Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja:11-10-2015 02 Uruchomiony przez Kamil (2015-10-12 15:25:31) Uruchomiony z C:\Users\Kamil\Desktop\scan Microsoft Windows 7 Professional Service Pack 1 (X86) (2011-11-10 12:05:16) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1100579147-315741855-2830510848-500 - Administrator - Disabled) Gość (S-1-5-21-1100579147-315741855-2830510848-501 - Limited - Disabled) Kamil (S-1-5-21-1100579147-315741855-2830510848-1000 - Administrator - Enabled) => C:\Users\Kamil user (S-1-5-21-1100579147-315741855-2830510848-1006 - Limited - Enabled) => C:\Users\user ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: G DATA ANTIVIRUS (Disabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0} AS: G DATA ANTIVIRUS (Disabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKLM\...\uTorrent) (Version: 3.0.0 - ) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) ActiveCheck component for HP Active Support Library (Version: 3.0.0.3 - Hewlett-Packard) Hidden Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.5.13.6 (Version: 2.5.13.6 - NVIDIA Corporation) Hidden Artisteer 4 (HKLM\...\Artisteer 4) (Version: 4.1 - Extensoft) BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM\...\{3792811C-832F-4392-B44A-24092901EDDC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.) Centrum obsługi urządzeń z systemem Windows Mobile (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation) Citrix Online Launcher (HKLM\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix) Corel Graphics - Windows Shell Extension (HKLM\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 15.2.686 - Corel Corporation) Hidden Corel WinDVD (HKLM\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.835 - Corel Inc.) CorelDRAW Graphics Suite X3 (Version: 13.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Premium Fonts (Version: 1.00.0000 - Corel Corporation) Hidden CryptoCard Suite (HKLM\...\{03eb9f33-3053-4966-8920-08b80a2a210c}) (Version: 2.00.00261 - CryptoTech) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden EPUAP SignPlugin for Chrome (HKLM\...\EPUAP SignPlugin for Chrome) (Version: 1.0.0.25 - Comarch S.A.) FileZilla Client 3.14.0 (HKLM\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse) FontNav (Version: 5.0 - Corel Corporation) Hidden Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation) FreeArc 0.666 (HKLM\...\FreeArc) (Version: 0.666 - Bulat Ziganshin) G DATA ANTIVIRUS (HKLM\...\{B6388178-D183-4AD3-A191-8211743B021C}) (Version: 25.1.0.7 - G DATA Software AG) Galeria fotografii usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden GG (HKU\S-1-5-21-1100579147-315741855-2830510848-1000\...\GG) (Version: 11 - GG Network S.A.) Ghostscript GPL 8.64 (Msi Setup) (HKLM\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (Version: 8.64 - Corel Corporation) Hidden Gladinet Cloud Desktop (HKLM\...\{B3703D7D-466D-46CB-A282-93A92A635332}) (Version: 4.0.1027 - Gladinet) Google Chrome (HKU\S-1-5-21-1100579147-315741855-2830510848-1000\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden GoToMeeting 7.3.0.3499 (HKU\S-1-5-21-1100579147-315741855-2830510848-1000\...\GoToMeeting) (Version: 7.3.0.3499 - CitrixOnline) GRID Autosport (HKLM\...\R1JJREF1dG9zcG9ydA==_is1) (Version: 1 - ) HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.10.250 - SurfRight B.V.) HP Display Assistant (HKLM\...\{17B371B7-740F-4C83-BDFE-0C3A2C585103}) (Version: 2.00.050 - Portrait Displays, Inc.) HP Odometer (HKLM\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP Performance Advisor (HKLM\...\{8B186A1A-2B69-4C67-AA8B-27371E7B5C60}) (Version: 1.8.7830 - HP Inc.) HP Support Information (HKLM\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard) HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.6.0.0 - Hewlett-Packard) HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel) Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation) Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Kaspersky Security Scan (HKLM\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 15.0.0.740 - Kaspersky Lab) Kaspersky Security Scan (Version: 15.0.0.740 - Kaspersky Lab) Hidden kED 2.1.4.0 (HKLM\...\kED_is1) (Version: - ) K-Lite Mega Codec Pack 9.9.5 (HKLM\...\KLiteCodecPack_is1) (Version: 9.9.5 - ) LibreOffice 4.4.0.3 (HKLM\...\{8BEE1CDD-F95D-4759-952D-6B38DF99D1F0}) (Version: 4.4.0.3 - The Document Foundation) LightScribe System Software (HKLM\...\{DD6C316A-FE75-4FBB-9D22-4C1920232B72}) (Version: 1.18.5.1 - LightScribe) Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1100579147-315741855-2830510848-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0415-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Report Viewer Redistributable 2008 SP1 (HKLM\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 ENU (HKLM\...\{2F141715-E144-48C0-8562-D193B7AB85BC}) (Version: 4.0.8482.1 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft XML Parser and SDK (HKLM\...\{3E908702-AF35-4611-9518-955DA24B7E07}) (Version: 4.10.9406.0 - Microsoft Corporation) Mozilla Firefox 41.0.1 (x86 pl) (HKLM\...\Mozilla Firefox 41.0.1 (x86 pl)) (Version: 41.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyDriveConnect 3.3.0.1812 (HKLM\...\MyDriveConnect) (Version: 3.3.0.1812 - TomTom) NapiProjekt (2.2.0.2399) (HKLM\...\NapiProjekt_is1) (Version: - ) Notepad++ (HKLM\...\Notepad++) (Version: 6.5.5 - Notepad++ Team) NVIDIA GeForce Experience 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.13.6 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.81 - NVIDIA Corporation) NVIDIA Sterownik graficzny 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.81 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) OpticSlim 2400 (HKLM\...\OpticSlim 2400) (Version: - ) Panel sterowania NVIDIA 341.81 (Version: 341.81 - NVIDIA Corporation) Hidden PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 4.0.50 - PDF Complete, Inc) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery) Pivot Pro Plugin (Version: 9.50.110 - Portrait Displays, Inc.) Hidden PL (Version: 13.0 - Corel Corporation) Hidden Poczta usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Podstawowe programy Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden proCertum CardManager (HKLM\...\{B96A7F3B-AF29-489A-AE84-1DDF5942971C}) (Version: 3.2.0.144 - Unizeto) proCertum SmartSign (HKLM\...\{E80B3FB7-DAB0-40E9-B256-98D8FF8C1EA9}) (Version: 7.0.0.2158 - Unizeto) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.) Remote Drive 2.1.1.259(P) (HKLM\...\Remote Drive) (Version: 2.1.1.259(P) - ASUS Cloud Corporation) Roxio Creator Business (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3.56.24 - Roxio) ScanSnap (Version: 5.1.30.19 - PFU Limited) Hidden ScanSnap Manager (HKLM\...\{DBCDB997-EEEB-4BE9-BAFF-26B4094DBDE6}) (Version: V5.1L30 - PFU) SDK (Version: 2.25.004 - Portrait Displays, Inc.) Hidden SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.13.6 - NVIDIA Corporation) Hidden Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden Sterowniki czytnika (HKLM\...\{B254F502-86FE-4406-AA36-CF37687C1C4E}) (Version: 1.00.0000 - Krajowa Izba Rozliczeniowa S.A.) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab CYRI (HKLM\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC) System Requirements Lab Detection (HKLM\...\{CDA4D853-1514-469A-882F-268D71857ACC}) (Version: 6.1.6.0 - Husdawg, LLC) SZAFIR2.0 (HKLM\...\{4758EE50-F0C0-4C58-BF18-005F800AEE79}) (Version: 2.0.454 - Krajowa Izba Rozliczeniowa S.A.) Unity Web Player (HKU\S-1-5-21-1100579147-315741855-2830510848-1000\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS) Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb) Update Manager (Version: 4.60 - Corel Corporation) Hidden uplook9 Master (HKLM\...\{517C9EF1-2E4B-4FEB-B391-C38FCE3B74D1}) (Version: 9.5.0 - A plus C Systems) VBA (Version: 6.2 - Corel Corporation) Hidden VC_CRT_x86 (Version: 1.02.0000 - Intel Corporation) Hidden Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Xvid 1.1.3 final uninstall (HKLM\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi)) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{010833F3-751A-402F-9FCC-C365B6A12E41}\localserver32 -> E:\PROGRA~1\JDOWNL~1\DOWNLO~1\BESTPL~1.EXE => Brak pliku CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{2837E0FE-686B-4CB0-BE53-0EA097EAF71B}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (InstallShield Software Corporation) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Kamil\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{59CC0C20-679B-11D2-88BD-0800361A1803}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\MSDN\CookDoc.dll () CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{5B7524C8-2446-40E9-9474-94A779DBA224}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (InstallShield Software Corporation) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Kamil\AppData\Local\Google\Chrome\Application\45.0.2454.101\delegate_execute.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.28.1\psuser.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{621D3650-F1D3-414C-97F9-03A02B211261}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (InstallShield Software Corporation) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{623E415A-22EF-4DAA-A2FF-E68E77A673C9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (InstallShield Software Corporation) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.28.13\psuser.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Kamil\AppData\Local\Citrix\GoToMeeting\3019\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\Downloaded Program Files\dwusplay.dll (InstallShield Software Corporation) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{915C2CEB-216B-4B7C-89E4-9ED3512D58D9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (InstallShield Software Corporation) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{92C5E738-7372-4CD6-BE57-15833624EBF3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (InstallShield Software Corporation) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{9CAAD2EA-177B-4D07-871F-47255B5D30F3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (InstallShield Software Corporation) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{B391A1DB-28C8-4506-A43C-5BD6051F16BA}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (InstallShield Software Corporation) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (InstallShield Software Corporation) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Kamil\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{E9880553-B8A7-4960-A668-95C68BED571E}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (InstallShield Software Corporation) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{E9A93328-79D4-4AED-A778-146E7191F8BC}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (InstallShield Software Corporation) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (InstallShield Software Corporation) CustomCLSID: HKU\S-1-5-21-1100579147-315741855-2830510848-1000_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (InstallShield Software Corporation) ==================== Punkty Przywracania systemu ========================= 07-10-2015 08:15:49 Windows Update 09-10-2015 03:00:11 Windows Update 12-10-2015 13:06:31 Revo Uninstaller's restore point - Google Drive 12-10-2015 13:07:55 Removed Google Drive 12-10-2015 13:13:41 Revo Uninstaller's restore point - Media Go Video Playback Engine 1.116.105.02020 12-10-2015 13:15:45 Removed Media Go Video Playback Engine 1.116.105.02020 12-10-2015 13:20:49 Revo Uninstaller's restore point - Google Drive 12-10-2015 13:22:27 Revo Uninstaller's restore point - Google Drive 12-10-2015 13:23:48 Revo Uninstaller's restore point - Media Go 12-10-2015 13:24:00 Removed Media Go 12-10-2015 13:26:04 Revo Uninstaller's restore point - JDownloader 0.9 ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:04 - 2011-12-01 12:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1E3A4FD3-DC09-4932-BED2-085CE4FA471D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company) Task: {21471D5C-A94B-4F10-B9D8-7C73F8B5F37C} - System32\Tasks\G2MUpdateTask-S-1-5-21-1100579147-315741855-2830510848-1000 => C:\Users\Kamil\AppData\Local\Citrix\GoToMeeting\3499\g2mupdate.exe [2015-10-02] (Citrix Online, a division of Citrix Systems, Inc.) Task: {2C59ECAF-3A27-4640-9F4B-519B05BDD70F} - \Microsoft\Windows\MUI\LPRemove -> Brak pliku <==== UWAGA Task: {32C900AF-DA0D-47C0-A171-874BA523B5A7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1100579147-315741855-2830510848-1000Core => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {3F8A3470-F03D-4473-82A0-8A079C932198} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {411E64E6-DB37-420F-BD7A-C10897C93D5E} - System32\Tasks\G2MUploadTask-S-1-5-21-1100579147-315741855-2830510848-1000 => C:\Users\Kamil\AppData\Local\Citrix\GoToMeeting\3499\g2mupload.exe [2015-10-02] (Citrix Online, a division of Citrix Systems, Inc.) Task: {44974E99-9629-4ABE-8CFE-7F28C9594E7D} - System32\Tasks\{8C97ECE7-EEB5-481A-96AF-010EE83D9556} => pcalua.exe -a C:\Users\Kamil\Downloads\winproductkey.exe -d C:\Users\Kamil\Downloads Task: {45E06F09-2FFB-4A69-AB78-9CD8873631C2} - System32\Tasks\{BB847279-B874-473C-BFBC-63092031658E} => pcalua.exe -a "C:\Program Files\Windows Installer Clean Up\msicuu.exe" -d C:\Windows\system32 Task: {5FB5519D-3DC4-4750-94E1-69984D4200C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {658AC25D-C37E-47E0-B028-63437E641C62} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {72144ABD-C599-4470-9CD9-900E00DB44B4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1100579147-315741855-2830510848-1000UA => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {82050DAA-043C-4D95-950F-581E3BA1B92E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company) Task: {8D3AF4A9-202F-4250-B6FD-93E6D8DF1FFC} - System32\Tasks\{2D6307E9-B40B-44F0-B41F-D52A4536320C} => pcalua.exe -a C:\Users\Kamil\Downloads\IL.2.Sturmovik.1946-FLT\flt-il2s\setup.exe -d C:\Users\Kamil\Downloads\IL.2.Sturmovik.1946-FLT\flt-il2s Task: {97A64250-F7D9-4FA3-8EC0-93323D992596} - System32\Tasks\{A1264BA5-625D-45B7-9DFA-7018C37C2848} => pcalua.exe -a C:\Users\Kamil\AppData\Local\temp\Temp1_Ur-Smart_V1003180(180).zip\Ur-Smart.exe Task: {AEED38E9-D35C-43A1-9304-4C84288DE31E} - System32\Tasks\{556285C1-33A3-4091-B796-9833E0018084} => pcalua.exe -a C:\Users\Kamil\Downloads\setup.exe -d F:\ Task: {C293072D-B548-4388-9EE0-0EF034DC0E41} - System32\Tasks\{B19C7604-C1B2-4FF4-8652-E427C377AD55} => pcalua.exe -a C:\Users\Kamil\Downloads\irfanview_plugins_430_setup.exe -d "C:\Program Files\Mozilla Firefox" Task: {C85D0098-5E61-452B-BD13-DBC83031ECCC} - System32\Tasks\{6626C419-BB82-4868-AA2F-527EFC368893} => pcalua.exe -a "F:\IPCamSetup—for Windows OS\IPCamSetup.exe" -d "F:\IPCamSetup—for Windows OS" Task: {CECE4621-101F-471C-A588-DEE3120BBDC4} - System32\Tasks\{DE185E3A-8853-4512-BF41-C38B6D423A33} => pcalua.exe -a F:\Programy\Narzedzia\Uszczelnienie_50_luk_w_Windows\InstallPad\InstallPad.exe -d F:\Programy\Narzedzia\Uszczelnienie_50_luk_w_Windows\InstallPad Task: {D4CB8EA4-BBE5-4F29-B091-D7D130AFB115} - System32\Tasks\{65F45829-42E7-4EEF-9AFC-0336060206B4} => pcalua.exe -a C:\Users\Kamil\Downloads\Swf2Avi_Setup.exe -d "C:\Program Files\Mozilla Firefox" Task: {DB3CDB97-427B-42F6-B4AB-BD50EC941D91} - System32\Tasks\{B32A8AB1-CA05-4009-B7C0-DB5362AD787C} => pcalua.exe -a "C:\Users\Kamil\Downloads\Dr. UFD_v1.0.0.18(18) (1)\Dr. UFD_v1.0.0.18.exe" -d "C:\Users\Kamil\Downloads\Dr. UFD_v1.0.0.18(18) (1)" Task: {F802B1C2-EC3C-44B8-9BEE-484819A72CD1} - System32\Tasks\{49BB372C-E641-4762-AAA2-2B128A1EBB23} => pcalua.exe -a "C:\Users\Kamil\Downloads\dysk hdd\Victoria 4.46b\VCR446Free\vcr446f.exe" -d "C:\Users\Kamil\Downloads\dysk hdd\Victoria 4.46b\VCR446Free" Task: {FE1C28E4-FA46-4A75-B1C0-646EFBFA70C5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1100579147-315741855-2830510848-1000.job => C:\Users\Kamil\AppData\Local\Citrix\GoToMeeting\3499\g2mupdate.exe Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1100579147-315741855-2830510848-1000.job => C:\Users\Kamil\AppData\Local\Citrix\GoToMeeting\3499\g2mupload.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1100579147-315741855-2830510848-1000Core.job => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1100579147-315741855-2830510848-1000UA.job => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Załadowane moduły (filtrowane) ============== 2011-11-16 13:07 - 2011-02-17 14:58 - 00076400 _____ () C:\Program Files\Common Files\Portrait Displays\Plugins\DP\msgHook.dll 2014-09-23 08:17 - 2015-08-18 01:28 - 00106800 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2014-09-03 10:11 - 2011-03-10 16:14 - 00011264 _____ () C:\Windows\System32\KOAYXJ_L.DLL 2014-09-03 10:53 - 2011-03-10 16:14 - 00011264 _____ () C:\Windows\System32\KOAYXA_L.DLL 2012-02-20 14:01 - 2001-10-28 18:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll 2014-10-29 14:18 - 2014-08-08 10:49 - 03579392 _____ () C:\Windows\System32\SAFEQVS.DLL 2014-10-29 14:18 - 2014-08-08 10:48 - 00779264 _____ () C:\Windows\System32\SafeQCairoLib.dll 2011-11-16 13:07 - 2011-02-17 14:57 - 00133744 _____ () C:\Program Files\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe 2011-11-16 13:06 - 2004-11-17 16:49 - 04603904 _____ () C:\Program Files\Common Files\Portrait Displays\Plugins\AM\qt-mt332.dll 2011-11-16 13:07 - 2011-02-17 14:57 - 00162416 _____ () C:\Program Files\Common Files\Portrait Displays\Plugins\AM\SSLEAY32.dll 2011-11-16 13:07 - 2011-02-17 14:57 - 00805488 _____ () C:\Program Files\Common Files\Portrait Displays\Plugins\AM\LIBEAY32.dll 2013-03-24 00:32 - 2013-03-24 00:32 - 00293200 _____ () C:\Program Files\Gladinet\Gladinet Cloud Desktop\sqlite3.dll 2013-03-24 00:32 - 2013-03-24 00:32 - 00080208 _____ () C:\Program Files\Gladinet\Gladinet Cloud Desktop\zlib125.dll 2013-03-24 00:32 - 2013-03-24 00:32 - 00015696 _____ () C:\Program Files\Gladinet\Gladinet Cloud Desktop\WOSMui.dll 2013-03-24 00:41 - 2013-03-24 00:41 - 00145744 _____ () C:\Program Files\Gladinet\Gladinet Cloud Desktop\WOSVSSSvr.exe 2015-06-03 13:44 - 2015-06-03 13:44 - 00315648 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\dblite.dll 2006-11-02 21:40 - 2006-11-02 21:40 - 00174656 _____ () C:\Windows\system32\PSIService.exe 2011-11-16 13:06 - 2011-02-17 14:41 - 00176128 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\PresetsCOM.dll 2011-11-16 13:07 - 2011-02-17 14:58 - 00121456 _____ () C:\Program Files\Common Files\Portrait Displays\Plugins\CC\gui.dll 2015-04-01 07:47 - 2015-08-18 01:31 - 00011896 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll 2009-05-18 19:55 - 2009-05-18 19:55 - 02121728 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll 2009-05-18 19:55 - 2009-05-18 19:55 - 07745536 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll 2009-05-18 19:55 - 2009-05-18 19:55 - 00135168 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll 2011-11-16 13:06 - 2011-02-17 14:58 - 00240240 _____ () C:\Program Files\Common Files\Portrait Displays\Shared\dthook.dll 2011-11-16 13:07 - 2010-05-13 17:34 - 00674928 _____ () C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpctrl.exe 2011-11-16 13:07 - 2010-05-13 17:34 - 00711792 _____ () C:\Program Files\Portrait Displays\Pivot Pro Plugin\floater.exe 2011-11-16 13:07 - 2011-02-17 14:58 - 00129648 _____ () C:\Program Files\Common Files\Portrait Displays\Plugins\DP\DPHelper.exe 2014-10-15 12:24 - 2014-10-15 12:24 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b2363cf94faf59386ab4778a39c16e2b\IsdiInterop.ni.dll 2013-11-06 08:44 - 2011-05-20 11:05 - 00059904 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2015-09-16 14:15 - 2015-09-16 14:15 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\TEMP:A66A990E ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-1100579147-315741855-2830510848-1000\...\epuap.gov.pl -> hxxps://epuap.gov.pl IE trusted site: HKU\S-1-5-21-1100579147-315741855-2830510848-1000\...\epuap.gov.pl -> hxxp://epuap.gov.pl ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1100579147-315741855-2830510848-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows - funkcja włączona. ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Action Manager 32.lnk => C:\Windows\pss\Action Manager 32.lnk.CommonStartup ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{94301F77-9491-40B6-9495-0A35F32C9108}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{03026A81-BB54-4F8B-9CD7-BD9CE4FDA7D1}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{A72A0AC1-BD25-4452-8F8D-FDB40545BE36}] => (Allow) LPort=2869 FirewallRules: [{AB140AA2-56C2-4780-9BEC-561B953E91D0}] => (Allow) LPort=1900 FirewallRules: [{D3F9908F-CF46-4C67-B015-A4611A679BC2}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe FirewallRules: [TCP Query User{7D5FE286-296B-4E72-A3B5-34AC77BC4232}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe FirewallRules: [UDP Query User{21B9D63C-2B4F-44AB-BEC8-98DBC487710B}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe FirewallRules: [TCP Query User{317FB8A6-9E89-4D5B-B657-64C728C4087A}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe FirewallRules: [UDP Query User{D42D66E0-ED48-4395-A4F8-F23DAB52B429}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe FirewallRules: [{29E7F6C8-DEF5-46C5-892E-74594DA2BC0B}] => (Allow) C:\Windows\System32\PnkBstrB.exe FirewallRules: [{EFBD66B0-8996-430E-B2CD-2EA5B2C45C53}] => (Allow) C:\Windows\System32\PnkBstrB.exe FirewallRules: [TCP Query User{00C75513-15FB-4453-8514-DA0857FD2D75}H:\osw 2011\stary komp\gry\batman\ba26tmanac83itypc-elamigos\batman - arkham city\batman - arkham city\binaries\win32\batmanac.exe] => (Allow) H:\osw 2011\stary komp\gry\batman\ba26tmanac83itypc-elamigos\batman - arkham city\batman - arkham city\binaries\win32\batmanac.exe FirewallRules: [UDP Query User{C71E74D5-32DC-406B-8911-1E8B0A2F685C}H:\osw 2011\stary komp\gry\batman\ba26tmanac83itypc-elamigos\batman - arkham city\batman - arkham city\binaries\win32\batmanac.exe] => (Allow) H:\osw 2011\stary komp\gry\batman\ba26tmanac83itypc-elamigos\batman - arkham city\batman - arkham city\binaries\win32\batmanac.exe FirewallRules: [TCP Query User{8DC6B511-63E2-4A81-96E8-EA12A8BBBDA9}C:\program files\corel\coreldraw graphics suite 13\programs\coreldrw.exe] => (Allow) C:\program files\corel\coreldraw graphics suite 13\programs\coreldrw.exe FirewallRules: [UDP Query User{398D8DAF-0D41-4712-B2F9-F982C724ADB8}C:\program files\corel\coreldraw graphics suite 13\programs\coreldrw.exe] => (Allow) C:\program files\corel\coreldraw graphics suite 13\programs\coreldrw.exe FirewallRules: [{E0DA9013-35E9-4B42-BE7E-A696DCBA80FD}] => (Allow) C:\Program Files\NapiProjekt\napisy.exe FirewallRules: [{788E0A7A-CE2C-4858-8BE7-6E641FFAD5D8}] => (Allow) C:\Program Files\NapiProjekt\napisy.exe FirewallRules: [TCP Query User{618D4420-D311-4AD3-949C-CA0056F533C6}C:\users\kamil\downloads\winbox.exe] => (Allow) C:\users\kamil\downloads\winbox.exe FirewallRules: [UDP Query User{A882913C-4813-4303-A9E1-E75FEBC1E5C0}C:\users\kamil\downloads\winbox.exe] => (Allow) C:\users\kamil\downloads\winbox.exe FirewallRules: [{378BDFC5-4C33-4900-9E2F-31CF59D5CD87}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{72333AAB-186F-42F1-ABAB-A5DAB71A281A}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [TCP Query User{30D78DC8-DA93-46DB-9E33-A7FBCB34F92E}D:\kopie zapasowe starostwo\wał\winscp\winscp.exe] => (Allow) D:\kopie zapasowe starostwo\wał\winscp\winscp.exe FirewallRules: [UDP Query User{0A782220-CE0B-4C14-80E4-F57DF21645A2}D:\kopie zapasowe starostwo\wał\winscp\winscp.exe] => (Allow) D:\kopie zapasowe starostwo\wał\winscp\winscp.exe FirewallRules: [{93D0F13D-6DAB-498B-8A28-6E971F3794A7}] => (Allow) C:\Users\Kamil\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{F55B2286-53DC-4070-AAA8-5270346D4FC6}] => (Allow) C:\Program Files\Gladinet\Gladinet Cloud Desktop\GladinetClient.exe FirewallRules: [{71CE6D2C-D9CF-4D05-9596-B780E7C178A3}] => (Allow) C:\Program Files\Gladinet\Gladinet Cloud Desktop\GladinetClient.exe FirewallRules: [{62F089C8-F966-41AF-9E49-065549C3CA3D}] => (Allow) C:\Program Files\Gladinet\Gladinet Cloud Desktop\WOSVSSSvr.exe FirewallRules: [{E4DBED3B-A7F3-4002-89AB-A2E11401DBB3}] => (Allow) C:\Program Files\Gladinet\Gladinet Cloud Desktop\WOSVSSSvr.exe FirewallRules: [{AD48C5A3-4C84-46F7-8E76-1C0F2EB24E3B}] => (Allow) C:\Program Files\Gladinet\Gladinet Cloud Desktop\WOSVSSSvr2003.exe FirewallRules: [{A3D45F6F-7D74-4DDA-ACE8-D388EA1D635D}] => (Allow) C:\Program Files\Gladinet\Gladinet Cloud Desktop\WOSVSSSvr2003.exe FirewallRules: [{EF2729DF-19B7-493B-B769-97CC50FEEAC0}] => (Allow) C:\Program Files\Gladinet\Gladinet Cloud Desktop\WOSVSSSvrXP32.exe FirewallRules: [{81BE3CAF-3E86-4A86-BDB3-88B190F61944}] => (Allow) C:\Program Files\Gladinet\Gladinet Cloud Desktop\WOSVSSSvrXP32.exe FirewallRules: [TCP Query User{84431C83-5570-4E0C-B018-6058DC178391}C:\program files\gladinet\gladinet cloud desktop\gladinetclient.exe] => (Allow) C:\program files\gladinet\gladinet cloud desktop\gladinetclient.exe FirewallRules: [UDP Query User{C1937EF6-CE93-4BAE-96F0-75DD87EE431D}C:\program files\gladinet\gladinet cloud desktop\gladinetclient.exe] => (Allow) C:\program files\gladinet\gladinet cloud desktop\gladinetclient.exe FirewallRules: [{3794A383-FF90-4C38-B8AA-5D0FBC3FD4F0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{A9FE9571-9820-40F3-8852-341C2C77F6A5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{CD625C40-4D4B-45A7-AF43-616089E25CBC}C:\users\kamil\downloads\winbox.exe] => (Allow) C:\users\kamil\downloads\winbox.exe FirewallRules: [UDP Query User{9CB6483B-03B4-4327-9FB7-4E11DC15583D}C:\users\kamil\downloads\winbox.exe] => (Allow) C:\users\kamil\downloads\winbox.exe FirewallRules: [{8DF4932A-6CE7-48DE-B4C7-3AEF2E167104}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{61C08819-37C3-4ACE-B6CE-58CE6BE2FCF5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{65AE1AC3-B556-4AA6-BEFB-9AA8946CF0DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{D8442001-8FAE-42A2-9D75-8202B924EF17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{14AB96F0-CAD1-448D-ABFC-F51DDB88887F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{763FDB0B-7EBE-439B-B523-B15A3A2042DA}C:\users\kamil\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\kamil\appdata\local\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{799B389C-8140-40E5-9D99-13E45875FCC6}C:\users\kamil\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\kamil\appdata\local\google\chrome\application\chrome.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: CDC Serial Description: CDC Serial Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (10/12/2015 01:06:26 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {75e64769-b4ef-4429-bbca-e8ab4968b154} Error: (10/12/2015 12:35:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: jusched.exe, wersja: 2.1.71.14, sygnatura czasowa: 0x54261084 Nazwa modułu powodującego błąd: USER32.dll, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7ba26 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000140a3 Identyfikator procesu powodującego błąd: 0x15ec Godzina uruchomienia aplikacji powodującej błąd: 0xjusched.exe0 Ścieżka aplikacji powodującej błąd: jusched.exe1 Ścieżka modułu powodującego błąd: jusched.exe2 Identyfikator raportu: jusched.exe3 Error: (10/12/2015 12:30:50 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/12/2015 08:13:22 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: svchost.exe_WebClient, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bc100 Nazwa modułu powodującego błąd: iertutil.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x55cecf76 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x767e6be0 Identyfikator procesu powodującego błąd: 0x2e14 Godzina uruchomienia aplikacji powodującej błąd: 0xsvchost.exe_WebClient0 Ścieżka aplikacji powodującej błąd: svchost.exe_WebClient1 Ścieżka modułu powodującego błąd: svchost.exe_WebClient2 Identyfikator raportu: svchost.exe_WebClient3 Error: (10/11/2015 12:58:26 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (10/09/2015 04:32:06 PM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.34209 - Wystąpił błąd podczas inicjacji infrastruktury dołączania interfejsu API profilowania. Ten proces nie zezwoli na dołączenie profilera. HRESULT: 0x80004005. Identyfikator procesu (liczba dziesiętna): 10528. Identyfikator komunikatu: [0x2509]. Error: (10/09/2015 02:10:43 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program mpc-hc.exe w wersji 1.6.8.7378 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 760 Godzina rozpoczęcia: 01d10259c43ae42a Godzina zakończenia: 626 Ścieżka aplikacji: C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe Identyfikator raportu: bab887c8-6e7e-11e5-b1d0-3cd92b651096 Error: (10/07/2015 01:39:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: jusched.exe, wersja: 2.1.71.14, sygnatura czasowa: 0x54261084 Nazwa modułu powodującego błąd: USER32.dll, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7ba26 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000140a3 Identyfikator procesu powodującego błąd: 0x14e0 Godzina uruchomienia aplikacji powodującej błąd: 0xjusched.exe0 Ścieżka aplikacji powodującej błąd: jusched.exe1 Ścieżka modułu powodującego błąd: jusched.exe2 Identyfikator raportu: jusched.exe3 Error: (10/07/2015 01:35:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/07/2015 01:32:37 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Users\Kamil\Downloads\HitmanPro.exe ; Opis = Punkt przywracania stworzony przez HitmanPro; Błąd = 0x8007043c). Dziennik System: ============= Error: (10/12/2015 12:32:57 PM) (Source: iaStor) (EventID: 9) (User: ) Description: Urządzenie \Device\Ide\iaStor0 nie odpowiedziało w ramach ustalonego limitu czasu. Error: (10/12/2015 12:25:21 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (10/12/2015 08:20:17 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Usługa interfejsu magazynu sieciowego, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Error: (10/12/2015 08:15:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Usługa autowykrywania serwera proxy w sieci Web WinHTTP niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. Error: (10/12/2015 08:15:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa WebClient niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 300000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/12/2015 08:15:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Host usługi diagnostyki niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. Error: (10/12/2015 08:15:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa Czas systemu Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/12/2015 08:15:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa interfejsu magazynu sieciowego niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 300000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/12/2015 08:15:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa listy sieci niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 100 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/12/2015 08:15:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usług systemu Windows buforowania czcionek niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. CodeIntegrity: =================================== Date: 2015-10-07 11:03:20.975 Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available. Date: 2015-10-07 11:03:20.975 Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available. Date: 2015-10-07 11:03:20.960 Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available. Date: 2015-10-07 11:03:20.835 Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available. Date: 2015-10-07 11:03:20.819 Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available. Date: 2015-10-07 11:03:20.819 Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available. Date: 2015-10-07 11:01:33.392 Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available. Date: 2015-10-07 11:01:33.361 Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available. Date: 2015-10-07 11:01:33.361 Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available. Date: 2015-10-07 11:01:33.330 Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\37529801-035b-4080-80e8-446c4887e8be\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz Procent pamięci w użyciu: 38% Całkowita pamięć fizyczna: 3318.08 MB Dostępna pamięć fizyczna: 2047.64 MB Całkowita pamięć wirtualna: 7388.73 MB Dostępna pamięć wirtualna: 4952.21 MB ==================== Dyski ================================ Drive c: (OS) (Fixed) (Total:100.01 GB) (Free:29.65 GB) NTFS Drive d: () (Fixed) (Total:363.75 GB) (Free:100.2 GB) NTFS Drive e: () (Removable) (Total:5.64 GB) (Free:5.49 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 28AC0F9B) Partition 1: (Active) - (Size=2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=363.8 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 7.5 GB) (Disk ID: 0304FAD9) Partition 1: (Not Active) - (Size=5.6 GB) - (Type=0B) Partition 2: (Not Active) - (Size=1.9 GB) - (Type=82) ==================== Koniec Addition.txt ============================