Anonim / 2 lata temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:07-11-2015
Uruchomiony przez admin (administrator)  SYLWIA-PC (12-11-2015 22:04:23)
Uruchomiony z C:\Users\sylwia\Desktop
Załadowane profile: sylwia & admin (Dostępne profile: sylwia & admin)
Platform: Microsoft® Windows Vista Home Basic  Service Pack 1 (X86) Język: Polski (Polska)
Internet Explorer Wersja 7 (Domyślna przeglądarka: Chrome)
Tryb startu: Normal
Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesy (filtrowane) =================

(Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
(Rocket Division Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Fujitsu Siemens Computers) C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Inventec Corp.) C:\Program Files\FSC\Wireless Utility\Wireless Selector.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Sony Ericsson Mobile Communications AB) C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
(Octoshape ApS) C:\Users\sylwia\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaUI.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Rejestr (filtrowane) ===========================

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1353000 2008-10-17] (Synaptics, Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [Wireless_Selector] => C:\Program Files\FSC\Wireless Utility\Wireless Selector.exe [327680 2008-09-30] (Inventec Corp.)
HKLM\...\Run: [Touchpad_Hotkey] => C:\Program Files\FSC\Wireless Utility\Touchpad Hotkey.exe
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6265376 2008-08-12] (Realtek Semiconductor)
HKLM\...\Run: [ChomikBox] => "C:\Program Files\ChomikBox\ChomikBox.exe" /startup
HKLM\...\Run: [WinampAgent] => "C:\Program Files\Winamp\winampa.exe"
HKLM\...\Run: [QuickTime Task] => D:\QTTask.exe [421888 2010-09-08] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-22] (AVAST Software)
HKLM\...\RunOnce: [*EmptyTemp] => cmd /c rd /q/s C:\FRST\Temp
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\Run: [Sony Ericsson PC Suite] => C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [393216 2008-07-02] (Sony Ericsson Mobile Communications AB)
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-06-11] (Google Inc.)
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\Run: [Gadu-Gadu 10] => "C:\Program Files\Gadu-Gadu 10\gg.exe"
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\Run: [ChomikBox] => C:\Program Files\ChomikBox\chomikbox.exe
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\Run: [Octoshape Streaming Services] => C:\Users\sylwia\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\MountPoints2: {0bd4c44f-25a8-11e1-91b0-001e330d75c4} - E:\Startme.exe
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\MountPoints2: {1855e654-a53f-11e3-9267-001e330d75c4} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL weAXa.eXE
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\MountPoints2: {31e98d54-8a15-11df-b208-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE      .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\MountPoints2: {7f7f9fcb-dee6-11e1-856a-001e330d75c4} - E:\autorun.exe
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\MountPoints2: {7f7f9fd8-dee6-11e1-856a-001e330d75c4} - E:\autorun.exe
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\MountPoints2: {8dc34c72-4dc5-11de-9d0f-001e330d75c4} - .\Recycled\Driveinfo.exe
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\MountPoints2: {97ea5fc4-8746-11df-b597-001e330d75c4} - E:\AutoRun.exe
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\MountPoints2: {97ea5fd1-8746-11df-b597-001e330d75c4} - E:\AutoRun.exe
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\MountPoints2: {a0e23108-4882-11de-9457-001e330d75c4} - G:\.\Recycled\Driveinfo.exe
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\MountPoints2: {a5d56497-1634-11df-a734-001e330d75c4} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL explore.exe
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\MountPoints2: {aec0ec8f-4817-11de-9f7c-806e6f6e6963} - F:\medigraf.exe SVIEWB
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\MountPoints2: {b18d6051-47d5-11de-9d6c-001e330d75c4} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Recycled\ctfmon.exe
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\...\MountPoints2: {f57a7038-9ac8-11de-b0e1-001e330d75c4} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Recycled\ctfmon.exe
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [220672 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-4077180991-1558426659-2368772770-1001\...\Run: [Sony Ericsson PC Suite] => C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [393216 2008-07-02] (Sony Ericsson Mobile Communications AB)
HKU\S-1-5-21-4077180991-1558426659-2368772770-1001\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-4077180991-1558426659-2368772770-1001\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-06-11] (Google Inc.)
HKU\S-1-5-21-4077180991-1558426659-2368772770-1001\...\Run: [ChomikBox] => C:\Program Files\ChomikBox\chomikbox.exe
HKU\S-1-5-21-4077180991-1558426659-2368772770-1001\...\Run: [ALLUpdate] => C:\Program Files\ALLPlayer\ALLUpdate.exe [1379840 2011-08-16] ()
HKU\S-1-5-21-4077180991-1558426659-2368772770-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [879616 2008-01-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2014-10-02] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2011-08-02]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2012-08-13]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA

==================== Internet (filtrowane) ====================

(Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.)

Tcpip\Parameters: [DhcpNameServer] 158.75.88.5
Tcpip\..\Interfaces\{8143035A-7839-40E7-BCF0-DB949DA75448}: [DhcpNameServer] 158.75.88.5
Tcpip\..\Interfaces\{F63440E6-0A01-4C60-AC16-7149BB606BAD}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.fujitsu-siemens.com/index2
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-4077180991-1558426659-2368772770-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.fujitsu-siemens.com/index2
HKU\S-1-5-21-4077180991-1558426659-2368772770-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.fujitsu-siemens.com/index2
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24] (Google Inc.)
Toolbar: HKU\S-1-5-21-4077180991-1558426659-2368772770-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24] (Google Inc.)
Toolbar: HKU\S-1-5-21-4077180991-1558426659-2368772770-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\2zllrerm.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll [2015-01-04] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-03-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-07-28] (Pando Networks)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Users\admin\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4077180991-1558426659-2368772770-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\sylwia\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-4077180991-1558426659-2368772770-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-07-28] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npImagine.dll [2002-09-16] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-27] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2009-10-09] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2010-11-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2010-11-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2010-11-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2010-11-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2010-11-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2010-11-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2010-11-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2009-10-09] (RealNetworks, Inc.)
FF Extension: Iplex to ALLPlayer - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\2zllrerm.default\Extensions\IplextoALL@ALLPlayer.org.xpi [2012-08-21] [Brak podpisu cyfrowego]
FF HKLM\...\Firefox\Extensions: [{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}] - C:\Program Files\Media Access Startup\2.0.0.1050\FF => nie znaleziono
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-02] [Brak podpisu cyfrowego]
FF Extension: Brak nazwy - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\2zllrerm.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} [nie znaleziono]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-02]

==================== Usługi (filtrowane) ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-02] (AVAST Software)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Brak podpisu cyfrowego]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2009-08-14] ()
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [375872 2011-03-31] (Ralink Technology, Corp.)
S3 RaMediaServer; C:\Program Files\Ralink\Common\RaMediaServer.exe [621632 2011-03-04] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [Brak podpisu cyfrowego]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego]
R2 TestHandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [341264 2008-12-18] (Fujitsu Siemens Computers)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

===================== Sterowniki (filtrowane) ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

S3 a016bus; C:\Windows\System32\DRIVERS\a016bus.sys [83880 2008-01-18] (MCCI Corporation)
S3 a016mdfl; C:\Windows\System32\DRIVERS\a016mdfl.sys [15016 2008-01-18] (MCCI Corporation)
S3 a016mdm; C:\Windows\System32\DRIVERS\a016mdm.sys [110504 2008-01-18] (MCCI Corporation)
S3 a016mgmt; C:\Windows\System32\DRIVERS\a016mgmt.sys [104488 2008-01-18] (MCCI Corporation)
S3 a016obex; C:\Windows\System32\DRIVERS\a016obex.sys [100648 2008-01-18] (MCCI Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-10-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-10-02] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-10-02] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-10-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-11-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-10-22] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-10-02] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-10-02] ()
R3 FSCSLII; C:\Windows\System32\DRIVERS\FSCSLII.sys [16384 2008-07-16] (Inventec Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1128512 2011-04-25] (Ralink Technology Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2010-02-03] () [Brak podpisu cyfrowego]
U3 anz6rhwu; C:\Windows\system32\Drivers\anz6rhwu.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)


==================== Jeden miesiąc - utworzone pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2015-11-12 22:04 - 2015-11-12 22:04 - 00019930 _____ C:\Users\sylwia\Desktop\FRST.txt
2015-11-12 17:23 - 2015-11-12 17:23 - 01712128 _____ C:\Users\sylwia\Desktop\adwcleaner_5.019.exe
2015-11-12 14:53 - 2015-11-12 22:04 - 00000000 ____D C:\FRST
2015-11-12 14:53 - 2015-11-12 14:53 - 01702400 _____ (Farbar) C:\Users\sylwia\Desktop\FRST.exe
2015-11-12 13:15 - 2015-11-12 13:34 - 00000000 ____D C:\Program Files\VideoRotator
2015-11-12 13:14 - 2015-11-12 13:14 - 10472232 _____ (hxxp://www.VideoRotator.com ) C:\Users\sylwia\Downloads\videorotator.exe
2015-11-12 12:25 - 2015-11-12 12:28 - 00000000 ____D C:\Users\sylwia\Desktop\sushi
2015-11-08 14:20 - 2015-11-10 21:14 - 00000000 ____D C:\Users\sylwia\Desktop\jp
2015-11-07 14:04 - 2015-11-07 14:04 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-11-07 14:04 - 2015-11-07 14:04 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2015-11-07 13:51 - 2015-11-07 13:51 - 00001124 _____ C:\Users\Public\Desktop\Mass Effect 2 Config.lnk
2015-11-07 13:51 - 2015-11-07 13:51 - 00001094 _____ C:\Users\Public\Desktop\Mass Effect 2.lnk
2015-11-07 13:51 - 2015-11-07 13:51 - 00001007 _____ C:\Users\Public\Desktop\Mass Effect 2 Launcher.lnk
2015-11-07 13:51 - 2015-11-07 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Games
2015-11-07 13:17 - 2015-11-07 13:17 - 00000000 ____D C:\Program Files\R.G. Games
2015-11-07 12:58 - 2015-11-07 13:12 - 00000000 ____D C:\Users\sylwia\Downloads\Mass Effect 2 [R.G. Games]
2015-11-04 23:34 - 2015-11-04 23:34 - 00361824 _____ (NVIDIA Corporation) C:\Windows\system32\PhysXCooking.dll
2015-11-04 23:17 - 2011-12-28 09:27 - 00430592 _____ (Umbra Software Ltd.) C:\Windows\system32\umbra32.dll
2015-11-04 23:16 - 2012-02-13 09:25 - 00174080 _____ (RAD Game Tools, Inc.) C:\Windows\system32\binkw32.dll
2015-11-04 22:53 - 2015-11-04 23:40 - 00019828 _____ C:\Users\admin\Documents\Uninstall Dragon Age 2.log
2015-11-04 22:40 - 2015-11-04 22:40 - 00000000 ____D C:\Users\sylwia\Desktop\Nowy folder
2015-11-04 22:29 - 2015-11-04 22:29 - 00000000 ____D C:\ProgramData\EA Core
2015-11-04 22:20 - 2015-11-04 22:21 - 00003962 _____ C:\Users\admin\Documents\Dragon Age 2 1.04.log
2015-11-04 22:01 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-11-04 22:01 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-11-04 22:01 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-11-04 22:01 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-11-04 22:01 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-11-04 22:01 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-11-04 22:01 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-11-04 22:01 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-11-04 22:01 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-11-04 22:01 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-11-04 22:01 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-11-04 22:01 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-11-04 22:01 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-11-04 22:01 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-11-04 22:01 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-11-04 22:01 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-11-04 22:01 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-11-04 22:01 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-11-04 22:01 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-11-04 22:01 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-11-04 22:01 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-11-04 22:01 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-11-04 22:01 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-11-04 22:01 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-11-04 22:01 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-11-04 22:01 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-11-04 22:01 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-11-04 22:01 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-11-04 22:01 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-11-04 22:01 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-11-04 22:01 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-11-04 22:01 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-11-04 22:01 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-11-04 21:51 - 2015-11-04 23:40 - 00000000 ____D C:\Program Files\Common Files\BioWare
2015-11-04 21:49 - 2015-11-04 23:04 - 00046246 _____ C:\Users\admin\Documents\Install Dragon Age 2.log
2015-11-04 21:14 - 2011-01-11 09:30 - 00008196 _____ C:\Users\sylwia\Downloads\.DS_Store

==================== Jeden miesiąc - zmodyfikowane pliki i foldery ========

(Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.)

2015-11-12 22:05 - 2009-05-24 13:19 - 00000420 ____H C:\Windows\Tasks\User_Feed_Synchronization-{347822A7-0637-46BB-A22A-B1B7072FB822}.job
2015-11-12 22:02 - 2015-03-17 17:12 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-11-12 22:02 - 2010-06-11 19:31 - 00001032 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-12 22:01 - 2009-06-03 04:32 - 00095734 _____ C:\ProgramData\nvModes.001
2015-11-12 22:01 - 2008-01-21 04:02 - 00303168 _____ C:\Windows\PFRO.log
2015-11-12 22:01 - 2006-11-02 13:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-12 22:01 - 2006-11-02 13:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-12 22:01 - 2006-11-02 13:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-12 22:00 - 2009-05-24 05:08 - 01764540 _____ C:\Windows\WindowsUpdate.log
2015-11-12 22:00 - 2006-11-02 13:58 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-12 21:54 - 2013-05-18 21:51 - 00000132 _____ C:\Users\sylwia\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe
2015-11-12 21:45 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-11-12 21:36 - 2010-06-11 19:31 - 00001036 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-12 17:42 - 2015-06-04 22:39 - 00001943 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-12 17:30 - 2010-09-20 21:39 - 00000404 _____ C:\Windows\BRWMARK.INI
2015-11-12 17:30 - 2010-09-20 21:39 - 00000027 _____ C:\Windows\BRPP2KA.INI
2015-11-12 15:29 - 2008-04-14 16:27 - 00662056 _____ C:\Windows\system32\perfh015.dat
2015-11-12 15:29 - 2008-04-14 16:27 - 00126908 _____ C:\Windows\system32\perfc015.dat
2015-11-12 15:29 - 2006-11-02 11:33 - 01468980 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-12 13:04 - 2011-08-05 19:04 - 00000000 ____D C:\Users\sylwia\AppData\Roaming\vlc
2015-11-08 01:08 - 2013-10-27 11:37 - 00000000 ____D C:\Users\sylwia\AppData\Roaming\Azureus
2015-11-07 21:00 - 2009-05-23 21:15 - 00248832 _____ C:\Users\sylwia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-07 20:55 - 2009-06-03 04:31 - 00095734 _____ C:\ProgramData\nvModes.dat
2015-11-07 13:51 - 2015-06-10 21:29 - 00000000 ____D C:\Users\sylwia\Documents\BioWare
2015-10-27 01:37 - 2010-01-24 20:54 - 00000680 _____ C:\Users\sylwia\AppData\Local\d3d9caps.dat
2015-10-15 11:14 - 2010-11-23 18:09 - 00000000 ____D C:\Users\sylwia\dwhelper

==================== Pliki w katalogu głównym wybranych folderów =======

2009-12-06 17:07 - 2014-08-03 22:36 - 0015872 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-06-03 04:32 - 2015-11-12 22:01 - 0095734 _____ () C:\ProgramData\nvModes.001
2009-06-03 04:31 - 2015-11-07 20:55 - 0095734 _____ () C:\ProgramData\nvModes.dat

==================== Bamital & volsnap =================

(Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)

C:\Windows\explorer.exe => Plik podpisany cyfrowo
C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo
C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo
C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo
C:\Windows\system32\services.exe => Plik podpisany cyfrowo
C:\Windows\system32\User32.dll => Plik podpisany cyfrowo
C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo
C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo
C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo
C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo


LastRegBack: 2015-11-12 17:36

==================== Koniec  FRST.txt ============================