon.exe
() C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Atheros) C:\WINDOWS\System32\ACS.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\BIN\EvtEng.exe
() C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\JRE6\BIN\JQS.EXE
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
() C:\Program Files\ASUS\NB Probe\SPM\SPMGR.EXE
(Microsoft Corporation) C:\WINDOWS\System32\WBEM\UNSECAPP.EXE
() C:\Program Files\ATK Hotkey\HControl.exe
() C:\Program Files\ATKOSD2\ATKOSD2.EXE
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.EXE
(Intel Corporation) C:\WINDOWS\System32\HKCMD.EXE
(Intel Corporation) C:\WINDOWS\System32\IGFXPERS.EXE
(Intel Corporation) C:\WINDOWS\System32\IGFXSRVC.EXE
() C:\Program Files\ATK Hotkey\ATKOSD.EXE
(ASUSTeK) C:\WINDOWS\System32\ACEngSvr.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
() C:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe
() C:\Program Files\ATK Hotkey\KBFiltr.exe
() C:\Program Files\ATK Hotkey\WDC.exe
(Huawei Technologies Co., Ltd.) C:\Program Files\blueconnect\DataCardMonitor.exe
(Huawei Technologies Co., Ltd.) C:\Documents and Settings\Czesiek\Dane aplikacji\blueconnect\OUC.EXE
() C:\WINDOWS\System32\acovcnt.exe


==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [ATKHOTKEY] => C:\Program Files\ATK Hotkey\Hcontrol.exe [225280 2007-06-29] ()
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ATKOSD2\ATKOSD2.exe [7708672 2007-07-03] ()
HKLM\...\Run: [SkyTel] => C:\WINDOWS\SkyTel.EXE [2879488 2006-05-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16270848 2006-11-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104 2006-10-15] (Synaptics, Inc.)
HKLM\...\Run: [ccApp] => c:\Program Files\Common Files\Symantec Shared\ccApp.exe [51048 2008-10-17] (Symantec Corporation)
HKLM\...\Run: [Power_Gear] => C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [90112 2006-07-26] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ACMON] => C:\Program Files\ASUS\Splendid\ACMON.exe [851968 2007-06-26] (ATK)
HKLM\...\Run: [TWCU] => C:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe [561263 2010-05-21] ()
HKLM\...\Run: [UpdatePDRShortCut] => D:\Programy\HomeCinema\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UpdatePPShortCut] => D:\Programy\HomeCinema\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2010-09-17] (CyberLink Corp.)
HKLM\...\Run: [DataCardMonitor] => C:\Program Files\blueconnect\DataCardMonitor.exe [259424 2014-12-04] (Huawei Technologies Co., Ltd.)
HKLM\...\Run: [TP-LINK USB Printer Controller] => C:\Program Files\TP-LINK\USB Printer Controller\USB Printer Controller.exe [4226048 2012-09-21] ()
HKLM\...\Policies\Explorer\Run: [] => 1
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <===== UWAGA
HKU\S-1-5-19\...\RunOnce: [] => [X]
HKU\S-1-5-20\...\RunOnce: [] => [X]
HKU\S-1-5-21-966588509-143319652-2419219573-1007\...\Run: [HW_OPENEYE_OUC_blueconnect] => C:\Program Files\blueconnect\UpdateDog\ouc.exe [116064 2011-03-26] (Huawei Technologies Co., Ltd.)
HKU\S-1-5-21-966588509-143319652-2419219573-1007\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-966588509-143319652-2419219573-1007\...\MountPoints2: {5bc64bca-7b7a-11e4-8c48-002215371191} - G:\AutoRun.exe
HKU\S-1-5-21-966588509-143319652-2419219573-1007\...\MountPoints2: {5bc64bcb-7b7a-11e4-8c48-002215371191} - G:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [] => [X]
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll [2007-06-15] ()
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll [2007-06-01] ()

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{4A8C06F9-2A8D-4703-B137-F59FEE8352D2}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.asus.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.asus.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.asus.com
HKU\S-1-5-21-966588509-143319652-2419219573-1007\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.asus.com/
HKU\S-1-5-21-966588509-143319652-2419219573-1007\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-966588509-143319652-2419219573-1007 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= UWAGA
SearchScopes: HKLM -> DefaultScope - brak wartości
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: Brak nazwy -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll [2007-08-24] (Symantec Corporation)
BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll [2008-10-25] (Symantec Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-15] (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-15] (Sun Microsystems, Inc.)
BHO: IEPluginBHO Class -> {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -> C:\Documents and Settings\Iza\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll [2009-07-27] (GG Network S.A.)
Toolbar: HKLM - Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [2007-08-24] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-966588509-143319652-2419219573-1007 -> Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [2007-08-24] (Symantec Corporation)
DPF: {31435657-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl.sun.com/webapps/download/AutoDL?BundleId=29223
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2008-09-29] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Czesiek\Dane aplikacji\Mozilla\Firefox\Profiles\n5ut5ysc.default
FF Homepage: hxxp://www.google.pl/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-10-11] ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll [2008-04-22] (DivX, Inc)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll [2011-11-17] ( Microsoft Corporation)
FF Plugin: @Motive.com/NpMotive,version=1.0 -> C:\Program Files\Common Files\Motive\npMotive.dll [2011-08-04] (Alcatel-Lucent)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-11-27] (Pando Networks)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2009-05-15] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2008-10-14] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll [2011-10-27] (LiveVDO )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2008-04-22] (DivX, Inc)
FF Extension: (Greasemonkey) - C:\Documents and Settings\Czesiek\Dane aplikacji\Mozilla\Firefox\Profiles\n5ut5ysc.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-08-21]
FF Extension: (Adblock Plus) - C:\Documents and Settings\Czesiek\Dane aplikacji\Mozilla\Firefox\Profiles\n5ut5ysc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-29]
FF Extension: (Skype extension for Firefox) - C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2016-08-25] [Brak podpisu cyfrowego]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: (Java Quick Starter) - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-05-15] [Brak podpisu cyfrowego]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [pbiamblgmkgbcgbcgejjgebalncpmhnp] - C:\Program Files\StartSearch plugin\vshareplg.crx [2011-10-27]

==================== Usługi (filtrowane) ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 ACS; C:\WINDOWS\system32\acs.exe [499796 2010-05-21] (Atheros) [Brak podpisu cyfrowego]
R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [73728 2007-05-18] () [Brak podpisu cyfrowego]
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [Brak podpisu cyfrowego]
S4 Automatic LiveUpdate Scheduler; c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [243064 2007-08-31] (Symantec Corporation)
S4 ccEvtMgr; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352 2008-10-17] (Symantec Corporation)
S4 ccSetMgr; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352 2008-10-17] (Symantec Corporation)
S4 CLTNetCnService; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352 2008-10-17] (Symantec Corporation)
S3 comHost; c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [55640 2007-08-21] (Symantec Corporation)
R2 HWDeviceService.exe; C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [152984 2009-05-15] (Sun Microsystems, Inc.)
S3 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-03-17] (Hewlett-Packard Company) [Brak podpisu cyfrowego]
S4 LiveUpdate; c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [3192184 2007-08-23] (Symantec Corporation)
S4 LiveUpdate Notice; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352 2008-10-17] (Symantec Corporation)
R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [361472 2011-08-04] (Alcatel-Lucent) [Brak podpisu cyfrowego]
S3 MozillaMaintenance; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [146888 2016-08-25] (Mozilla Foundation) [Brak podpisu cyfrowego]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [247152 2009-04-17] ()
R2 S24EventMonitor; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [966656 2010-07-19] (Intel(R) Corporation) [Brak podpisu cyfrowego]
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
S4 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1251720 2008-10-25] ()

===================== Sterowniki (filtrowane) ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S2 ADILOADER; C:\WINDOWS\System32\Drivers\adildr.sys [46167 2003-07-17] (Analog Deivces)
S3 adiusbaw; C:\WINDOWS\System32\DRIVERS\adiusbaw.sys [127497 2003-06-24] (Analog Devices Inc.)
S3 AR9271; C:\WINDOWS\System32\DRIVERS\athuw.sys [1714176 2010-01-05] (Atheros Communications, Inc.)
R0 AsDsm; C:\WINDOWS\system32\Drivers\AsDsm.sys [29752 2007-08-10] (Windows (R) Codename Longhorn DDK provider)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R3 AtcL001; C:\WINDOWS\System32\DRIVERS\l151x86.sys [36864 2007-10-31] (Atheros Communications, Inc.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-03] (Microsoft Corporation)
S3 COH_Mon; C:\WINDOWS\system32\Drivers\COH_Mon.sys [23888 2008-07-30] (Symantec Corporation)
R2 CO_Mon; C:\WINDOWS\system32\drivers\CO_Mon.sys [36056 2007-08-08] (Symantec Corporation)
S3 CXPLRCAP; C:\WINDOWS\System32\drivers\CxPlrCap.sys [188032 2011-10-17] (Conexant Systems, Inc.) [Brak podpisu cyfrowego]
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [371248 2008-10-15] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [99376 2008-10-25] (Symantec Corporation)
S3 filtertdidriver; C:\WINDOWS\System32\drivers\ewfiltertdidriver.sys [13024 2010-11-24] (Huawei Technologies Co., Ltd.)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-02] ()
S3 huawei_cdcacm; C:\WINDOWS\System32\DRIVERS\ew_jucdcacm.sys [90368 2011-02-25] (Huawei Technologies Co., Ltd.)
S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [145280 2013-12-13] (ITE                      ) [Brak podpisu cyfrowego]
R3 kbfiltr; C:\WINDOWS\System32\DRIVERS\kbfiltr.sys [5632 2007-01-27] ( )
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15360 2004-08-03] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2012-01-25] (Printing Communications Assoc., Inc. (PCAUSA)) [Brak podpisu cyfrowego]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2012-01-25] (Printing Communications Assoc., Inc. (PCAUSA)) [Brak podpisu cyfrowego]
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [7680 2006-12-17] (ATK0100)
R3 NAVENG; C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090122.020\NAVENG.SYS [89104 2008-11-11] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090122.020\NAVEX15.SYS [876112 2008-11-11] (Symantec Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-03] (Microsoft Corporation)
S3 NETw4x32; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2208512 2007-06-21] (Intel Corporation)
R3 NETwLx32; C:\WINDOWS\System32\DRIVERS\NETwLx32.sys [6607744 2010-08-16] (Intel Corporation)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13952 2010-05-19] (Intel Corporation) [Brak podpisu cyfrowego]
R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1769984 2007-10-01] ()
R3 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [447024 2008-09-05] (Symantec Corporation)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [685816 2008-12-14] () [Brak podpisu cyfrowego]
R1 SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [279088 2007-11-30] (Symantec Corporation)
S3 SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [317616 2007-11-30] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [43696 2007-11-30] (Symantec Corporation)
R3 SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [13616 2009-02-19] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [124464 2009-01-09] (Symantec Corporation)
R3 SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [96560 2009-02-19] (Symantec Corporation)
R3 SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [38576 2009-02-19] (Symantec Corporation)
R3 SYMIDSCO; C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20090113.002\SymIDSCo.sys [250224 2008-10-03] (Symantec Corporation)
S3 SymIM; C:\WINDOWS\System32\DRIVERS\SymIM.sys [31280 2009-02-19] (Symantec Corporation)
R3 SymIMMP; C:\WINDOWS\System32\DRIVERS\SymIM.sys [31280 2009-02-19] (Symantec Corporation)
R3 SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [37424 2009-02-19] (Symantec Corporation)
R3 SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [22320 2009-02-19] (Symantec Corporation)
R1 SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [184496 2009-02-19] (Symantec Corporation)
R3 TPLINKUDSMBus; C:\WINDOWS\System32\drivers\TplinkUDSMBus.sys [88576 2012-09-21] (Windows (R) Codename Longhorn DDK provider)
S3 TplinkUDSTcpBus; C:\WINDOWS\System32\drivers\TplinkUDSTcpBus.sys [151296 2012-09-21] (Windows (R) Codename Longhorn DDK provider)
R3 WSIMD; C:\WINDOWS\System32\DRIVERS\wsimd.sys [58208 2010-05-21] (Atheros Communications, Inc.) [Brak podpisu cyfrowego]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [235392 2010-12-24] (Huawei Technologies Co., Ltd.)
S4 IntelIde; Brak ImagePath
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
U1 WS2IFSL; Brak ImagePath

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-09-18 11:03 - 2016-09-18 11:03 - 00000000 ____D C:\FRST
2016-09-18 11:01 - 2016-09-18 11:01 - 00045056 _____ C:\WINDOWS\system32\acovcnt.exe
2016-09-18 10:49 - 2016-09-18 10:49 - 00000000 ____D C:\Documents and Settings\Czesiek\Pulpit\dez
2016-08-25 16:35 - 2016-08-25 16:35 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2016-09-18 11:00 - 2008-07-14 16:19 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-18 10:59 - 2012-10-13 12:38 - 00524288 _____ C:\WINDOWS\system32\config\ACS.evt
2016-09-18 10:59 - 2008-10-26 02:30 - 00000188 ___SH C:\Documents and Settings\Czesiek\ntuser.ini
2016-09-18 10:59 - 2008-07-14 16:19 - 00032442 _____ C:\WINDOWS\SchedLgU.Txt
2016-09-18 10:59 - 2006-08-27 11:39 - 00000571 _____ C:\WINDOWS\win.ini
2016-09-18 10:59 - 2006-08-27 11:39 - 00000227 _____ C:\WINDOWS\system.ini
2016-09-18 10:59 - 2006-08-27 11:39 - 00000211 __RSH C:\boot.ini
2016-09-18 10:48 - 2015-07-19 14:55 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-17 07:57 - 2006-08-27 11:39 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2016-09-05 20:00 - 2008-10-25 18:57 - 00000614 _____ C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Iza.job

==================== Pliki w katalogu głównym wybranych folderów =======

2013-05-11 22:52 - 2013-05-12 12:07 - 0000004 _____ () C:\Documents and Settings\Czesiek\Dane aplikacji\skype.ini
2008-10-26 02:30 - 2008-07-14 16:52 - 5227462 _____ () C:\Documents and Settings\Czesiek\Ustawienia lokalne\Dane aplikacji\Install.exe
2008-10-26 02:30 - 2008-07-14 16:26 - 0000135 _____ () C:\Documents and Settings\Czesiek\Ustawienia lokalne\Dane aplikacji\fusioncache.dat
2009-06-10 20:31 - 2016-01-02 09:15 - 0034304 _____ () C:\Documents and Settings\Czesiek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Niektóre pliki w TEMP:
====================
C:\Documents and Settings\Iza\Ustawienia lokalne\Temp\DevSetup32.dll
C:\Documents and Settings\Iza\Ustawienia lokalne\Temp\DevSetup64.dll
C:\Documents and Settings\Iza\Ustawienia lokalne\Temp\DriverInstall32.exe
C:\Documents and Settings\Iza\Ustawienia lokalne\Temp\DriverInstall64.exe
C:\Documents and Settings\Iza\Ustawienia lokalne\Temp\KillProcess.exe
C:\Documents and Settings\Iza\Ustawienia lokalne\Temp\Last.fm-2.1.36.exe
C:\Documents and Settings\Czesiek\Ustawienia lokalne\Temp\drm_dyndata_7390006.dll


==================== Bamital & volsnap =================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo
C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo

==================== Koniec  FRST.txt ============================