Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:09-12-2015 Uruchomiony przez Kolu (2015-12-11 16:26:49) Uruchomiony z C:\KOLU\ARCHIWUM\TEMP\FIX Windows 7 Professional Service Pack 1 (X64) (2015-06-16 20:44:21) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1110614845-1655978801-3937878312-500 - Administrator - Disabled) Gość (S-1-5-21-1110614845-1655978801-3937878312-501 - Limited - Disabled) Kolu (S-1-5-21-1110614845-1655978801-3937878312-1000 - Administrator - Enabled) => C:\Users\Kolu ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated) Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.228 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1497, 15.07.2015 - AIMP DevTeam) Aktualizacje NVIDIA 2.4.5.28 (Version: 2.4.5.28 - NVIDIA Corporation) Hidden ArtRage 4 Demo (HKLM-x32\...\ArtRage 4 Demo 4.5.2.0) (Version: 4.5.2.0 - Ambient Design) ArtRage 4 Demo (Version: 4.5.2.0 - Ambient Design) Hidden ArtRage Studio (HKLM-x32\...\{A35086FB-486A-47FB-8D29-92A7DA63B0D2}) (Version: 3.5.12 - Ambient Design) Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros) Autodesk SketchBook Express 6.2 (HKLM-x32\...\{34CBACD3-040E-43D6-86C1-9FBE44B180BF}) (Version: 6.2.0000 - Autodesk) Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.6.1.2 - Broadcom Corporation) Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.2 - Broadcom Corporation) Brother MFL-Pro Suite DCP-195C (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 2.0.0.0 - Brother Industries, Ltd.) CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden Corel Painter 13 - IPM (Version: 14.0 - Corel Corporation) Hidden Corel Painter 13 - IPM Content (Version: 14.0 - Corel Corporation) Hidden Corel Painter 2015 (HKLM\...\_{DDB3F5F0-2583-426C-A652-8404AFF3A4D0}) (Version: 14.0.0.728 - Corel Corporation) CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PL (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.0.0.0054 - Disc Soft Ltd) ETDWare PS/2-X64 11.6.2.1_WHQL (HKLM\...\Elantech) (Version: 11.6.2.1 - ELAN Microelectronic Corp.) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) GIMP Extensions 2.8.20150403 (HKLM\...\GIMP Extensions) (Version: 2.8.20150403 - Pedro Cunha) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden IconHandler 64 bit (Version: 2.0 - Corel Corporation) Hidden Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation) Intel® PROSet/Wireless WiMAX Software (HKLM\...\{FBCA6D68-2FBE-4A52-8EAA-856CFEA714C8}) (Version: 6.01.0000 - Intel Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm) Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mp3tag v2.54 (HKLM-x32\...\Mp3tag) (Version: v2.54 - Florian Heidenreich) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik graficzny 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation) Odkurzacz (HKLM-x32\...\Odkurzacz 13.5_is1) (Version: 13.5.4.1971 - FranmoSoftware - Maciej Opaliński) Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden Painter 2015 - Contentx64 (Version: 14.0 - Corel Corporation) Hidden Painter 2015 - Core (Version: 14.0 - Corel Corporation) Hidden Painter 2015 - Corex64 (Version: 14.0 - Corel Corporation) Hidden Painter 2015 - CT (Version: 14.0 - Corel Corporation) Hidden Painter 2015 - DE (Version: 14.0 - Corel Corporation) Hidden Painter 2015 - EN (Version: 14.0 - Corel Corporation) Hidden Painter 2015 - FR (Version: 14.0 - Corel Corporation) Hidden Painter 2015 - Setup Files (Version: 14.0 - Corel Corporation) Hidden Panel sterowania NVIDIA 353.06 (Version: 353.06 - NVIDIA Corporation) Hidden PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH) PDF Architect 3 Create Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden PDF Architect 3 Edit Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden PDF Architect 3 View Module (x32 Version: 3.0.13.22993 - pdfforge GmbH) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge) Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Polski pakiet językowy dla programu Microsoft .NET Framework 4.5 PLK (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50709 - Microsoft Corporation) QGIS Brighton 2.6.1 Brighton (HKLM\...\QGIS Brighton) (Version: - QGIS Development Team) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6276 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated) Tablet Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11-4 - Wacom Technology Corp.) Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1306 - CyberLink Corp.) Video Web Camera (x32 Version: 1.0.1306 - CyberLink Corp.) Hidden Web Protector Plus (uninstall only) (HKLM\...\WebProtectorPlus) (Version: - ) <==== UWAGA WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Punkty Przywracania systemu ========================= ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {126205A7-841C-48C2-ACD4-06859E52FA63} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe Task: {1CBEDF7A-0EDB-45D6-90D6-964FEFF42D26} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {313E1C78-FF40-40A9-98EC-9B7DB25397BE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-06] (Adobe Systems Incorporated) Task: {3A34F64C-506D-4988-8D4C-AEE093ADA100} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-17] (Google Inc.) Task: {4466715C-9D99-4D4F-918F-609BE716666B} - System32\Tasks\Opera scheduled Autoupdate 1434490903 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-04] (Opera Software) Task: {5BE1EB38-F4E0-4861-B154-57E7217E2F20} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {7424EC92-B038-4D5E-A22D-A5C17C037A91} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {915D0AE9-500F-4FA7-9FB8-010A102FF0F4} - System32\Tasks\Odkurzacz => C:\Program Files (x86)\Odkurzacz\odkurzacz.exe [2015-10-02] (FranmoSoftware) Task: {9EAF1C5C-FE09-4CD0-9ADB-667520786FD6} - System32\Tasks\AdobeAAMUpdater-1.0-Kolu-laptop-Kolu => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {A1824339-625F-44FD-88F2-B464AEF23B3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-17] (Google Inc.) Task: {B93CCE0B-4DBF-461F-AA04-0B0DE6D1346A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe [2015-12-10] (Adobe Systems Incorporated) Task: {F1D19180-31A6-441F-B0C0-05B9927CBE69} - System32\Tasks\{932C97DB-AB6B-4595-8235-A125B1A75271} => pcalua.exe -a C:\Users\Kolu\AppData\Local\Temp\Temp1_Audio_Realtek_6.0.1.6276_W7x64_A.zip\Audio_Realtek_6.0.1.6276_W7x64\Setup.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Kolu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449831071&z=b9c9689a1385313299d7e59gbzbz0t1b6cfg9e7m0e&from=ient07021&uid=WDCXWD5000BPVT-22HXZT1_WD-WXD1EA0JT038JT038 <==== UWAGA ShortcutWithArgument: C:\Users\Kolu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449831071&z=b9c9689a1385313299d7e59gbzbz0t1b6cfg9e7m0e&from=ient07021&uid=WDCXWD5000BPVT-22HXZT1_WD-WXD1EA0JT038JT038 <==== UWAGA ShortcutWithArgument: C:\Users\Kolu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449831071&z=b9c9689a1385313299d7e59gbzbz0t1b6cfg9e7m0e&from=ient07021&uid=WDCXWD5000BPVT-22HXZT1_WD-WXD1EA0JT038JT038 <==== UWAGA ShortcutWithArgument: C:\Users\Kolu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449831071&z=b9c9689a1385313299d7e59gbzbz0t1b6cfg9e7m0e&from=ient07021&uid=WDCXWD5000BPVT-22HXZT1_WD-WXD1EA0JT038JT038 <==== UWAGA ShortcutWithArgument: C:\Users\Kolu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449831071&z=b9c9689a1385313299d7e59gbzbz0t1b6cfg9e7m0e&from=ient07021&uid=WDCXWD5000BPVT-22HXZT1_WD-WXD1EA0JT038JT038 <==== UWAGA ShortcutWithArgument: C:\Users\Kolu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449831071&z=b9c9689a1385313299d7e59gbzbz0t1b6cfg9e7m0e&from=ient07021&uid=WDCXWD5000BPVT-22HXZT1_WD-WXD1EA0JT038JT038 <==== UWAGA ShortcutWithArgument: C:\Users\Kolu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449831071&z=b9c9689a1385313299d7e59gbzbz0t1b6cfg9e7m0e&from=ient07021&uid=WDCXWD5000BPVT-22HXZT1_WD-WXD1EA0JT038JT038 <==== UWAGA ShortcutWithArgument: C:\Users\Kolu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yoursites123.com/?type=sc&ts=1449831071&z=b9c9689a1385313299d7e59gbzbz0t1b6cfg9e7m0e&from=ient07021&uid=WDCXWD5000BPVT-22HXZT1_WD-WXD1EA0JT038JT038 <==== UWAGA ShortcutWithArgument: C:\Users\Kolu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449831071&z=b9c9689a1385313299d7e59gbzbz0t1b6cfg9e7m0e&from=ient07021&uid=WDCXWD5000BPVT-22HXZT1_WD-WXD1EA0JT038JT038 <==== UWAGA ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yoursites123.com/?type=sc&ts=1449831071&z=b9c9689a1385313299d7e59gbzbz0t1b6cfg9e7m0e&from=ient07021&uid=WDCXWD5000BPVT-22HXZT1_WD-WXD1EA0JT038JT038 <==== UWAGA ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449831071&z=b9c9689a1385313299d7e59gbzbz0t1b6cfg9e7m0e&from=ient07021&uid=WDCXWD5000BPVT-22HXZT1_WD-WXD1EA0JT038JT038 <==== UWAGA ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449831071&z=b9c9689a1385313299d7e59gbzbz0t1b6cfg9e7m0e&from=ient07021&uid=WDCXWD5000BPVT-22HXZT1_WD-WXD1EA0JT038JT038 <==== UWAGA ShortcutWithArgument: C:\Users\Public\Desktop\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yoursites123.com/?type=sc&ts=1449831071&z=b9c9689a1385313299d7e59gbzbz0t1b6cfg9e7m0e&from=ient07021&uid=WDCXWD5000BPVT-22HXZT1_WD-WXD1EA0JT038JT038 <==== UWAGA ==================== Załadowane moduły (filtrowane) ============== 2009-07-14 00:19 - 2009-07-14 02:40 - 00043520 _____ () C:\Windows\system32\CSRSRV.dll 2009-07-14 00:19 - 2009-07-14 02:41 - 00036864 _____ () C:\Windows\system32\pcwum.dll 2009-07-14 00:19 - 2009-07-14 02:41 - 00036864 _____ () c:\windows\system32\pcwum.DLL 2009-07-14 00:19 - 2009-07-14 02:41 - 00036864 _____ () C:\Windows\System32\pcwum.dll 2009-07-14 00:19 - 2009-07-14 02:41 - 00036864 _____ () c:\windows\system32\pcwum.dll 2015-06-17 17:31 - 2015-05-28 08:04 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2011-06-11 00:36 - 2015-06-16 22:30 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-06-17 17:46 - 2015-06-17 17:46 - 02169856 ___SH () C:\Windows\System32\hale.exe 2015-06-18 15:32 - 2015-02-26 23:16 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll 2015-06-17 17:31 - 2015-05-28 08:04 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2015-06-17 17:39 - 2015-05-28 08:04 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-06-16 22:12 - 2015-06-16 22:12 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\4fea37f22ba7c5f1c0bbc189d748a3e8\IsdiInterop.ni.dll 2015-06-16 22:12 - 2011-02-18 07:16 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2015-12-10 21:43 - 2015-12-10 16:56 - 61547128 _____ () C:\Program Files (x86)\Opera\34.0.2036.25\opera.dll 2015-12-10 21:43 - 2015-12-10 16:56 - 01983096 _____ () C:\Program Files (x86)\Opera\34.0.2036.25\libglesv2.dll 2015-12-10 21:43 - 2015-12-10 16:56 - 00081528 _____ () C:\Program Files (x86)\Opera\34.0.2036.25\libegl.dll 2015-12-10 22:46 - 2015-12-10 22:46 - 16573120 _____ () C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_20_0_0_228.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1110614845-1655978801-3937878312-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kolu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 94.251.160.14 - 94.251.182.11 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{F410C8E2-6680-4168-AA67-BD99D8B64F8C}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe FirewallRules: [{AFDC9FEC-5EB5-490A-834D-3DAA7D08CD18}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe FirewallRules: [{12A4CB82-1F59-41D7-9D2E-6C2C776E3A99}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe FirewallRules: [{9D237441-866D-463A-BA5F-78FDB4C7944A}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe FirewallRules: [{DDB91E20-46CA-4230-82E1-F0D2169755A4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{9989B432-AD54-437B-8A91-0FBEB4DAAFCC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{B9AFCEA8-2DD8-44DB-9442-AB061E903D2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{BED547E0-E6D7-42C4-B618-8F3A59C08117}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{76C51E82-CDAB-4C01-AB0D-2610D096E834}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{61BD3E75-376A-4B1F-BBB3-CBCB266D6E1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D9050CEF-246A-45A7-8210-26442C36DD53}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{62A8D962-E669-4F31-AEF7-CC12FCEB3CA4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E6E20687-619C-403C-8904-4676C394FA90}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{BC959F0B-176B-4947-B9B1-A08B5C3E3FE7}] => (Allow) LPort=2869 FirewallRules: [{D3E5D4B8-7765-4D98-A0B7-969BDA07D773}] => (Allow) LPort=1900 FirewallRules: [{F3E7CF4F-9464-4B4F-B404-D8B4DD569A3E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{1A828D8F-267B-472E-91F9-17458A118BD2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{91450ED9-A91E-4087-9656-FDFC831AC84F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{4FF3F785-621E-4A3A-AAA6-92AD3044B3E1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{D9E14A4C-00DF-4D2D-9015-7697E71B6F58}C:\users\kolu\appdata\local\temp\kmsnano\qemu-system-i386.exe] => (Allow) C:\users\kolu\appdata\local\temp\kmsnano\qemu-system-i386.exe FirewallRules: [UDP Query User{96E78032-1178-42BA-BA4A-46AA28CD37F2}C:\users\kolu\appdata\local\temp\kmsnano\qemu-system-i386.exe] => (Allow) C:\users\kolu\appdata\local\temp\kmsnano\qemu-system-i386.exe FirewallRules: [{10283A6E-F8B2-4D74-A60B-2E4B6F501E49}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [{60293A5B-B61E-4F87-B748-15503F59239E}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: PCI Simple Communications Controller Description: PCI Simple Communications Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: wafd_1_10_0_18 Description: wafd_1_10_0_18 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: wafd_1_10_0_18 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/11/2015 03:45:35 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/11/2015 03:39:51 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/11/2015 03:15:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/11/2015 11:52:34 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: pl9.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4b1ae3cc Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7ba58 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00032edc Identyfikator procesu powodującego błąd: 0x9e8 Godzina uruchomienia aplikacji powodującej błąd: 0xpl9.exe0 Ścieżka aplikacji powodującej błąd: pl9.exe1 Ścieżka modułu powodującego błąd: pl9.exe2 Identyfikator raportu: pl9.exe3 Error: (12/11/2015 09:56:38 AM) (Source: WTabletServicePro) (EventID: 1) (User: ) Description: Prefs: Failed to get user path Error: (12/11/2015 09:56:32 AM) (Source: WTabletServicePro) (EventID: 1) (User: ) Description: Prefs: Failed to get user path Error: (12/11/2015 09:50:26 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/10/2015 09:43:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/10/2015 07:03:12 PM) (Source: Adobe Reader) (EventID: 16) (User: ) Description: Error: (12/10/2015 06:35:58 PM) (Source: Adobe Reader) (EventID: 16) (User: ) Description: Dziennik System: ============= Error: (12/11/2015 04:21:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi NvStreamKms z powodu następującego błędu: %%5 Error: (12/11/2015 03:44:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: qsafd_vt_1_10_0_20 wafd_1_10_0_18 Error: (12/11/2015 03:38:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: qsafd_vt_1_10_0_20 wafd_1_10_0_18 Error: (12/11/2015 03:14:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: qsafd_vt_1_10_0_20 wafd_1_10_0_18 Error: (12/11/2015 09:50:31 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: qsafd_vt_1_10_0_20 wafd_1_10_0_18 Error: (12/11/2015 09:50:31 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa SSFK zawiesiła się podczas uruchamiania. Error: (12/10/2015 09:42:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: qsafd_vt_1_10_0_20 wafd_1_10_0_18 Error: (12/10/2015 04:51:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: qsafd_vt_1_10_0_20 wafd_1_10_0_18 Error: (12/09/2015 05:14:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: qsafd_vt_1_10_0_20 wafd_1_10_0_18 Error: (12/09/2015 05:14:50 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa SSFK zawiesiła się podczas uruchamiania. CodeIntegrity: =================================== Date: 2015-08-01 15:21:45.339 Description: N/A Date: 2015-08-01 15:21:45.276 Description: N/A ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz Procent pamięci w użyciu: 59% Całkowita pamięć fizyczna: 3947.86 MB Dostępna pamięć fizyczna: 1585.48 MB Całkowita pamięć wirtualna: 7893.92 MB Dostępna pamięć wirtualna: 5302.57 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:234.82 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5AD54146) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================