Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:15-10-2015 Uruchomiony przez SYSTEM MININT-Q75DMRC (15-10-2015 22:09:40) Uruchomiony z F:\ Platform: Windows 7 Ultimate (X86) Język: Polski (Polska) Internet Explorer Wersja 9 Tryb startu: Recovery Domyślne: ControlSet002 [b]UWAGA!:=====> Jeśli system uruchamia się, FRST należy uruchomić z poziomu Trybu awaryjnego lub normalnego w celu utworzenia kompletnego raportu.[/b] Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483420 2009-01-20] (IDT, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-07-24] (Synaptics, Inc.) HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated) HKLM\...\Run: [AudioSetup] => C:\Program Files\IDT\setup.exe [117200 2004-07-15] (InstallShield Software Corporation) HKLM\...\Run: [CLMLServer for HP TouchSmart] => C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-12-25] (CyberLink) HKLM\...\Run: [CtaMon] => Rundll32 CtaMon.dll,RunMonitor HKLM\...\Run: [DVDAgent] => C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2008-11-28] (CyberLink Corp.) HKLM\...\Run: [FlashGet] => C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe [1795656 2008-08-19] (FLASHGET) HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard) HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [180224 2010-04-12] (PowerISO Computing, Inc.) HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [206128 2008-10-10] ( Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [548864 2009-02-04] () HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224 2008-11-18] (Hewlett-Packard) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.) HKLM\...\Run: [TSMAgent] => C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1316136 2008-12-25] (CyberLink Corp.) HKLM\...\Run: [TVAgent] => C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe [206120 2009-05-08] (CyberLink Corp.) HKLM\...\Run: [UCam_Menu] => C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2008-11-14] (CyberLink Corp.) HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.) HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink Corp.) HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.) HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-11-26] (CyberLink Corp.) HKLM\...\Run: [VolPanel] => C:\Program Files\Creative\SB Arena Surround Headset\Volume Panel\VolPanlu.exe [241789 2009-05-04] (Creative Technology Ltd) HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [37888 2009-07-01] () HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [432432 2008-12-08] (Hewlett-Packard) HKLM\...\Run: [SpeedTouch USB Diagnostics] => C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe [866816 2004-01-26] (THOMSON Telecom Belgium) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [ControlCenter4] => C:\Program Files\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.) HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) HKLM\...\Run: [BrHelp] => C:\Program Files\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) HKU\Marcin\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation) HKU\Marcin\...\Run: [FlashGet] => C:\Program Files\FlashGet Network\FlashGet universal\flashget.exe [1795656 2008-08-19] (FLASHGET) HKU\Marcin\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company) HKU\Marcin\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-12] (Google Inc.) HKU\Marcin\...\Run: [mssend] => C:\Users\Marcin\AppData\Roaming\xo321r1hfb3fmmgmvc1piatg2dnyladv2\svcnost.exe [107008 2011-06-23] () HKU\Marcin\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [136136 2007-09-06] (DT Soft Ltd.) HKU\Marcin\...\Run: [tmpD0A8] => wscript.exe //B "C:\Users\Marcin\AppData\Roaming\tmpD0A8.tmp.update.vbs" HKU\Marcin\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000 HKU\Marcin\Control Panel\Desktop\\SCRNSAVE.EXE -> Lsa: [Notification Packages] scecli DPPWDFLT Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7192af16c8.dat [2011-03-08] () Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dxdiag.exe [2011-03-08] (Matisse) Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpD0A8.tmp.update.vbs [2015-09-04] () Startup: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk [2010-12-08] ShortcutTarget: Xfire.lnk -> C:\Program Files\Xfire\Xfire.exe (Xfire Inc.) ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) S2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [227232 2010-01-15] (McAfee, Inc.) S2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-12-17] () S2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] () S3 Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [127656 2009-03-24] (Samsung Electronics CO., LTD.) S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_55dec32c4954532c\STacSV.exe [249938 2009-01-20] (IDT, Inc.) S2 TVCapSvc; C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2008-11-26] () S2 TVSched; C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096 2008-11-26] () S3 usnjsvc; C:\Program Files\MSN Messenger\usnsvc.exe [97136 2007-01-19] (Microsoft Corporation) S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 alcan5wn; C:\Windows\System32\DRIVERS\alcan5wn.sys [53600 2003-12-08] (THOMSON) S3 alcaudsl; C:\Windows\System32\DRIVERS\alcaudsl.sys [70688 2003-12-08] (THOMSON) S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [271360 2010-12-08] () S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [18048 2010-12-08] () S0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-11-26] (Duplex Secure Ltd.) S2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl [87536 2008-11-28] (CyberLink Corp.) S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X] S3 PCAMPR4; \??\C:\Windows\system32\PCAMPR4.SYS [X] S3 PCANDIS4; \??\C:\Windows\system32\PCANDIS4.SYS [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation) ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-10-15 19:13 - 2015-10-15 19:14 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0 2015-10-15 17:57 - 2015-10-15 22:09 - 00000000 ____D C:\FRST 2015-10-05 02:02 - 2015-10-05 02:02 - 00000000 ____D C:\Windows\System32\SPReview 2015-10-02 02:20 - 2015-10-02 02:20 - 00000000 ____D C:\Program Files\Common Files\Skype 2015-10-02 02:20 - 2015-10-02 02:20 - 00000000 ____D C:\d1d0b0d062ed0a2aa11a 2015-09-20 21:39 - 2015-10-11 18:48 - 00000000 ____D C:\Users\Marcin\Desktop\Nowy folder (3) 2015-09-20 18:43 - 2015-09-20 18:57 - 00000000 ____D C:\Users\Marcin\Desktop\Nowy folder 2015-09-20 18:31 - 2015-09-21 21:21 - 00000000 ____D C:\Users\Marcin\Desktop\klasa 2 2015-09-20 18:31 - 2015-09-20 18:32 - 00000000 ____D C:\Users\Marcin\Desktop\klasa 1 2015-09-20 18:26 - 2015-09-28 09:33 - 00000000 ____D C:\Users\Marcin\Desktop\klsa 3 ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-10-15 21:16 - 2010-11-02 19:39 - 00000000 ____D C:\Temp 2015-10-15 13:24 - 2010-10-28 16:55 - 00000435 _____ C:\Windows\System32\Drivers\etc\hosts.ics 2015-10-15 13:22 - 2009-07-14 05:39 - 00000000 _____ C:\Windows\setupact.log 2015-10-15 12:48 - 2010-12-07 20:38 - 00009936 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-10-15 12:48 - 2010-12-07 20:38 - 00009936 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-10-15 11:49 - 2010-12-07 21:43 - 02094383 _____ C:\Windows\WindowsUpdate.log 2015-10-15 11:46 - 2010-10-28 12:12 - 00000000 ____D C:\Users\Marcin\AppData\Roaming\BITS 2015-10-15 10:29 - 2010-12-07 21:56 - 03880034 _____ C:\Windows\System32\PerfStringBackup.INI 2015-10-15 10:29 - 2009-09-04 06:55 - 00675958 _____ C:\Windows\System32\perfh019.dat 2015-10-15 10:29 - 2009-09-04 06:55 - 00132516 _____ C:\Windows\System32\perfc019.dat 2015-10-15 10:29 - 2009-09-04 06:44 - 00697912 _____ C:\Windows\System32\perfh015.dat 2015-10-15 10:29 - 2009-09-04 06:44 - 00134990 _____ C:\Windows\System32\perfc015.dat 2015-10-13 21:47 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET 2015-10-13 12:00 - 2015-08-29 16:39 - 00000000 ____D C:\Users\Marcin\Desktop\wet 2015-10-13 11:58 - 2015-09-08 17:29 - 00007887 _____ C:\Windows\BRRBCOM.INI 2015-10-08 20:24 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\NDF 2015-10-05 12:34 - 2010-12-07 21:19 - 00025268 _____ C:\Windows\PFRO.log 2015-10-05 08:17 - 2009-07-14 05:33 - 00436280 _____ C:\Windows\System32\FNTCACHE.DAT 2015-10-05 08:11 - 2009-07-14 08:50 - 00000000 ____D C:\Program Files\Windows Journal 2015-10-05 08:11 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\Windows Sidebar 2015-10-05 08:11 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\Windows Portable Devices 2015-10-05 08:11 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2015-10-05 08:11 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\Windows Defender 2015-10-05 08:11 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\DVD Maker 2015-10-05 08:11 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\System 2015-10-05 08:10 - 2009-09-04 06:34 - 00000000 ____D C:\Windows\System32\hu 2015-10-05 08:10 - 2009-09-04 06:25 - 00000000 ____D C:\Windows\System32\cs 2015-10-05 08:10 - 2009-07-14 08:49 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents 2015-10-05 08:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\ru-RU 2015-10-05 08:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\hu-HU 2015-10-05 08:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\AdvancedInstallers 2015-10-05 08:09 - 2009-09-04 06:55 - 00000000 ____D C:\Windows\System32\Drivers\ru-RU 2015-10-05 08:09 - 2009-09-04 06:44 - 00000000 ____D C:\Windows\System32\Drivers\pl-PL 2015-10-05 08:09 - 2009-09-04 06:34 - 00000000 ____D C:\Windows\System32\Drivers\hu-HU 2015-10-05 08:09 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\pl-PL 2015-10-05 02:18 - 2009-07-14 03:05 - 00152576 _____ (Microsoft Corporation) C:\Windows\System32\msclmd.dll 2015-10-04 19:00 - 2009-12-07 12:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-10-04 18:49 - 2009-09-10 16:46 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-10-02 13:39 - 2010-12-07 22:01 - 00116688 _____ C:\Users\Marcin\AppData\Local\GDIPFONTCACHEV1.DAT 2015-10-02 12:47 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-10-02 12:14 - 2006-11-02 11:23 - 00000219 _____ C:\Windows\win.ini 2015-10-02 02:20 - 2009-09-10 21:08 - 00002687 _____ C:\Users\Public\Desktop\Skype.lnk 2015-10-02 02:20 - 2009-09-10 21:08 - 00000000 ___RD C:\Program Files\Skype 2015-10-02 02:20 - 2009-09-10 21:08 - 00000000 ____D C:\ProgramData\Skype 2015-10-02 02:17 - 2009-09-10 16:47 - 00000000 ____D C:\Program Files\Microsoft Works 2015-09-23 23:48 - 2010-11-15 18:27 - 00000000 ____D C:\Users\Marcin\AppData\Local\Google 2015-09-20 18:40 - 2013-02-03 15:11 - 00000000 ____D C:\Users\Marcin\Desktop\kgj Niektóre pliki w TEMP: ==================== C:\Users\Marcin\AppData\Local\Temp\0.8285825608499233.exe C:\Users\Marcin\AppData\Local\Temp\AutoRun.exe C:\Users\Marcin\AppData\Local\Temp\AutoRunGUI.dll C:\Users\Marcin\AppData\Local\Temp\contentDATs.exe C:\Users\Marcin\AppData\Local\Temp\DataCard_Setup.exe C:\Users\Marcin\AppData\Local\Temp\drm_dialogs.dll C:\Users\Marcin\AppData\Local\Temp\drm_dyndata_7380012.dll C:\Users\Marcin\AppData\Local\Temp\drm_dyndata_7390006.dll C:\Users\Marcin\AppData\Local\Temp\EAInstall.dll C:\Users\Marcin\AppData\Local\Temp\FlashPlayerUpdate.exe C:\Users\Marcin\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe C:\Users\Marcin\AppData\Local\Temp\SIntf16.dll C:\Users\Marcin\AppData\Local\Temp\SIntf32.dll C:\Users\Marcin\AppData\Local\Temp\SIntfNT.dll C:\Users\Marcin\AppData\Local\Temp\t.dll C:\Users\Marcin\AppData\Local\Temp\Update.exe C:\Users\Marcin\AppData\Local\Temp\_iq94rsr.dll C:\Users\Marcin\AppData\Local\Temp\_isAAEE.exe ==================== Known DLLs (filtrowane) ========================= ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\explorer.exe => MD5 jest poprawne C:\Windows\System32\winlogon.exe => MD5 jest poprawne C:\Windows\System32\wininit.exe => MD5 jest poprawne C:\Windows\System32\svchost.exe => MD5 jest poprawne C:\Windows\System32\services.exe => MD5 jest poprawne C:\Windows\System32\User32.dll => MD5 jest poprawne C:\Windows\System32\userinit.exe => MD5 jest poprawne C:\Windows\System32\rpcss.dll => MD5 jest poprawne C:\Windows\System32\dnsapi.dll => MD5 jest poprawne C:\Windows\System32\Drivers\volsnap.sys => MD5 jest poprawne ==================== Punkty Przywracania systemu ========================= ==================== Statystyki pamięci =========================== Procent pamięci w użyciu: 13% Całkowita pamięć fizyczna: 4063.19 MB Dostępna pamięć fizyczna: 3511.39 MB Całkowita pamięć wirtualna: 4061.47 MB Dostępna pamięć wirtualna: 3520.39 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:287.2 GB) (Free:37.98 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: (RECOVERY) (Fixed) (Total:10.89 GB) (Free:2.74 GB) NTFS Drive e: (Win7pl-w-code5-patch) (CDROM) (Total:3.41 GB) (Free:0 GB) UDF Drive f: (Restore) (Removable) (Total:14.45 GB) (Free:5.84 GB) NTFS Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: C47511FF) Partition 1: (Active) - (Size=287.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=10.9 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 14.5 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=14.5 GB) - (Type=07 NTFS) LastRegBack: 2010-12-07 20:34 ==================== Koniec FRST.txt ============================