Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 30-09-2016 Uruchomiony przez Karol (administrator) PABIJAN-PC1 (01-10-2016 16:46:26) Uruchomiony z E:\Programy instalacyjne\Antywirusy Załadowane profile: Karol & UpdatusUser (Dostępne profile: Karol & You For Ever & UpdatusUser) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 8 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.) C:\WINDOWS\SoundMan.exe (Nero AG) C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe () C:\Program Files\Gigabyte\ET5Pro\GUI.exe () C:\Program Files\Ditto\Ditto.exe (Ykoon) C:\Program Files\RssReader\RssReader.exe (Acresso Software Inc.) E:\ArcGIS\License10.0\bin\lmgrd.exe (Acresso Software Inc.) E:\ArcGIS\License10.0\bin\lmgrd.exe (AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe (ESRI) E:\ArcGIS\License10.0\bin\ARCGIS.exe () C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe (Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe () C:\Documents and Settings\All Users\Dane aplikacji\PLAY ONLINE\OnlineUpdate\ouc.exe () C:\Program Files\CyberLink\Shared Files\RichVideo.exe (Microsoft Corporation) C:\WINDOWS\system32\snmp.exe (VMware, Inc.) C:\WINDOWS\system32\vmnat.exe (VMware, Inc.) C:\WINDOWS\system32\vmnetdhcp.exe (VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe () C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe (AO Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe (Acresso Software Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Rejestr (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16876032 2008-07-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [77824 2008-06-18] (Realtek Semiconductor Corp.) HKLM\...\Run: [AlcWzrd] => C:\WINDOWS\ALCWZRD.EXE [2808832 2008-06-19] (RealTek Semicoductor Corp.) HKLM\...\Run: [GEST] => m‘ HKLM\...\Run: [NeroFilterCheck] => \ü HKLM\...\Run: [SecurDisc] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [570664 2008-02-27] (Nero AG) HKLM\...\Run: [InCD] => C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [1629480 2008-02-18] (Nero AG) HKLM\...\Run: [RemoteControl] => C:\Program Files\Nero\Nero 7\InCD\InCD.exe [1057064 2008-02-18] (Nero AG) HKLM\...\Run: [EasyTuneVPro] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-03-14] (Cyberlink Corp.) HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Gigabyte\ET5Pro\ETcall.exe [20480 2007-07-26] () HKLM\...\Run: [HP Software Update] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation) HKLM\...\Run: [Nvtmru] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKLM\...\Run: [NvCplDaemon] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKLM\...\Run: [NvMediaCenter] => C:\WINDOWS\system32\NvCpl.dll [15677728 2013-06-21] (NVIDIA Corporation) HKLM\...\Run: [nwiz] => C:\WINDOWS\system32\NvMCTray.dll [223008 2013-06-21] (NVIDIA Corporation) HKLM\...\Run: [MSConfig] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2586912 2013-06-21] () HKU\S-1-5-21-1844237615-152049171-839522115-1004\...\Run: [Ditto] => C:\Program Files\Ditto\Ditto.exe [716800 2009-08-16] () HKU\S-1-5-21-1844237615-152049171-839522115-1004\...\Run: [RssReader] => C:\Program Files\RssReader\RssReader.exe [1077248 2004-04-04] (Ykoon) HKU\S-1-5-21-1844237615-152049171-839522115-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Fliqlo.scr [680624 2012-06-30] (ScreenTime Media) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\Documents and Settings\All Users\Dane aplikacji\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) Startup: C:\Documents and Settings\You For Ever\Menu Start\Programy\Autostart\OpenOffice.org 3.0.lnk [2012-07-21] ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () Startup: C:\Documents and Settings\You For Ever\Menu Start\Programy\Autostart\Powiadomienia monitorowania tuszu - HP Deskjet 3510 series.lnk [2016-09-29] ShortcutTarget: Powiadomienia monitorowania tuszu - HP Deskjet 3510 series.lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) BootExecute: autocheck autochk * bootdelete CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA CHR HKU\S-1-5-21-1844237615-152049171-839522115-1004\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{2C2EE0F5-319C-4CC7-A09F-6FCE591427A8}: [DhcpNameServer] 89.108.195.21 89.108.202.21 Tcpip\..\Interfaces\{3F838DF5-3843-4847-8967-F54878E00B3B}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{B3614507-7F53-4C97-AB9D-9DEA322FB4F5}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKU\S-1-5-21-1844237615-152049171-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.just-browse.info/ HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-1844237615-152049171-839522115-1004\Software\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-1844237615-152049171-839522115-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1844237615-152049171-839522115-1004\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie URLSearchHook: HKU\S-1-5-21-1844237615-152049171-839522115-1004 - DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.) URLSearchHook: [S-1-5-21-1844237615-152049171-839522115-1008] UWAGA => Brak domyślnego URLSearchHook SearchScopes: HKU\S-1-5-21-1844237615-152049171-839522115-1004 -> DefaultScope {FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD} URL = hxxp://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=en&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1 SearchScopes: HKU\S-1-5-21-1844237615-152049171-839522115-1004 -> {2C0D27C1-E5A2-6E1A-956A-221BDCEFDFED} URL = SearchScopes: HKU\S-1-5-21-1844237615-152049171-839522115-1004 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-1844237615-152049171-839522115-1004 -> {FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD} URL = hxxp://www.google.com/custom?q={searchTerms}&sa.x=0&sa.y=0&safe=active&client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&hl=en&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1 BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-11-09] (Oracle Corporation) BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-09] (Oracle Corporation) Toolbar: HKLM - Brak nazwy - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - Brak pliku Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.) Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab) DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1350476905687 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1350477561578 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\li1q0thp.default-1468060291676 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-17] () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-09] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-09] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=3 -> C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2014-02-07] (Google Inc.) FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=9 -> C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2014-02-07] (Google Inc.) FF Extension: (General Crawler) - C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2012-08-25] [Brak podpisu cyfrowego] FF Extension: (Firefox Hotfix) - C:\Documents and Settings\Karol\Dane aplikacji\Mozilla\Firefox\Profiles\li1q0thp.default-1468060291676\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-10] FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-09-10] [Brak podpisu cyfrowego] FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-09-10] [Brak podpisu cyfrowego] FF Extension: (Java Console) - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-09-10] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-12-23] [Brak podpisu cyfrowego] FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox => nie znaleziono FF HKLM\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-10-01] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => nie znaleziono FF HKU\S-1-5-21-1844237615-152049171-839522115-1004\...\Firefox\Extensions: [lyrmix@lyrmix.net] - C:\Program Files\Lyrmix\FF => nie znaleziono Chrome: ======= CHR HKLM\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - C:\Documents and Settings\Karol\Dane aplikacji\Media Finder\Extensions\gencrawler_gc.crx [2012-03-06] CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx CHR HKLM\...\Chrome\Extension: [dmiifdbnlinfkcbohhdcfijbcipfndff] - C:\Documents and Settings\Karol\Dane aplikacji\IClaro\iclaro.crx [2012-08-14] CHR HKLM\...\Chrome\Extension: [hjbbpgohahjnflffdkbgoahjnbakpooh] - C:\Documents and Settings\All Users\Dane aplikacji\wxDownload\hjbbpgohahjnflffdkbgoahjnbakpooh.crx CHR HKLM\...\Chrome\Extension: [hphibigbodkkohoglgfkddblldpfohjl] - C:\Program Files\TorrentHandler\TorrentHandler.crx CHR HKLM\...\Chrome\Extension: [jofdlbdmefjogcipddjnblinigmpagoj] - C:\Program Files\Lyrmix\Chrome.crx CHR HKLM\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files\DefaultTab\DefaultTab.crx CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi CHR HKLM\...\Chrome\Extension: [lpmkgpnbiojfaoklbkpfneikocaobfai] - C:\Documents and Settings\Karol\Dane aplikacji\Media Finder\Extensions\mf_plugin_gc.crx CHR HKLM\...\Chrome\Extension: [pccgdefihiibckbdnocamcoccopencaa] - C:\Documents and Settings\All Users\Dane aplikacji\ADDICT-THING\pccgdefihiibckbdnocamcoccopencaa.crx CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit14.crx CHR HKLM\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files\1ClickDownload\oneclickdownloader11.crx ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation) R2 ArcGIS License Manager; E:\ArcGIS\License10.0\bin\lmgrd.exe [1500424 2008-11-06] (Acresso Software Inc.) R2 AVP16.0.1; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab) R2 HWDeviceService.exe; C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe [276048 2014-01-15] () S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [1553704 2008-02-18] (Nero AG) R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-09-17] (Oracle Corporation) R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-01-24] (Hewlett-Packard Company) [Brak podpisu cyfrowego] S2 PLAY ONLINE. RunOuc; C:\Program Files\PLAY ONLINE\UpdateDog\ouc.exe [651856 2013-10-26] () R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] () R2 VMAuthdService; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [86744 2014-06-12] (VMware, Inc.) R2 VMnetDHCP; C:\WINDOWS\system32\vmnetdhcp.exe [359128 2014-06-12] (VMware, Inc.) R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [722624 2014-02-27] (VMware, Inc.) R2 VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [437976 2014-06-12] (VMware, Inc.) R2 VMwareHostd; C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-06-12] () S2 NeroRegInCDSrv; C:\Program Files\Nero\Nero 7\InCD\NBHRegInCDSrv.exe [X] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43520 2006-07-01] (Advanced Micro Devices) R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [18544 2012-07-03] (AVAST Software) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [201912 2015-07-06] (Kaspersky Lab ZAO) R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [242240 2012-06-30] (DT Soft Ltd) R3 ET5Drv; C:\WINDOWS\system32\Drivers\ET5Drv.sys [30008 2007-10-11] (Windows (R) 2000 DDK provider) S3 gdrv; C:\WINDOWS\gdrv.sys [16608 2013-08-22] (Windows (R) 2000 DDK provider) R3 GVTDrv; C:\WINDOWS\system32\Drivers\GVTDrv.sys [24944 2016-10-01] () R2 hcmon; C:\WINDOWS\system32\drivers\hcmon.sys [43840 2014-02-27] (VMware, Inc.) S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [47056 2016-09-30] () R3 huawei_cdcacm; C:\WINDOWS\System32\DRIVERS\ew_jucdcacm.sys [101504 2013-11-30] (Huawei Technologies Co., Ltd.) R3 huawei_cdcecm; C:\WINDOWS\System32\DRIVERS\ew_jucdcecm.sys [70784 2013-11-30] (Huawei Technologies Co., Ltd.) R3 huawei_ext_ctrl; C:\WINDOWS\System32\DRIVERS\ew_juextctrl.sys [27776 2013-11-30] (Huawei Technologies Co., Ltd.) S3 hwusb_cdcacm; C:\WINDOWS\System32\DRIVERS\ew_cdcacm.sys [110848 2014-04-16] (Huawei Technologies Co., Ltd.) S3 hwusb_cdcecm; C:\WINDOWS\System32\DRIVERS\ew_cdcecm.sys [117888 2014-04-14] (Huawei Technologies Co., Ltd.) R4 InCDfs; C:\WINDOWS\System32\drivers\InCDFs.sys [118952 2008-02-18] (Nero AG) R1 InCDPass; C:\WINDOWS\System32\drivers\InCDPass.sys [36648 2008-02-18] (Nero AG) U1 InCDrec; C:\WINDOWS\System32\drivers\InCDRec.sys [16040 2008-02-18] (Nero AG) R1 incdrm; C:\WINDOWS\System32\drivers\InCDRm.sys [38312 2008-02-18] (Nero AG) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [155304 2015-09-11] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [46776 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [66440 2015-12-01] (AO Kaspersky Lab) R2 kldisk; C:\WINDOWS\System32\DRIVERS\kldisk.sys [67456 2015-12-02] (AO Kaspersky Lab) R3 klflt; C:\WINDOWS\System32\DRIVERS\klflt.sys [148872 2015-12-11] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\DRIVERS\klhk.sys [51024 2016-10-01] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [773464 2016-10-01] (AO Kaspersky Lab) R3 klim5; C:\WINDOWS\System32\DRIVERS\klim5.sys [36448 2013-04-19] (Kaspersky Lab ZAO) R3 klkbdflt; C:\WINDOWS\System32\DRIVERS\klkbdflt.sys [45440 2015-11-11] (AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\System32\DRIVERS\klmouflt.sys [37040 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [41864 2015-12-07] (AO Kaspersky Lab) R1 kltdf; C:\WINDOWS\System32\DRIVERS\kltdf.sys [83328 2015-11-23] (AO Kaspersky Lab) R1 kltdi; C:\WINDOWS\System32\DRIVERS\kltdi.sys [54328 2015-06-11] (Kaspersky Lab ZAO) R1 kneps; C:\WINDOWS\System32\DRIVERS\kneps.sys [161672 2015-12-03] (AO Kaspersky Lab) R3 MarkFun_NT; C:\Program Files\Gigabyte\ET5Pro\markfun.w32 [17912 2007-08-21] (Windows (R) 2000 DDK provider) S3 s1018obex; C:\WINDOWS\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation) R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [473656 2012-06-30] (Duplex Secure Ltd.) R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation) R3 VMnetAdapter; C:\WINDOWS\System32\DRIVERS\vmnetadapter.sys [17104 2014-06-12] (VMware, Inc.) R2 VMnetBridge; C:\WINDOWS\System32\DRIVERS\vmnetbridge.sys [35032 2014-06-12] (VMware, Inc.) R2 VMnetuserif; C:\WINDOWS\system32\drivers\vmnetuserif.sys [26968 2014-06-12] (VMware, Inc.) R2 VMparport; C:\WINDOWS\system32\Drivers\VMparport.sys [24920 2014-06-12] (VMware, Inc.) R2 vmx86; C:\WINDOWS\system32\Drivers\vmx86.sys [66136 2014-06-12] (VMware, Inc.) R0 vsock; C:\WINDOWS\System32\drivers\vsock.sys [63824 2013-10-08] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\WINDOWS\System32\drivers\vstor2-mntapi20-shared.sys [23632 2013-02-22] (VMware, Inc.) U3 aj32clae; C:\WINDOWS\system32\Drivers\aj32clae.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder) S1 AmdPPM; system32\DRIVERS\AmdPPM.sys [X] S3 catchme; \??\C:\DOCUME~1\Karol\USTAWI~1\Temp\catchme.sys [X] U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [249856 2014-02-07] (Huawei Technologies Co., Ltd.) S3 GMSIPCI; \??\G:\INSTALL\GMSIPCI.SYS [X] S4 IntelIde; Brak ImagePath U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) U3 TlntSvr; Brak ImagePath U3 awldyfod; \??\C:\DOCUME~1\Karol\USTAWI~1\Temp\awldyfod.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-10-01 16:37 - 2016-10-01 16:46 - 00000000 ____D C:\FRST 2016-10-01 16:30 - 2016-10-01 16:30 - 00000000 ____D C:\WINDOWS\LastGood 2016-10-01 16:11 - 2016-10-01 16:11 - 00000374 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2016-10-01 16:11 - 2016-10-01 16:11 - 00000004 _____ C:\WINDOWS\system32\GVTunner.ref 2016-09-30 23:03 - 2016-09-30 23:04 - 00000000 ____D C:\totalcmd 2016-09-30 23:03 - 2016-09-30 23:03 - 00000548 _____ C:\Documents and Settings\Karol\Pulpit\Total Commander.lnk 2016-09-30 23:03 - 2016-09-30 23:03 - 00000000 ____D C:\Documents and Settings\Karol\Menu Start\Programy\Total Commander 2016-09-30 23:03 - 2016-09-30 23:03 - 00000000 ____D C:\Documents and Settings\Karol\Dane aplikacji\GHISLER 2016-09-30 22:56 - 2016-10-01 00:46 - 00065536 _____ C:\WINDOWS\system32\config\Kaspersk.evt 2016-09-30 22:53 - 2016-09-30 22:53 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Kaspersky Anti-Virus 2016-09-30 22:53 - 2016-09-30 22:52 - 00001828 _____ C:\Documents and Settings\All Users\Pulpit\Kaspersky Anti-Virus.lnk 2016-09-30 22:46 - 2016-10-01 16:29 - 00773464 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys 2016-09-30 22:46 - 2016-10-01 16:29 - 00051024 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys 2016-09-30 22:46 - 2016-10-01 16:26 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Kaspersky Lab 2016-09-30 22:46 - 2016-09-30 22:46 - 00000000 ____D C:\Program Files\Kaspersky Lab 2016-09-30 22:46 - 2015-12-11 17:27 - 00148872 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys 2016-09-30 22:18 - 2016-09-30 22:18 - 00000063 _____ C:\Documents and Settings\Karol\Pulpit\Create Bootable USB.url 2016-09-30 22:18 - 2016-09-30 22:18 - 00000000 ____D C:\Program Files\USB Disk Storage Format Tool 2016-09-30 22:18 - 2016-09-30 22:18 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\USB Disk Storage Format Tool 5.2 2016-09-30 21:57 - 2016-10-01 16:46 - 00000000 ____D C:\Documents and Settings\Karol\Ustawienia lokalne\temp 2016-09-30 21:57 - 2016-09-30 21:57 - 00016655 _____ C:\ComboFix.txt 2016-09-30 21:57 - 2016-09-30 21:57 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Ustawienia lokalne\temp 2016-09-30 21:57 - 2016-09-30 21:57 - 00000000 ____D C:\Documents and Settings\UpdatusUser.PABIJAN-PC1\Ustawienia lokalne\temp 2016-09-30 21:57 - 2016-09-30 21:57 - 00000000 ____D C:\Documents and Settings\NetworkService\Ustawienia lokalne\temp 2016-09-30 21:57 - 2016-09-30 21:57 - 00000000 ____D C:\Documents and Settings\Default User\Ustawienia lokalne\temp 2016-09-30 21:31 - 2011-06-26 08:45 - 00256000 _____ C:\WINDOWS\PEV.exe 2016-09-30 21:31 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe 2016-09-30 21:31 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe 2016-09-30 21:31 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe 2016-09-30 21:31 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe 2016-09-30 21:31 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe 2016-09-30 21:31 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe 2016-09-30 21:31 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe 2016-09-30 21:31 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe 2016-09-30 21:29 - 2016-09-30 21:57 - 00000000 ____D C:\Qoobox 2016-09-30 21:29 - 2016-09-30 21:45 - 00000000 ____D C:\WINDOWS\erdnt 2016-09-30 17:20 - 2016-09-30 22:19 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0 2016-09-30 14:38 - 2016-09-30 14:38 - 00047056 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2016-09-30 14:24 - 2016-09-30 14:24 - 00439156 _____ C:\WINDOWS\system32\.crusader 2016-09-30 13:26 - 2016-09-30 13:26 - 00000000 ____D C:\Program Files\HitmanPro 2016-09-30 13:26 - 2016-09-30 13:26 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\HitmanPro 2016-09-30 13:25 - 2016-09-30 14:23 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\HitmanPro 2016-09-30 13:22 - 2016-09-30 13:31 - 00000000 ____D C:\AdwCleaner 2016-09-17 16:09 - 2016-09-17 16:09 - 00000963 _____ C:\Documents and Settings\All Users\Pulpit\Euro Truck Simulator 2.lnk 2016-09-17 15:57 - 2016-09-17 15:57 - 00000933 _____ C:\Documents and Settings\All Users\Pulpit\Farming Simulator 2013.lnk 2016-09-17 15:23 - 2016-09-17 16:24 - 06502080 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe 2016-09-10 00:51 - 2016-09-23 16:52 - 00000000 ____D C:\Program Files\Mozilla Firefox ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-10-01 16:46 - 2012-07-02 23:29 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-10-01 16:41 - 2014-02-07 22:36 - 00001152 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job 2016-10-01 16:36 - 2012-06-30 12:09 - 00000000 ____D C:\Documents and Settings\Karol\Dane aplikacji\Ditto 2016-10-01 16:35 - 2014-08-21 11:39 - 00000000 ____D C:\Documents and Settings\Karol\Moje dokumenty\Pobrane 2016-10-01 16:35 - 2013-08-18 18:01 - 00015840 _____ C:\WINDOWS\system32\nvAppTimestamps 2016-10-01 16:35 - 2012-06-29 21:12 - 00000000 ____D C:\Documents and Settings\Karol\Pulpit 2016-10-01 16:30 - 2012-06-29 22:44 - 00000000 ___HD C:\WINDOWS\inf 2016-10-01 16:30 - 2012-06-29 21:22 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups 2016-10-01 16:23 - 2012-08-23 22:10 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-10-01 16:11 - 2014-07-22 12:33 - 00000000 ____D C:\Documents and Settings\UpdatusUser.PABIJAN-PC1\Dane aplikacji\VMware 2016-10-01 16:11 - 2014-07-21 19:37 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\VMware 2016-10-01 16:11 - 2012-06-30 15:25 - 00024944 _____ C:\WINDOWS\system32\Drivers\GVTDrv.sys 2016-10-01 16:10 - 2014-07-13 11:47 - 00000222 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2016-10-01 16:10 - 2012-07-02 23:29 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-10-01 16:10 - 2012-06-29 22:51 - 00000000 ____D C:\Documents and Settings\All Users 2016-10-01 16:10 - 2012-06-29 21:16 - 00000000 ____D C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\ApplicationHistory 2016-10-01 16:10 - 2012-06-29 21:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-10-01 00:46 - 2013-08-19 03:36 - 01276530 _____ C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1844237615-152049171-839522115-1004-0.dat 2016-10-01 00:46 - 2013-08-19 03:36 - 00243258 _____ C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat 2016-10-01 00:46 - 2012-06-29 21:12 - 00000188 ___SH C:\Documents and Settings\Karol\ntuser.ini 2016-10-01 00:46 - 2012-06-29 21:12 - 00000000 ____D C:\Documents and Settings\Karol 2016-10-01 00:46 - 2012-06-29 21:10 - 00032404 _____ C:\WINDOWS\SchedLgU.Txt 2016-10-01 00:36 - 2012-06-29 22:49 - 00000223 ___SH C:\boot.ini 2016-10-01 00:36 - 2006-03-02 14:00 - 00000538 _____ C:\WINDOWS\win.ini 2016-10-01 00:36 - 2006-03-02 14:00 - 00000227 _____ C:\WINDOWS\system.ini 2016-09-30 23:03 - 2012-06-29 21:12 - 00000000 __RHD C:\Documents and Settings\Karol\Dane aplikacji 2016-09-30 23:03 - 2012-06-29 21:12 - 00000000 ___RD C:\Documents and Settings\Karol\Menu Start\Programy 2016-09-30 22:55 - 2012-06-30 13:23 - 00000000 ___RD C:\Documents and Settings\Karol\Pulpit\Programy 2016-09-30 22:55 - 2012-06-29 22:53 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2016-09-30 22:53 - 2012-06-29 22:53 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2016-09-30 22:46 - 2012-06-29 22:51 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2016-09-30 21:57 - 2013-08-22 21:46 - 00000000 ___HD C:\Documents and Settings\UpdatusUser.PABIJAN-PC1\Ustawienia lokalne 2016-09-30 21:57 - 2013-08-18 17:34 - 00000000 ___HD C:\Documents and Settings\UpdatusUser\Ustawienia lokalne 2016-09-30 21:57 - 2012-06-29 22:53 - 00000000 __RHD C:\Documents and Settings\Default User\Ustawienia lokalne 2016-09-30 21:57 - 2012-06-29 21:12 - 00000000 ___HD C:\Documents and Settings\Karol\Ustawienia lokalne 2016-09-30 21:57 - 2012-06-29 21:10 - 00000000 ___HD C:\Documents and Settings\NetworkService\Ustawienia lokalne 2016-09-30 21:46 - 2012-06-29 22:51 - 00000000 ___HD C:\Documents and Settings\Default User 2016-09-30 21:46 - 2012-06-29 21:10 - 00000000 __SHD C:\Documents and Settings\NetworkService 2016-09-30 20:40 - 2013-11-04 15:41 - 00000468 _____ C:\WINDOWS\Tasks\At2.job 2016-09-30 20:23 - 2012-06-29 22:44 - 00000000 ____D C:\WINDOWS\system32\ias 2016-09-30 14:41 - 2013-11-04 15:41 - 00000468 _____ C:\WINDOWS\Tasks\At3.job 2016-09-30 14:24 - 2012-06-29 21:12 - 00000000 ___RD C:\Documents and Settings\Karol\Moje dokumenty 2016-09-30 13:30 - 2014-07-21 19:43 - 00000000 ____D C:\Documents and Settings\LocalService\Dane aplikacji\VMware 2016-09-30 13:24 - 2013-08-22 21:46 - 00000188 ___SH C:\Documents and Settings\UpdatusUser.PABIJAN-PC1\ntuser.ini 2016-09-30 13:24 - 2012-06-29 22:53 - 01294200 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-09-30 13:24 - 2012-06-29 22:53 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start 2016-09-30 13:24 - 2006-03-02 14:00 - 00568816 _____ C:\WINDOWS\system32\perfh015.dat 2016-09-30 13:24 - 2006-03-02 14:00 - 00111658 _____ C:\WINDOWS\system32\perfc015.dat 2016-09-30 13:18 - 2012-06-30 22:55 - 00000000 ___RD C:\Documents and Settings\Karol\Pulpit\Zdjęcia 2016-09-29 16:40 - 2012-07-02 17:32 - 00000000 ____D C:\Documents and Settings\Karol\Dane aplikacji\vlc 2016-09-29 16:39 - 2012-07-09 14:16 - 00000069 _____ C:\WINDOWS\NeroDigital.ini 2016-09-29 16:37 - 2012-09-17 00:38 - 00033280 _____ C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-09-29 16:31 - 2012-06-30 13:40 - 00000000 ____D C:\Documents and Settings\You For Ever\Ustawienia lokalne\Temp 2016-09-29 16:28 - 2012-07-01 12:57 - 00000000 ____D C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\Paint.NET 2016-09-29 16:26 - 2012-06-30 13:40 - 00000188 ___SH C:\Documents and Settings\You For Ever\ntuser.ini 2016-09-29 16:24 - 2012-06-30 13:40 - 00000000 ____D C:\Documents and Settings\You For Ever 2016-09-29 15:32 - 2006-03-02 14:00 - 00013706 _____ C:\WINDOWS\system32\wpa.dbl 2016-09-23 16:39 - 2013-12-31 21:26 - 00000000 ____D C:\Documents and Settings\You For Ever\Moje dokumenty\Euro Truck Simulator 2 2016-09-18 18:49 - 2013-01-25 13:50 - 00000000 ____D C:\Documents and Settings\You For Ever\Dane aplikacji\vlc 2016-09-17 16:24 - 2012-07-01 17:02 - 00796352 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2016-09-17 16:24 - 2012-07-01 17:02 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2016-09-17 16:24 - 2012-06-29 21:06 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-09-17 16:09 - 2013-12-31 21:26 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Euro Truck Simulator 2 2016-09-17 16:09 - 2013-12-31 21:25 - 00000000 ____D C:\Program Files\Euro Truck Simulator 2 2016-09-17 15:58 - 2012-06-29 21:06 - 00000000 ____D C:\WINDOWS\system32\DirectX 2016-09-11 15:05 - 2014-07-04 12:15 - 00000000 ____D C:\Documents and Settings\You For Ever\Moje dokumenty\Pobrane 2016-09-10 00:52 - 2013-08-22 22:44 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-09-09 21:41 - 2014-02-07 22:36 - 00001100 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job 2016-09-09 21:41 - 2012-06-29 21:12 - 00000000 ___HD C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji 2016-09-09 19:39 - 2014-07-13 11:47 - 00000216 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2016-09-04 10:10 - 2013-11-04 15:41 - 00000468 _____ C:\WINDOWS\Tasks\At1.job ==================== Pliki w katalogu głównym wybranych folderów ======= 2012-09-17 00:38 - 2016-09-29 16:37 - 0033280 _____ () C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-06-29 21:16 - 2012-06-29 21:16 - 0000130 _____ () C:\Documents and Settings\Karol\Ustawienia lokalne\Dane aplikacji\fusioncache.dat 2013-11-04 15:38 - 2013-11-04 15:38 - 0000057 _____ () C:\Documents and Settings\All Users\Dane aplikacji\Ament.ini Pliki do przeniesienia lub usunięcia: ==================== C:\Windows\Tasks\At1.job C:\Windows\Tasks\At2.job C:\Windows\Tasks\At3.job C:\Windows\Tasks\At4.job Niektóre pliki w TEMP: ==================== C:\Documents and Settings\Karol\Ustawienia lokalne\temp\ICReinstall_pobierz_Farbar_recovery_scan_tool_(frst)_32-bit_wersja_stabilna_V30.9.2016.0.exe C:\Documents and Settings\Karol\Ustawienia lokalne\temp\jre-8u101-windows-au.exe C:\Documents and Settings\You For Ever\Ustawienia lokalne\temp\TsuEFD6EC22.dll C:\Documents and Settings\You For Ever\Ustawienia lokalne\temp\{20242B4D-2715-458A-ABA4-7A7C0832C2B9}-GoogleEarth-Win-Bundle-7.1.1.1888.exe Niektóre zerobajtowe pliki/foldery: ========================== C:\Windows\System32\nsprs.dll C:\Windows\System32\serauth1.dll C:\Windows\System32\serauth2.dll C:\Windows\System32\ssprs.dll ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo ==================== Koniec FRST.txt ============================