Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x86) Wersja: 24-05-2019 Uruchomiony przez Kazz (administrator) DELL (Dell Inc. Inspiron 700m ) (25-05-2019 21:38:16) Uruchomiony z C:\ Załadowane profile: Kazz (Dostępne profile: Kazz) Platform: Microsoft Windows XP Home Edition Dodatek Service Pack 2 (X86) Język: Polski Internet Explorer Wersja 6 (Domyślna przeglądarka: Chrome) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Google Inc -> Google Inc.) E:\Program Files\Google\Update\GoogleUpdate.exe (Intel Corporation ) [Brak podpisu cyfrowego] E:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation) [Brak podpisu cyfrowego] E:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) [Brak podpisu cyfrowego] E:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel(R) Corporation) [Brak podpisu cyfrowego] E:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Microsoft Windows Hardware Compatibility Publisher -> Synaptics, Inc.) E:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Windows Publisher -> Microsoft Corporation) E:\WINDOWS\system32\alg.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [SynTPEnh] => E:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761947 2006-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics, Inc.) HKLM\...\Drivers32: [msacm.trspch] => E:\WINDOWS\system32\tssoft32.acm [8192 2004-08-04] (Microsoft Windows Publisher -> DSP GROUP, INC.) HKLM\...\Drivers32: [vidc.I420] => E:\WINDOWS\system32\msh263.drv [294912 2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [vidc.iv31] => E:\WINDOWS\system32\ir32_32.dll [199168 2004-08-04] (Microsoft Windows Publisher -> ) HKLM\...\Drivers32: [vidc.iv32] => E:\WINDOWS\system32\ir32_32.dll [199168 2004-08-04] (Microsoft Windows Publisher -> ) HKLM\...\Drivers32: [vidc.iv41] => E:\WINDOWS\system32\ir41_32.ax [848384 2004-08-04] (Microsoft Windows Publisher -> Intel Corporation) HKLM\...\Drivers32: [msacm.msg723] => E:\WINDOWS\system32\msg723.acm [118784 2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [vidc.M263] => E:\WINDOWS\system32\msh263.drv [294912 2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [vidc.M261] => E:\WINDOWS\system32\msh261.drv [188416 2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [msacm.msaudio1] => E:\WINDOWS\system32\msaud32.acm [294912 2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) HKLM\...\Drivers32: [msacm.sl_anet] => E:\WINDOWS\system32\sl_anet.acm [86016 2004-08-04] (Microsoft Windows Publisher -> Sipro Lab Telecom Inc.) HKLM\...\Drivers32: [msacm.iac2] => E:\WINDOWS\system32\iac25_32.ax [199680 2004-08-04] (Microsoft Windows Publisher -> Intel Corporation) HKLM\...\Drivers32: [vidc.iv50] => E:\WINDOWS\system32\ir50_32.dll [755200 2004-08-04] (Microsoft Windows Publisher -> Intel Corporation) HKLM\...\Drivers32: [VIDC.FFDS] => E:\WINDOWS\system32\ff_vfw.dll [67584 2009-03-02] () [Brak podpisu cyfrowego] HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> E:\WINDOWS\inf\unregmp2.exe [2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> E:\WINDOWS\system32\shmgrate.exe [2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> E:\WINDOWS\system32\shmgrate.exe [2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> E:\Program Files\Outlook Express\setup50.exe [2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> E:\WINDOWS\system32\advpack.dll [2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> E:\WINDOWS\system32\advpack.dll [2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> E:\WINDOWS\system32\advpack.dll [2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{7790769C-0471-11d2-AF11-00C04FA35D02}] -> E:\Program Files\Outlook Express\setup50.exe [2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> E:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2017-05-03] (Google Inc -> Google Inc.) HKLM\Software\...\Winlogon\GPExtensions: [{C631DF4C-088F-4156-B058-4375F0853CD8}] -> E:\WINDOWS\System32\cscui.dll [2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> appmgmts.dll (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: E:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => E:\Program Files\Google\Update\GoogleUpdate.exe Task: E:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => E:\Program Files\Google\Update\GoogleUpdate.exe ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-1292428093-839522115-1343024091-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1292428093-839522115-1343024091-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch URLSearchHook: HKU\S-1-5-21-1292428093-839522115-1343024091-1004 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - E:\WINDOWS\system32\shdocvw.dll (Microsoft Windows Publisher -> Microsoft Corporation) HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <==== UWAGA SearchScopes: HKLM -> DefaultScope - brak wartości FireFox: ======== FF ProfilePath: E:\Documents and Settings\Kazz\Dane aplikacji\Mozilla\Firefox\Profiles\fwhbs4i3.default-1550398051779 [2019-03-29] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2018-11-15] [Przestarzałe] [Brak podpisu cyfrowego] FF Plugin: @microsoft.com/WPF,version=3.5 -> E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> E:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc. -> RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> E:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.) [Brak podpisu cyfrowego] FF Plugin: @tools.google.com/Google Update;version=3 -> E:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-14] (Google Inc -> Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> E:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-14] (Google Inc -> Google Inc.) Chrome: ======= CHR Profile: E:\Documents and Settings\Kazz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default [2019-03-29] CHR Extension: (Płatności w sklepie Chrome Web Store) - E:\Documents and Settings\Kazz\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-03] ==================== Usługi (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 6to4; E:\WINDOWS\System32\6to4svc.dll [100352 2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 EvtEng; E:\Program Files\Intel\Wireless\Bin\EvtEng.exe [643072 2007-02-21] (Intel Corporation) [Brak podpisu cyfrowego] S4 LexBceS; E:\WINDOWS\system32\LEXBCES.EXE [311296 2004-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International, Inc.) R2 NwSapAgent; E:\WINDOWS\System32\ipxsap.dll [66560 2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) S4 OpLclSrv; E:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [147456 2012-03-28] (Oki Data Corporation) [Brak podpisu cyfrowego] R2 RegSrvc; E:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-02-21] (Intel Corporation) [Brak podpisu cyfrowego] R2 S24EventMonitor; E:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [983040 2007-02-21] (Intel Corporation ) [Brak podpisu cyfrowego] S3 SwPrv; E:\WINDOWS\system32\dllhost.exe /Processid:{339B6FF0-86F5-4A83-8DF1-6CCDA888E52B} [5120 2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WLANKEEPER; E:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [294912 2007-02-21] (Intel(R) Corporation) [Brak podpisu cyfrowego] ===================== Sterowniki (filtrowane) ====================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AegisP; E:\WINDOWS\System32\DRIVERS\AegisP.sys [21425 2017-05-03] (Meetinghouse Data Communications) [Brak podpisu cyfrowego] S3 bcm4sbxp; E:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys [44928 2004-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation) S3 CH341SER; E:\WINDOWS\System32\Drivers\CH341SER.SYS [41472 2015-01-26] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com) S3 epmntdrv; E:\WINDOWS\system32\epmntdrv.sys [20472 2016-01-14] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Brak podpisu cyfrowego] S3 EuGdiDrv; E:\WINDOWS\system32\EuGdiDrv.sys [10208 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Brak podpisu cyfrowego] S3 FTDIBUS; E:\WINDOWS\System32\drivers\ftdibus.sys [60552 2010-11-16] (Future Technology Devices International Ltd -> FTDI Ltd.) S3 FTSER2K; E:\WINDOWS\System32\drivers\ftser2k.sys [73096 2010-11-16] (Future Technology Devices International Ltd -> FTDI Ltd.) R3 HSFHWICH; E:\WINDOWS\System32\DRIVERS\HSFHWICH.sys [208384 2005-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.) R3 HSF_DPV; E:\WINDOWS\System32\DRIVERS\HSF_DPV.SYS [1033728 2005-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.) R3 ialm; E:\WINDOWS\System32\DRIVERS\ialmnt5.sys [1049180 2005-07-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) R3 imgdrive; E:\WINDOWS\System32\DRIVERS\imgdrive.sys [102304 2018-08-11] (Beijing Yubei Information Technology Co., Ltd -> Yubsoft) R2 mdmxsdk; E:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [13059 2004-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Conexant) S3 nm; E:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NwlnkIpx; E:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88448 2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NwlnkNb; E:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NwlnkSpx; E:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 s24trans; E:\WINDOWS\System32\DRIVERS\s24trans.sys [12416 2007-02-21] (Intel Corporation) [Brak podpisu cyfrowego] S3 Secdrv; E:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-08-04] (Microsoft Windows Publisher -> ) R3 STAC97; E:\WINDOWS\System32\drivers\stac97.sys [264440 2004-11-15] (Microsoft Windows Hardware Compatibility Publisher -> SigmaTel, Inc.) R3 SynTP; E:\WINDOWS\System32\DRIVERS\SynTP.sys [191872 2006-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics, Inc.) R1 Tcpip6; E:\WINDOWS\System32\DRIVERS\tcpip6.sys [223616 2004-08-04] (Microsoft Windows Publisher -> Microsoft Corporation) R3 tifm; E:\WINDOWS\System32\drivers\tifm.sys [55808 2006-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments) R3 w29n51; E:\WINDOWS\System32\DRIVERS\w29n51.sys [2209408 2007-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel® Corporation) R3 winachsf; E:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [705408 2005-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.) U1 WS2IFSL; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc (utworzone) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-05-25 21:22 - 2019-05-25 21:38 - 000000000 ____D E:\FRST ==================== Jeden miesiąc (zmodyfikowane) ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2019-05-26 11:29 - 2018-01-04 12:08 - 000001036 _____ E:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2019-05-25 23:51 - 2017-05-03 09:35 - 000000000 ____D E:\Documents and Settings\Kazz\Ustawienia lokalne\Temp 2019-05-25 21:18 - 2018-01-04 12:08 - 000001032 _____ E:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2019-05-25 21:18 - 2017-05-03 09:34 - 000000006 ____H E:\WINDOWS\Tasks\SA.DAT 2019-05-25 21:00 - 2017-05-03 09:35 - 000000292 ___SH E:\Documents and Settings\Kazz\ntuser.ini 2019-05-25 21:00 - 2004-08-04 12:00 - 000002422 _____ E:\WINDOWS\system32\wpa.dbl 2019-05-25 21:00 - 2004-08-04 12:00 - 000000573 _____ E:\WINDOWS\win.ini 2019-05-25 21:00 - 2004-08-04 12:00 - 000000227 _____ E:\WINDOWS\system.ini ==================== Pliki w katalogu głównym wybranych folderów ======= 2017-05-03 23:46 - 2014-02-09 20:12 - 001093632 _____ (Karol Winnicki) E:\Program Files\BESTplayer.exe 2019-02-17 11:47 - 2010-11-03 23:14 - 000008954 _____ () E:\Documents and Settings\Kazz\Dane aplikacji\Cicha noc.xml 2019-02-17 11:53 - 2010-11-03 19:15 - 006550202 _____ () E:\Documents and Settings\Kazz\Dane aplikacji\Mizerna cicha+.ogg 2019-02-17 11:53 - 2010-10-28 00:30 - 008259074 _____ () E:\Documents and Settings\Kazz\Dane aplikacji\Mizerna cicha.ogg 2019-02-17 11:53 - 2011-10-20 17:50 - 000010090 _____ () E:\Documents and Settings\Kazz\Dane aplikacji\Mizerna cicha.xml 2017-05-04 00:50 - 2019-02-17 11:57 - 000010240 _____ () E:\Documents and Settings\Kazz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-11-22 10:30 - 2018-11-22 10:31 - 000009216 _____ () E:\Documents and Settings\All Users\Dane aplikacji\ppe_fleetdb.vdb ==================== SigCheck =============================== (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.)