Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 12.02.2018 Uruchomiony przez bzyTek1 (administrator) BZY-FC4210AA7AE (12-02-2018 21:04:25) Uruchomiony z C:\Documents and Settings\bzyTek1\Pulpit Załadowane profile: bzyTek1 (Dostępne profile: bzyTek1 & Administrator) Platform: Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 8 (Domyślna przeglądarka: IE) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AVG Technologies CZ, s.r.o.) C:\PROGRA~1\WIREK-~1\Av\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\wirek-anty_avg\Av\avgcsrvx.exe (IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (Microsoft Corporation) C:\Program Files\Fensywa_def\MsMpEng.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe (Agere Systems) C:\Program Files\LSI SoftModem\agrsmsvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\wirek-anty_avg\Av\avgfws.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\wirek-anty_avg\Av\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\wirek-anty_avg\Framework\Common\avgsvcx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\wirek-anty_avg\Av\avgwdsvcx.exe (InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe (Hagel Technologies Ltd.) C:\Program Files\Pomiarek-neta\DU Meter\DUMeterSvc.exe (FileZilla Project) C:\Program Files\werek-ser\ser-werek\FileZillaFTP\FileZillaServer.exe (Malwarebytes) C:\Program Files\Bitware-Malwa2\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes) C:\Program Files\Bitware-Malwa2\Malwarebytes Anti-Malware\mbamservice.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\wirek-anty_avg\Av\avgnsx.exe (Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\wirek-anty_avg\Av\avgemcx.exe (Microsoft Corporation) C:\WINDOWS\system32\locator.exe (Malwarebytes) C:\Program Files\Bitware-Malwa2\Malwarebytes Anti-Malware\mbam.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe (Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\wirek-anty_avg\Framework\Common\avguix.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\wirek-anty_avg\Av\avgui.exe (Hagel Technologies Ltd.) C:\Program Files\Pomiarek-neta\DU Meter\DUMeter.exe () C:\Program Files\Pomarancza\Druga\Plus Internet\Plus Internet.exe (IObit) C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe (IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFTips.exe (Don HO don.h@free.fr) C:\Program Files\Inny_padNote+\Notepad++\notepad++.exe (Mozilla Corporation) C:\Program Files\Chytry-liskowy\firefox.exe (IObit) C:\Program Files\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe (Microsoft Corporation) C:\WINDOWS\regedit.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (IObit) C:\Program Files\IObit\IObit Malware Fighter\Surfing Protection\Adblock\ADBlock.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1044480 2008-12-11] (Analog Devices, Inc.) HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated) HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) HKLM\...\Run: [UVS11 Preload] => C:\Program Files\Studio-unle\uvPL.exe [340136 2007-09-12] (InterVideo Digital Technology Corporation) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\Szybki czas\qttask.exe [421888 2014-10-02] (Apple Inc.) HKLM\...\Run: [Plus Internet] => C:\Program Files\Pomarancza\Druga\Plus Internet\PlusInternetChecker.exe [472384 2011-07-04] () HKLM\...\Run: [AvgUi] => C:\Program Files\wirek-anty_avg\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [AVG_UI] => C:\Program Files\wirek-anty_avg\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [5866768 2018-01-22] (IObit) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation) HKU\S-1-5-21-842925246-1770027372-725345543-1003\...\Run: [NBJ] => C:\Program Files\Nagrywanko\Z Rzymu\Nero BackItUp\NBJ.exe [1937408 2005-01-04] (Ahead Software AG) HKU\S-1-5-21-842925246-1770027372-725345543-1003\...\Run: [DU Meter] => C:\Program Files\Pomiarek-neta\DU Meter\DUMeter.exe [4245400 2014-11-24] (Hagel Technologies Ltd.) ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Fensywa_def\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation) BootExecute: autocheck autochk * C:\PROGRA~1\WIREK-~1\Av\avgrsx.exe /sync /restart ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\..\Interfaces\{4B707AF6-CCD8-48AD-8AA1-C474E555CA56}: [NameServer] 194.204.159.1 194.204.152.34 Internet Explorer: ================== HKU\S-1-5-21-842925246-1770027372-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-842925246-1770027372-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pl-pl/?ocid=iehp BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files\Ghostery\bin\ghostery.dll [2017-10-04] (Ghostery, Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-12-09] (Oracle Corporation) BHO: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\IObit Malware Fighter\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2017-10-18] (IObit) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-09] (Oracle Corporation) BHO: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\IObit\IObit Malware Fighter\Surfing Protection\Adblock\Adblock.dll [2017-10-18] (IObit) DPF: {32505657-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab FireFox: ======== FF ProfilePath: C:\Documents and Settings\bzyTek1\Dane aplikacji\Mozilla\Firefox\Profiles\uu1mskrk.default-1502393410031 [2018-02-12] FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Documents and Settings\bzyTek1\Dane aplikacji\Mozilla\Firefox\Profiles\uu1mskrk.default-1502393410031\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2017-10-18] FF Extension: (Self-Destructing Cookies) - C:\Documents and Settings\bzyTek1\Dane aplikacji\Mozilla\Firefox\Profiles\uu1mskrk.default-1502393410031\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2017-12-28] [Przestarzałe] FF Extension: (YSlow) - C:\Documents and Settings\bzyTek1\Dane aplikacji\Mozilla\Firefox\Profiles\uu1mskrk.default-1502393410031\Extensions\yslow@yahoo-inc.com.xpi [2017-08-11] [Przestarzałe] FF Extension: (SEOquake) - C:\Documents and Settings\bzyTek1\Dane aplikacji\Mozilla\Firefox\Profiles\uu1mskrk.default-1502393410031\Extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}.xpi [2018-02-01] FF Extension: (Html Validator) - C:\Documents and Settings\bzyTek1\Dane aplikacji\Mozilla\Firefox\Profiles\uu1mskrk.default-1502393410031\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2017-08-11] [Przestarzałe] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2017-01-20] [Przestarzałe] [Brak podpisu cyfrowego] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.) FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google) FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-09] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-09] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( ) FF Plugin: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files\Filmowe_kodeki\Burza\Storm Codec\Plugins\nppl3260.dll [2006-10-18] (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files\Filmowe_kodeki\Burza\Storm Codec\Plugins\nprpjplug.dll [2006-10-18] (RealNetworks, Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-842925246-1770027372-725345543-1003: @Google.com/GoogleEarthPlugin -> C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Google Earth\plugin\npgeplugin.dll [2012-04-14] (Google) StartMenuInternet: FIREFOX.EXE - C:\Program Files\Chytry-liskowy\firefox.exe Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default [2018-02-12] CHR Extension: (Tłumacz Google) - C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-29] CHR Extension: (Dokumenty) - C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-29] CHR Extension: (Dysk Google) - C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03] CHR Extension: (Validity) - C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bbicmjjbohdfglopkidebfccilipgeif [2016-08-24] CHR Extension: (YouTube) - C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-11] CHR Extension: (Google Search) - C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03] CHR Extension: (Dokumenty Google offline) - C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-18] CHR Extension: (Web Developer Checklist) - C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\iahamcpedabephpcgkeikbclmaljebjp [2017-09-02] CHR Extension: (ModHeader) - C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2017-05-05] CHR Extension: (Cache Killer) - C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jpfbieopdmepaolggioebjmedmclkbap [2017-06-24] CHR Extension: (Tag Assistant (by Google)) - C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2017-10-29] CHR Extension: (PageSpeed Insights (with PNaCl)) - C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lanlbpjbalfkflkhegagflkgcfklnbnh [2018-02-09] CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2018-02-11] CHR Extension: (YSlow) - C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ninejjcohidippngpapiilnmkgllmakh [2017-05-05] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24] CHR Extension: (Gmail) - C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-29] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-02-07] (Adobe Systems Incorporated) [Brak podpisu cyfrowego] R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2008-08-26] (Agere Systems) R2 avgfws; C:\Program Files\wirek-anty_avg\Av\avgfws.exe [1458352 2017-09-08] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files\wirek-anty_avg\Av\avgidsagent.exe [4153400 2017-09-08] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files\wirek-anty_avg\Framework\Common\avgsvcx.exe [935184 2016-12-06] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\wirek-anty_avg\Av\avgwdsvcx.exe [606352 2017-09-08] (AVG Technologies CZ, s.r.o.) R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.) R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe [447848 2009-03-10] (DisplayLink Corp.) R2 DUMeterSvc; C:\Program Files\Pomiarek-neta\DU Meter\DUMeterSvc.exe [2385304 2014-11-24] (Hagel Technologies Ltd.) [Brak podpisu cyfrowego] R2 FileZillaServer; c:\program files\werek-ser\ser-werek\filezillaftp\filezillaserver.exe [632320 2012-02-26] (FileZilla Project) [Brak podpisu cyfrowego] R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [1770784 2018-01-08] (IObit) R2 MBAMScheduler; C:\Program Files\Bitware-Malwa2\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files\Bitware-Malwa2\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [2235328 2015-05-13] (Raxco Software, Inc.) R2 PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2266560 2015-05-13] (Raxco Software, Inc.) S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1570520 2016-02-02] (Secunia) S3 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [837848 2016-02-02] (Secunia) S3 SkypeUpdate; C:\Program Files\Ko-munikatorek\Updater\Updater.exe [317400 2017-04-05] (Skype Technologies) [Brak podpisu cyfrowego] S3 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [67056 2007-03-03] (Ulead Systems, Inc.) R2 WinDefend; C:\Program Files\Fensywa_def\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AmUStor; C:\WINDOWS\System32\drivers\AmUStor.SYS [84144 2016-08-16] (Alcor Micro, Corp.) R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [134912 2016-05-13] (AVG Technologies CZ, s.r.o.) R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.) S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [247552 2017-03-23] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [207616 2016-10-05] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [244992 2016-11-30] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [197376 2017-04-11] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [47360 2016-06-01] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231680 2016-07-27] (AVG Technologies CZ, s.r.o.) R0 Avgunivx; C:\WINDOWS\System32\DRIVERS\avgunivx.sys [65280 2016-06-20] (AVG Technologies CZ, s.r.o.) S3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1952512 2010-04-06] (Broadcom Corporation) S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] () R0 d346prt; C:\WINDOWS\System32\Drivers\d346prt.sys [5248 2004-03-12] ( ) [Brak podpisu cyfrowego] R2 DefragFS; C:\WINDOWS\system32\Drivers\DefragFS.sys [104088 2012-09-11] (Raxco Software, Inc.) S3 DUMeterDrv; C:\Program Files\Pomiarek-neta\DU Meter\DUM_XP32.SYS [16872 2013-03-01] (Hagel Technologies Ltd.) [Brak podpisu cyfrowego] R3 huawei_cdcacm; C:\WINDOWS\System32\DRIVERS\ew_jucdcacm.sys [85248 2011-07-04] (Huawei Technologies Co., Ltd.) R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2016-11-01] (REALiX(tm)) R1 IMFCameraProtect; C:\WINDOWS\system32\drivers\IMFCameraProtect.sys [25120 2017-03-17] (IObit.com) R3 IMFDownProtect; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\IMFDownProtect.sys [20336 2017-03-08] (IObit.com) R3 IMFFilter; C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\IMFFilter.sys [247872 2016-12-22] (IObit) R3 IMFForceDelete; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\IMFForceDelete.sys [14168 2017-07-03] (IObit.com) R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [123264 2016-03-10] (Malwarebytes) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2018-02-12] (Malwarebytes) S3 nm; C:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-14] (Microsoft Corporation) R2 PDFSFilter; C:\WINDOWS\System32\DRIVERS\PDFsFilter.sys [69016 2012-08-23] (Raxco Software, Inc.) S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_x86.sys [16024 2016-02-02] (Secunia) R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys [31680 2016-12-22] (IObit.com) S3 Ser2pl; C:\WINDOWS\System32\DRIVERS\ser2pl.sys [43136 2009-03-12] (Prolific Technology Inc.) [Brak podpisu cyfrowego] R0 SFAUDIO; C:\WINDOWS\System32\drivers\sfaudio.sys [24064 2008-03-28] (Sonic Focus, Inc) S3 Trufos; C:\WINDOWS\System32\DRIVERS\TRUFOS.sys [408280 2016-03-31] (BitDefender S.R.L.) S3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [298752 2016-11-01] () U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [117504 2011-07-04] (Huawei Technologies Co., Ltd.) U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-02-12 20:49 - 2018-02-12 21:04 - 000022336 _____ C:\Documents and Settings\bzyTek1\Pulpit\FRST.txt 2018-02-11 20:43 - 2018-02-11 20:43 - 000000000 ____D C:\Program Files\Ghostery 2018-02-11 20:43 - 2018-02-11 20:43 - 000000000 ____D C:\Documents and Settings\bzyTek1\Dane aplikacji\GhosteryConfig 2018-02-11 20:43 - 2018-02-11 20:43 - 000000000 ____D C:\Documents and Settings\bzyTek1\Dane aplikacji\Ghostery 2018-02-11 02:03 - 2018-02-11 02:04 - 021131264 _____ C:\Documents and Settings\bzyTek1\ntuser.rhk 2018-02-11 02:03 - 2018-02-11 02:03 - 041885696 _____ C:\WINDOWS\system32\config\software.rhk 2018-02-11 02:03 - 2018-02-11 02:03 - 006111232 _____ C:\WINDOWS\system32\config\default.rhk 2018-02-11 02:03 - 2018-02-11 02:03 - 000229376 _____ C:\Documents and Settings\NetworkService\NTUSER.rhk 2018-02-11 02:03 - 2018-02-11 02:03 - 000229376 _____ C:\Documents and Settings\LocalService\NTUSER.rhk 2018-02-11 02:03 - 2018-02-11 02:03 - 000024576 _____ C:\WINDOWS\system32\config\SAM.rhk 2018-02-02 18:10 - 2018-02-02 18:10 - 000000856 _____ C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\recently-used.xbel 2018-01-18 17:08 - 2018-01-18 20:29 - 000006109 _____ C:\Documents and Settings\bzyTek1\Pulpit\avgrep.txt 2018-01-14 00:50 - 2018-01-14 00:51 - 000000262 _____ C:\Documents and Settings\bzyTek1\Pulpit\wcczytywanie.txt ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2018-02-12 21:05 - 2012-03-11 21:58 - 000000000 ____D C:\Documents and Settings\bzyTek1\Ustawienia lokalne\temp 2018-02-12 21:04 - 2010-01-02 22:42 - 000000000 ____D C:\Documents and Settings\bzyTek1\Pulpit 2018-02-12 21:03 - 2017-10-18 19:38 - 000000000 ____D C:\FRST 2018-02-12 20:53 - 2012-03-23 22:31 - 000013672 ____C C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt 2018-02-12 20:49 - 2010-04-28 12:55 - 000001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2018-02-12 20:48 - 2017-12-27 16:54 - 000000000 ____D C:\Documents and Settings\bzyTek1\Pulpit\FRST-OlderVersion 2018-02-12 20:41 - 2017-06-19 22:31 - 000000930 ____C C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2018-02-12 20:09 - 2017-08-09 20:52 - 000000000 ____D C:\Program Files\Chytry-liskowy 2018-02-12 20:07 - 2016-06-10 23:08 - 000000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\ProductData 2018-02-12 20:07 - 2015-09-10 20:55 - 000170200 ____C (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2018-02-12 20:06 - 2010-01-03 01:19 - 000000320 ____H C:\WINDOWS\Tasks\MP Scheduled Scan.job 2018-02-12 20:04 - 2010-04-28 12:55 - 000001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2018-02-12 20:03 - 2016-09-21 00:12 - 000000336 ____H C:\WINDOWS\Tasks\AVG EUpdate Task.job 2018-02-12 20:03 - 2010-01-02 22:42 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT 2018-02-12 20:02 - 2010-01-02 22:42 - 000000188 __SHC C:\Documents and Settings\bzyTek1\ntuser.ini 2018-02-12 20:02 - 2010-01-02 22:42 - 000000000 ____D C:\Documents and Settings\bzyTek1 2018-02-12 20:02 - 2010-01-02 22:41 - 000032552 ____C C:\WINDOWS\SchedLgU.Txt 2018-02-12 19:35 - 2016-08-09 18:41 - 000000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\MFAData 2018-02-12 19:24 - 2012-03-11 21:58 - 000000000 ____D C:\Documents and Settings\NetworkService\Ustawienia lokalne\temp 2018-02-12 19:05 - 2010-01-02 22:42 - 000000000 __SHD C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Historia 2018-02-12 19:04 - 2010-01-02 22:41 - 000000000 __SHD C:\Documents and Settings\NetworkService\Ustawienia lokalne\Historia 2018-02-12 19:04 - 2010-01-02 22:41 - 000000000 __SHD C:\Documents and Settings\LocalService\Ustawienia lokalne\Historia 2018-02-12 19:01 - 2016-08-07 00:15 - 000000000 __SHD C:\Documents and Settings\Administrator\Ustawienia lokalne\Historia 2018-02-12 19:01 - 2016-08-07 00:15 - 000000000 ____D C:\Documents and Settings\Administrator\Ustawienia lokalne\temp 2018-02-12 19:01 - 2010-01-02 23:27 - 000000000 __SHD C:\Documents and Settings\Default User\Ustawienia lokalne\Historia 2018-02-12 18:39 - 2017-10-18 19:37 - 001764352 _____ (Farbar) C:\Documents and Settings\bzyTek1\Pulpit\FRST.exe 2018-02-12 16:38 - 2016-12-28 16:38 - 000000522 ____C C:\WINDOWS\Tasks\Wise Registry Cleaner Schedule Task.job 2018-02-11 20:43 - 2010-01-02 22:42 - 000000000 __RHD C:\Documents and Settings\bzyTek1\Dane aplikacji 2018-02-11 02:03 - 2017-06-05 16:46 - 000057344 _____ C:\WINDOWS\system32\config\SECURITY.rhk 2018-02-11 02:03 - 2010-01-02 22:41 - 000000000 __SHD C:\Documents and Settings\NetworkService 2018-02-11 02:03 - 2010-01-02 22:41 - 000000000 __SHD C:\Documents and Settings\LocalService 2018-02-11 01:48 - 2013-03-13 12:51 - 000000000 ____D C:\Documents and Settings\bzyTek1\Dane aplikacji\Skype 2018-02-10 23:45 - 2017-10-21 00:15 - 000000992 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2018-02-10 23:45 - 2010-01-02 22:36 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-02-10 19:27 - 2004-08-04 13:00 - 000013646 ____C C:\WINDOWS\system32\wpa.dbl 2018-02-09 16:49 - 2010-01-02 22:42 - 000000000 ___HD C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji 2018-02-08 16:07 - 2017-12-28 16:19 - 000000000 ____D C:\Documents and Settings\bzyTek1\Pulpit\strzelecki rang en 2018-02-07 22:00 - 2017-06-22 10:23 - 000000300 _____ C:\WINDOWS\Tasks\IMF_AutoScan.job 2018-02-07 02:41 - 2012-04-30 08:31 - 000803328 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2018-02-07 02:41 - 2011-05-24 06:41 - 000144896 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2018-02-02 18:45 - 2010-09-03 07:27 - 000009020 ____C C:\Documents and Settings\bzyTek1\Pulpit\keYse i paswordy do noda.txt 2018-02-02 18:10 - 2015-01-06 14:47 - 000000000 ____D C:\Documents and Settings\bzyTek1\.gimp-2.8 2018-02-01 01:36 - 2017-02-27 21:22 - 000000000 ____D C:\AdwCleaner 2018-01-23 18:44 - 2010-01-03 01:28 - 000000044 ____C C:\WINDOWS\SMWizard.INI 2018-01-21 18:21 - 2016-03-11 22:52 - 000000000 ____D C:\Documents and Settings\bzyTek1\Pulpit\Nowe FRIKO 2018-01-20 03:12 - 2010-02-20 12:06 - 000000116 ____C C:\WINDOWS\NeroDigital.ini 2018-01-20 03:10 - 2017-02-05 22:21 - 000000000 ____D C:\Documents and Settings\bzyTek1\Dane aplikacji\FileZilla 2018-01-18 22:56 - 2011-08-16 12:07 - 000000000 ____D C:\Documents and Settings\bzyTek1\Pulpit\ko-min 2018-01-18 20:46 - 2010-01-02 23:28 - 001254796 ____C C:\WINDOWS\system32\PerfStringBackup.INI 2018-01-18 20:46 - 2004-08-04 13:00 - 000555058 ____C C:\WINDOWS\system32\perfh015.dat 2018-01-18 20:46 - 2004-08-04 13:00 - 000104830 ____C C:\WINDOWS\system32\perfc015.dat 2018-01-18 16:51 - 2014-09-16 10:02 - 003194270 ____C C:\WINDOWS\ntbtlog.txt 2018-01-18 16:19 - 2014-03-05 08:42 - 000000000 ____D C:\Documents and Settings\bzyTek1\Pulpit\szab-lon2 2018-01-14 12:12 - 2015-05-04 22:57 - 000000000 ____D C:\Documents and Settings\bzyTek1\Pulpit\położenia diva 2018-01-14 12:12 - 2013-12-26 01:15 - 000000000 ____D C:\Documents and Settings\bzyTek1\Pulpit\dobre-strony3kolumny 2018-01-13 16:17 - 2017-12-01 22:15 - 000000000 ____D C:\Documents and Settings\bzyTek1\Pulpit\wyszukiwarkana stronę ==================== Pliki w katalogu głównym wybranych folderów ======= 2012-01-26 12:54 - 2012-01-26 12:54 - 000000037 __SHC () C:\Documents and Settings\bzyTek1\Dane aplikacji\3383130714d37bd0a5e1c67.49796809 2010-01-13 12:22 - 2010-01-13 12:22 - 000000114 ____C () C:\Documents and Settings\bzyTek1\Dane aplikacji\default.pwcfg 2010-01-13 12:22 - 2010-01-13 12:22 - 000000034 ____C () C:\Documents and Settings\bzyTek1\Dane aplikacji\pwcpsw.dat 2017-03-22 21:56 - 2017-12-21 23:09 - 000000600 ____C () C:\Documents and Settings\bzyTek1\Dane aplikacji\winscp.rnd 2010-01-08 23:22 - 2017-11-24 16:37 - 000050688 ____C () C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-02-02 18:10 - 2018-02-02 18:10 - 000000856 _____ () C:\Documents and Settings\bzyTek1\Ustawienia lokalne\Dane aplikacji\recently-used.xbel ==================== Bamital & volsnap ====================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo ==================== Koniec FRST.txt ============================