Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja:07-02-2016 Uruchomiony przez Kasia Rymarska (administrator) KASIA (16-02-2016 00:02:48) Uruchomiony z C:\Documents and Settings\Kasia Rymarska\Moje dokumenty\Pobrane Załadowane profile: Kasia Rymarska (Dostępne profile: Kasia Rymarska) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) Język: Polski Internet Explorer Wersja 7 (Domyślna przeglądarka: FF) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe (Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe () C:\Program Files\WLAN_Software\ZD1211B\ZDWLan.EXE () C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe (Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Skillbrains) C:\Program Files\Skillbrains\lightshot\5.3.0.0\Lightshot.exe (Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Logitech Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Logitech Inc.) C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Farbar) C:\Documents and Settings\Kasia Rymarska\Moje dokumenty\Pobrane\FRST(1).exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16855552 2007-10-25] (Realtek Semiconductor Corp.) HKLM\...\Run: [SkyTel] => C:\WINDOWS\SkyTel.EXE [1826816 2007-10-11] (Realtek Semiconductor Corp.) HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG) HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.) HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [30248 2007-01-29] (Nuance Communications, Inc.) HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46632 2007-01-29] (Nuance Communications, Inc.) HKLM\...\Run: [PPort11reminder] => "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [663552 2007-03-12] (Brother Industries, Ltd.) HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [65536 2007-01-26] (Brother Industries, Ltd.) HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [249856 2005-08-11] (Macrovision Corporation) HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation) HKLM\...\Run: [ZDWLan_Utility] => C:\Program Files\WLAN_Software\ZD1211B\ZDWLan.EXE [487424 2007-11-12] () HKLM\...\Run: [AutoEJCD_0ACE20FF] => C:\Program Files\AutoInstall\ZD1211B_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE [40960 2012-07-24] () HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.) HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2012-10-25] (Apple Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [7021880 2015-12-12] (AVAST Software) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [Logitech Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [56080 2007-04-11] (Logitech Inc.) HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.) HKLM\...\Run: [Lightshot] => C:\Program Files\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] () HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation) HKU\S-1-5-21-2052111302-790525478-725345543-1004\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-06-01] (Nero AG) HKU\S-1-5-21-2052111302-790525478-725345543-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50615936 2016-01-18] (Skype Technologies S.A.) HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434080 2011-07-27] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2015-12-12] (AVAST Software) Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Logitech SetPoint.lnk [2014-10-12] ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.) Startup: C:\Documents and Settings\Kasia Rymarska\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk [2008-06-20] ShortcutTarget: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62 Tcpip\..\Interfaces\{B8055A58-EB20-48A2-B445-54DF4D6106DE}: [DhcpNameServer] 62.179.1.63 62.179.1.62 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-12-21] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-12-12] (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-12-21] (Oracle Corporation) DPF: {33564D57-0000-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\system32\Msdxm6.ocx [2000-04-21] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Documents and Settings\Kasia Rymarska\Dane aplikacji\Mozilla\Firefox\Profiles\iz6yvpd4.default-1450173171343 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-02-04] () FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2010-09-01] (Google) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2009-01-05] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-12-21] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-12-21] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [Brak pliku] FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-06] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-06] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.) FF Extension: FireFTP - C:\Documents and Settings\Kasia Rymarska\Dane aplikacji\Mozilla\Firefox\Profiles\iz6yvpd4.default-1450173171343\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-12-16] FF Extension: Adblock Plus - C:\Documents and Settings\Kasia Rymarska\Dane aplikacji\Mozilla\Firefox\Profiles\iz6yvpd4.default-1450173171343\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2015-12-12] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-12-23] [Brak podpisu cyfrowego] Chrome: ======= CHR Profile: C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default CHR Extension: (Avast Online Security) - C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-17] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-17] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-12-12] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [226440 2015-12-12] (AVAST Software) R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.) S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-19] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-19] (Dropbox, Inc.) S4 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-29] (Digital Wave Ltd.) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Brak podpisu cyfrowego] R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2015-12-21] (Oracle Corporation) S3 MSSQL$SONY_MEDIAMGR2; c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-12-12] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [20624 2012-10-30] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [81168 2015-12-18] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-12-12] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-12-12] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [812208 2016-01-20] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [449384 2016-01-20] (AVAST Software) R3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [165104 2015-12-12] (AVAST Software) S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [58016 2015-12-12] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [209432 2015-12-12] (AVAST Software) R3 AtcL001; C:\WINDOWS\System32\DRIVERS\l151x86.sys [37888 2009-08-20] (Atheros Communications, Inc.) [Brak podpisu cyfrowego] R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [278984 2012-07-14] () S3 BRGSp50; C:\WINDOWS\System32\Drivers\BRGSp50.sys [20608 2012-07-24] (Printing Communications Assoc., Inc. (PCAUSA)) [Brak podpisu cyfrowego] R3 BrScnUsb; C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2008-11-11] () [Brak podpisu cyfrowego] R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] () S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) R3 ZD1211BU(Atheros); C:\WINDOWS\System32\DRIVERS\zd1211Bu.sys [500736 2007-06-25] (Atheros Technology Corporation) S3 ZD1211BU(ZyDAS); C:\WINDOWS\System32\DRIVERS\zd1211Bu.sys [500736 2007-06-25] (Atheros Technology Corporation) R3 ZDPSp50; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [17664 2012-07-24] (Printing Communications Assoc., Inc. (PCAUSA)) [Brak podpisu cyfrowego] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) U1 WS2IFSL; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-02-15 15:37 - 2016-02-15 15:37 - 00047582 _____ C:\Documents and Settings\Kasia Rymarska\.recently-used.xbel 2016-02-13 22:16 - 2016-02-13 22:16 - 01309184 _____ C:\Documents and Settings\Kasia Rymarska\Pulpit\zoek.exe 2016-02-13 22:16 - 2016-02-13 22:16 - 00000000 ____D C:\zoek_backup 2016-02-13 20:28 - 2016-02-15 21:08 - 00000000 ____D C:\Documents and Settings\Kasia Rymarska\Pulpit\zaproszenie na drzwi otwarte 2016-02-13 18:13 - 2016-02-14 21:25 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-02-11 22:03 - 2016-02-11 22:05 - 00000000 ____D C:\Documents and Settings\Kasia Rymarska\Dane aplikacji\PITy 2016-02-11 21:38 - 2016-02-11 21:38 - 00000000 ____D C:\Documents and Settings\Kasia Rymarska\Dane aplikacji\PIT Projekt 2015 2016-02-11 21:29 - 2016-02-11 21:42 - 00000000 ____D C:\Program Files\PIT Projekt 2015 2016-02-11 21:29 - 2016-02-11 21:42 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\PIT Projekt 2015 2016-02-07 21:20 - 2016-02-07 21:21 - 02972672 _____ C:\Documents and Settings\Kasia Rymarska\Pulpit\eDeklaracjeDesktop_1454876421156.dat 2016-02-06 17:27 - 2016-02-06 17:27 - 00000000 ____D C:\Documents and Settings\Kasia Rymarska\Dane aplikacji\TeamViewer 2016-02-06 17:23 - 2016-02-06 17:23 - 00000706 _____ C:\Documents and Settings\All Users\Pulpit\TeamViewer 11.lnk 2016-02-06 17:23 - 2016-02-06 17:23 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\TeamViewer 11 2016-02-06 17:22 - 2016-02-06 18:00 - 00000000 ____D C:\Program Files\TeamViewer 2016-02-04 19:22 - 2016-02-04 19:22 - 00011761 _____ C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji\unins000.msg 2016-02-04 19:22 - 2016-02-04 19:22 - 00003219 _____ C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji\unins000.dat 2016-02-04 19:22 - 2016-02-04 19:21 - 00707672 _____ C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji\unins000.exe 2016-01-28 15:08 - 2016-01-28 15:08 - 00000000 ____D C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Temp 2016-01-27 17:57 - 2016-02-11 21:09 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR 2016-01-27 17:57 - 2016-01-27 17:57 - 00000000 ____D C:\Documents and Settings\Default User\Dane aplikacji\Macromedia ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-02-16 00:09 - 2008-03-31 21:18 - 00000000 ____D C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Temp 2016-02-16 00:06 - 2008-03-31 23:31 - 00000000 ____D C:\Documents and Settings\Kasia Rymarska\Dane aplikacji\Skype 2016-02-16 00:02 - 2015-12-15 11:47 - 00000000 ____D C:\FRST 2016-02-16 00:02 - 2014-06-21 20:02 - 00000000 ____D C:\Documents and Settings\Kasia Rymarska\Moje dokumenty\Pobrane 2016-02-15 23:54 - 2015-07-19 19:40 - 00001156 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-02-15 23:32 - 2014-12-09 15:33 - 00001036 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-15 23:13 - 2015-12-20 23:35 - 00000394 _____ C:\WINDOWS\Tasks\update-S-1-5-21-2052111302-790525478-725345543-1004.job 2016-02-15 21:53 - 2008-03-31 21:16 - 00032504 _____ C:\WINDOWS\SchedLgU.Txt 2016-02-15 20:54 - 2008-03-31 21:18 - 00000000 ___HD C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji 2016-02-15 20:53 - 2015-07-19 19:40 - 00001152 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-02-15 20:20 - 2008-04-26 11:13 - 00002513 _____ C:\Documents and Settings\Kasia Rymarska\Pulpit\Microsoft Office Word 2007.lnk 2016-02-15 20:08 - 2008-04-05 15:21 - 06959616 ___SH C:\Documents and Settings\Kasia Rymarska\Pulpit\Thumbs.db 2016-02-15 19:54 - 2012-07-14 16:51 - 00000366 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job 2016-02-15 19:45 - 2015-07-19 19:51 - 00000000 ___RD C:\Documents and Settings\Kasia Rymarska\Moje dokumenty\Dropbox 2016-02-15 19:44 - 2015-06-19 06:55 - 00000000 ____D C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji\Dropbox 2016-02-15 19:32 - 2014-12-09 15:33 - 00001032 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-15 19:32 - 2014-03-10 09:01 - 00000240 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2016-02-15 19:31 - 2008-03-31 21:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-15 15:44 - 2008-03-31 22:43 - 144254680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-15 15:40 - 2008-03-31 21:18 - 00000188 ___SH C:\Documents and Settings\Kasia Rymarska\ntuser.ini 2016-02-15 15:40 - 2008-03-31 21:18 - 00000000 ____D C:\Documents and Settings\Kasia Rymarska 2016-02-15 15:38 - 2008-05-17 19:21 - 00000151 _____ C:\WINDOWS\PhotoSnapViewer.INI 2016-02-15 15:37 - 2009-10-18 20:09 - 00000000 ____D C:\Documents and Settings\Kasia Rymarska\.gimp-2.6 2016-02-15 15:37 - 2008-03-31 21:18 - 00000000 ____D C:\Documents and Settings\Kasia Rymarska\Pulpit 2016-02-15 15:36 - 2009-10-18 20:10 - 00000000 ____D C:\Documents and Settings\Kasia Rymarska\Dane aplikacji\gtk-2.0 2016-02-15 14:42 - 2008-03-31 21:53 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help 2016-02-15 14:01 - 2012-04-26 08:04 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-02-15 00:03 - 2008-03-31 23:06 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2016-02-14 22:27 - 2015-09-02 22:02 - 00000000 ____D C:\Documents and Settings\Kasia Rymarska\Pulpit\szkoła 2016-02-14 21:08 - 2008-03-31 23:06 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2016-02-13 20:51 - 2008-03-31 23:06 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2016-02-13 15:48 - 2006-03-02 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl 2016-02-11 22:03 - 2008-03-31 21:18 - 00000000 __RHD C:\Documents and Settings\Kasia Rymarska\Dane aplikacji 2016-02-11 22:02 - 2008-03-31 23:06 - 00000000 ___RD C:\Documents and Settings\All Users\Dokumenty 2016-02-11 21:53 - 2014-01-30 21:01 - 00002315 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk 2016-02-10 21:43 - 2014-12-09 15:45 - 00001825 _____ C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome.lnk 2016-02-08 19:46 - 2014-03-10 09:01 - 00000234 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2016-02-08 09:26 - 2008-03-31 21:16 - 00000000 ____D C:\Documents and Settings\LocalService\Ustawienia lokalne\Temp 2016-02-07 20:06 - 2008-03-31 23:33 - 00089352 _____ C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2016-02-07 20:04 - 2008-03-31 23:06 - 00584592 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-02-07 01:08 - 2008-03-31 21:58 - 00065536 _____ C:\WINDOWS\system32\config\ODiag.evt 2016-02-04 20:39 - 2008-03-31 21:18 - 00000000 ___RD C:\Documents and Settings\Kasia Rymarska\Moje dokumenty 2016-02-04 18:53 - 2012-04-02 21:17 - 00796864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2016-02-04 18:52 - 2012-04-02 21:17 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2016-02-01 21:41 - 2016-01-09 22:33 - 00000000 ____D C:\Documents and Settings\Kasia Rymarska\Pulpit\studia 2016-01-30 18:26 - 2009-07-07 13:39 - 00000000 ____D C:\Documents and Settings\Kasia Rymarska\Pulpit\Backgrounds 2016-01-28 15:08 - 2008-03-31 21:16 - 00000000 ___HD C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji 2016-01-28 15:04 - 2008-03-31 23:31 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\Skype 2016-01-27 19:29 - 2015-10-10 16:56 - 00005120 ___SH C:\WINDOWS\system32\Thumbs.db 2016-01-27 19:20 - 2008-03-31 21:18 - 00000000 ___RD C:\Documents and Settings\Kasia Rymarska\Moje dokumenty\Moje obrazy 2016-01-27 17:57 - 2008-06-28 11:23 - 00000000 ____D C:\Program Files\Adobe 2016-01-27 17:57 - 2008-03-31 23:06 - 00000000 __RHD C:\Documents and Settings\Default User\Dane aplikacji 2016-01-20 17:57 - 2011-06-22 19:41 - 00812208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2016-01-20 17:57 - 2008-04-01 00:39 - 00449384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys 2016-01-19 02:02 - 2008-03-31 23:06 - 00000000 __SHD C:\Documents and Settings\Default User\Ustawienia lokalne\Historia ==================== Pliki w katalogu głównym wybranych folderów ======= 2010-03-16 21:20 - 2009-11-04 12:44 - 0097981 _____ () C:\Program Files\CHANGELOG.php 2010-03-16 21:20 - 2009-11-04 12:44 - 0003409 _____ () C:\Program Files\configuration.php-dist 2010-03-16 21:20 - 2009-11-04 12:44 - 0001175 _____ () C:\Program Files\COPYRIGHT.php 2010-03-16 21:20 - 2009-11-04 12:44 - 0014894 _____ () C:\Program Files\CREDITS.php 2002-06-21 11:33 - 2002-06-21 11:33 - 0024576 _____ (none) C:\Program Files\EnDeCrypt.dll 2010-03-16 21:20 - 2009-11-04 12:44 - 0002771 _____ () C:\Program Files\htaccess.txt 2010-03-16 21:20 - 2009-11-04 12:44 - 0002052 _____ () C:\Program Files\index.php 2010-03-16 21:20 - 2009-11-04 12:44 - 0000591 _____ () C:\Program Files\index2.php 2010-03-16 21:20 - 2009-11-04 12:44 - 0004344 _____ () C:\Program Files\INSTALL.php 2010-03-16 21:20 - 2009-11-04 12:45 - 0017816 _____ () C:\Program Files\LICENSE.php 2010-03-16 21:20 - 2009-11-04 12:45 - 0027984 _____ () C:\Program Files\LICENSES.php 2003-08-13 10:19 - 2003-08-13 10:19 - 0061440 _____ (none) C:\Program Files\mdMod1.dll 2010-03-16 21:20 - 2009-11-04 12:45 - 0000304 _____ () C:\Program Files\robots.txt 2014-09-27 00:42 - 2014-09-27 00:46 - 0000247 _____ () C:\Documents and Settings\Kasia Rymarska\Dane aplikacji\settings.xml 2008-04-05 15:21 - 2015-07-25 21:01 - 0189952 _____ () C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2008-03-31 23:07 - 2008-03-31 23:07 - 0000139 _____ () C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji\fusioncache.dat 2015-02-25 03:11 - 2015-02-25 03:11 - 0043673 _____ () C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji\recently-used.xbel 2016-02-04 19:22 - 2016-02-04 19:22 - 0003219 _____ () C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji\unins000.dat 2016-02-04 19:22 - 2016-02-04 19:21 - 0707672 _____ () C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji\unins000.exe 2016-02-04 19:22 - 2016-02-04 19:22 - 0011761 _____ () C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji\unins000.msg 2015-12-20 23:35 - 2015-12-20 23:35 - 0000003 _____ () C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji\updater.log 2015-12-20 23:35 - 2015-12-20 23:35 - 0000412 _____ () C:\Documents and Settings\Kasia Rymarska\Ustawienia lokalne\Dane aplikacji\UserProducts.xml 2008-04-01 21:36 - 2008-04-01 21:36 - 0000032 _____ () C:\Documents and Settings\All Users\Dane aplikacji\ezsid.dat ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\WINDOWS\explorer.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\winlogon.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\svchost.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\services.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\User32.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\userinit.exe => Plik podpisany cyfrowo C:\WINDOWS\system32\rpcss.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\dnsapi.dll => Plik podpisany cyfrowo C:\WINDOWS\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo ==================== Koniec FRST.txt ============================