Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:09-12-2015 Uruchomiony przez Kinga (2015-12-11 16:27:16) Uruchomiony z C:\Users\Kinga\Downloads Windows 10 Home (X64) (2015-08-06 12:42:18) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-996966027-1595442658-2413617871-500 - Administrator - Disabled) Gość (S-1-5-21-996966027-1595442658-2413617871-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-996966027-1595442658-2413617871-1005 - Limited - Enabled) Kinga (S-1-5-21-996966027-1595442658-2413617871-1001 - Administrator - Enabled) => C:\Users\Kinga Konto domyślne (S-1-5-21-996966027-1595442658-2413617871-503 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Baidu Antivirus (Enabled - Up to date) {0B023102-4312-4570-585A-1BAAA3570E16} AV: Ad-Aware Antivirus (Enabled - Up to date) {B0CC18C6-E527-6EE6-874C-9D19920E5619} AS: Ad-Aware Antivirus (Enabled - Up to date) {0BADF922-C31D-6168-BDFC-A66BE9891CA4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Baidu Antivirus (Enabled - Up to date) {B063D0E6-6528-4AFE-62EA-20D8D8D044AB} FW: Ad-Aware Firewall (Disabled) {88F799E3-AF48-6FBE-AC13-342C6CDD1162} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-996966027-1595442658-2413617871-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.) Ad-Aware Antivirus (HKLM\...\{30B9595A-D4B5-4198-8F3C-2219C78590C9}_AdAwareUpdater) (Version: 11.9.662.8718 - Lavasoft) AdAwareInstaller (Version: 11.9.662.8718 - Lavasoft) Hidden AdAwareUpdater (Version: 11.9.662.8718 - Lavasoft) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated) Adobe Reader XI (11.0.13) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden AntispamEngine (Version: 2.4.4205.0 - Lavasoft) Hidden AvcEngine (Version: 3.11.11387.0 - Lavasoft) Hidden Baidu Antivirus (HKLM-x32\...\Baidu Antivirus) (Version: 5.4.3.133394 - Baidu, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl) Counter-Strike Source wersja 2230303 (HKLM\...\{28659B67-FC49-49DB-9DAC-1AD52203D75A}_is1) (Version: 2230303 - Strogino CS Portal) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2.5712 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.2.2114 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2110 - CyberLink Corp.) CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.) CZATeriaKam 1.7 (HKLM-x32\...\CZATeriaKam) (Version: 1.7 - INTERIA.PL) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Disney Zaplątani (HKLM-x32\...\{AEAEA61F-ECE0-4528-AD7A-8A916F5F576E}) (Version: 1.00.0000 - Disney Interactive Studios) e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 7.0.1 - Ministerstwo Finansow) e-Deklaracje Desktop (x32 Version: 7.0.1 - Ministerstwo Finansow) Hidden Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard) exiso-GUI (HKLM-x32\...\exiso-GUI_is1) (Version: - ) FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Garfield (HKLM-x32\...\{7C3A6A3C-4F55-4025-BB8C-7DFBDF090620}) (Version: 1.0 - ) Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Documentation (HKLM-x32\...\{8E7CB625-076C-4812-87B9-A2695C2CFABF}) (Version: 1.1.0.0 - Hewlett-Packard) HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company) HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard) HP Software Framework (HKLM-x32\...\{6975FEB2-7CBF-4150-A067-F2E2D2E03839}) (Version: 4.6.10.1 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{CF153513-D2C7-4652-8464-31FDAD2891E9}) (Version: 12.0.30.219 - Hewlett-Packard Company) HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan) Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle) Java 7 Update 79 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle) JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Kangurek Kao - Tajemnica wulkanu (HKLM-x32\...\Kangurek Kao - Tajemnica wulkanu) (Version: ${MUI_VERSION} - ) Kingo ROOT version 1.3.0.2198 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.3.0.2198 - Kingosoft Technology Ltd.) Lenovo_TAB_S850_V1.0.1 (HKLM-x32\...\{D39B550E-FDD8-404D-8960-72D0894014E4}) (Version: 1.00.0000 - Unknown) LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics) LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere) Małpie Opowieści - Muzeum Rozmaitości v2.0 (HKLM-x32\...\{B6D3A92B-3E96-40A6-BB52-0731133D3F1D}_is1) (Version: 2.0 - Larian Studios / Die Keure) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Minecraft Pingwin Pack 5 wersja 5.2 (HKLM-x32\...\{D0409CC9-5441-4F0A-AC41-DAF5F09965C7}_is1) (Version: 5.2 - AVENISHD) Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version: - ) Mozilla Firefox 42.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 pl)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Q-Typing 1.3 (HKLM-x32\...\Q-Typing 1.3_is1) (Version: - Q-Typing) QWERTY v1.1 [08-08-2007] (HKLM-x32\...\QWERTY - Nauka Pisania na Klawiaturze_is1) (Version: - ) Ralink Bluetooth Stack64 (HKLM\...\{95DF815D-BE2D-9118-F549-39794C5869CF}) (Version: 9.0.725.0 - Nazwa firmy) Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) Robocraft version 0.3.290 (HKU\S-1-5-21-996966027-1595442658-2413617871-1001\...\{9F101691-69D3-422E-BB5C-8CAD7110781B}_is1) (Version: 0.3.290 - Freejam) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation) Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.) SpyHunter (HKLM-x32\...\{AF549236-6258-4AC6-A043-5B5B89C6EB61}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC) SRS-Root (HKLM-x32\...\{24EAD272-D05D-4950-BD59-F88AB7B4C8C7}_is1) (Version: - 123Unlock GSM Service) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Walt Disney Pictures Piorun (HKLM-x32\...\{2523A0F0-03E8-455C-B692-0E1A7CC7640A}) (Version: 1.0 - Disney Interactive Studios) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) WinRAR 5.11 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Punkty Przywracania systemu ========================= 22-11-2015 22:50:16 Zaplanowany punkt kontrolny 02-12-2015 07:25:07 AA11 09-12-2015 17:26:31 Windows Update ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {080D40B9-5E31-42B0-BCF7-CC7AB9E084DC} - System32\Tasks\{67424D53-A244-41BE-9F38-E7465E420BDB} => Firefox.exe hxxp://ui.skype.com/ui/0/7.6.0.105/pl/abandoninstall?source=lightinstaller&page=tsInstall Task: {0838620A-000D-4DA3-90E0-8FC0040FC283} - System32\Tasks\{4A65F31F-B51A-47E5-B38C-84E023253525} => pcalua.exe -a "C:\Users\Kinga\AppData\Roaming\0I0M0D1F2W1G1I1F1T1Q1P1C\Microsoft Office 2010 Packages\uninstaller.exe" -c /Uninstall /NM="Microsoft Office 2010 Packages" /AN="0I0M0D1F2W1G1I1F1T1Q1P1C" /MBN="Microsoft Office 2010 Packages" Task: {0CB4D8E7-742C-492D-8865-0E92E07219E6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {16F1E6E6-D208-4420-AC52-B4671838459A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA Task: {19FF550D-6800-490D-9E44-BAFF4CD4795A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {219B870D-4B75-41EA-A693-ED1C74BA453E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {282A81FA-7D6D-440A-AEBD-E4D6E2CB9100} - System32\Tasks\{B6F69843-C909-402C-88FC-18F31E66D638} => Firefox.exe hxxp://ui.skype.com/ui/0/7.5.64.102/pl/abandoninstall?page=tsProgressBar Task: {36B9436D-220C-45B9-9B5E-6578C9C03AF1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated) Task: {37A52E26-E8E9-4898-B466-E3ADCE7EFB88} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {46B06F2E-CBA3-4639-9BE5-0BBCB0AA8932} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {4807D6CF-B5ED-40FA-AD22-EC715154D226} - System32\Tasks\{2E39F39B-4DEB-46C8-B267-8384ED6A3D6F} => Firefox.exe hxxp://ui.skype.com/ui/0/7.13.0.101/pl/abandoninstall?page=tsProgressBar Task: {50D6B4BB-F4B3-4891-8CA1-3AC74A52AE3A} - System32\Tasks\SpyHunter4Startup => C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe [2015-12-02] (Enigma Software Group USA, LLC.) Task: {525D0721-BD5A-4F5D-87F9-90042AF63C2C} - System32\Tasks\{6AD76E91-99B1-40D5-B3E8-DFF8304107FF} => Firefox.exe hxxp://ui.skype.com/ui/0/7.8.0.102/pl/abandoninstall?page=tsProgressBar Task: {538B39C0-61D8-4626-91DA-0E4F0D5ACCEE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {5D306454-B865-4F11-95C8-4DD9EDBB591C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {67480B8B-5420-436F-A489-314AA919E750} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company) Task: {7AE40CDE-29E9-49EF-A2FF-A11C86E4B818} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {7BC5E866-3CB5-4B48-B7B8-C1A39BF297A9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {840190A1-CF75-470F-97CB-B694DBBBD017} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation) Task: {859756FF-9B31-4F3A-8852-0694D8E1C11A} - System32\Tasks\HPCeeScheduleForKinga => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard) Task: {8BAE8592-84EE-4EE4-8913-CC468B648FBC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-28] (Hewlett-Packard) Task: {9A65C296-1F84-4150-808C-00D51B35E3E3} - System32\Tasks\{A1146FE8-D321-401E-A299-14BA462BF369} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.6.0.105&LastError=12002 Task: {9EA6E0C3-41C8-4D0B-ACD7-39DFE8F11180} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company) Task: {A97A4198-0F0A-43B0-95AA-4CD98A30E47E} - System32\Tasks\{0456FC49-E446-464B-A1BA-320251A30F4F} => pcalua.exe -a C:\Users\Kinga\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor Task: {B7581A53-3192-4A44-B222-19D90A363791} - System32\Tasks\{7A991B6E-5337-4E3C-B4BA-8DBBDA4016D9} => Firefox.exe hxxp://ui.skype.com/ui/0/7.6.0.105/pl/abandoninstall?source=lightinstaller&page=tsInstall Task: {BC72021D-5C0D-49DA-BC30-DAD2037F6AAA} - System32\Tasks\Baidu Antivirus Update => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.118812.0\BavUpdater.exe [2015-05-15] (Baidu, Inc.) Task: {D56813A2-FE65-48BC-A310-1F5B42E18A91} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {D8894160-37D8-432F-86A1-5EC7EA10D3E1} - System32\Tasks\{C60132EA-3BA0-4E3A-8540-83C3D11D342E} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.6.0.105&LastError=12002 Task: {DB119BF1-0F29-4B58-9264-8AF96F684AAD} - System32\Tasks\{A7FEC81D-122F-4C7E-B45F-D269C1CF3CBB} => Firefox.exe hxxp://ui.skype.com/ui/0/7.8.0.102/pl/abandoninstall?page=tsProgressBar Task: {DEF67DE7-E8E1-4603-8AB2-4BE2DDB3E517} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {E85AE5E9-F4C0-4B60-BD25-E4391EF4BA7E} - System32\Tasks\{B259622C-302E-490B-AE3C-5EEFFE7C9DBA} => pcalua.exe -a C:\Users\Kinga\Downloads\forge-1.7.2-10.12.2.1121-installer-win.exe -d C:\Users\Kinga\Downloads Task: {E8ACFF89-B1B1-4725-A8B3-B76C3212F5E0} - System32\Tasks\{5C899B0C-6F6F-4BCE-97CE-345214A25F69} => Firefox.exe hxxp://ui.skype.com/ui/0/7.1.59.105/pl/abandoninstall?page=tsMain Task: {EF7BEF82-E477-4581-B8FD-A844B23D036B} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink) Task: {F3757B99-AF0C-41E4-99FF-0C79E8B94D8F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink) Task: {F6D76E06-0212-4745-9244-0580E4B97B82} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js" <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForKinga.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Kinga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449824751&z=a070925003a15e01b412f83gazfz1t0bfoazcm6z2c&from=ient07021&uid=HitachiXHTS545050A7E380_TE85113Q29B1MR29B1MRX <==== UWAGA ShortcutWithArgument: C:\Users\Kinga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449824751&z=a070925003a15e01b412f83gazfz1t0bfoazcm6z2c&from=ient07021&uid=HitachiXHTS545050A7E380_TE85113Q29B1MR29B1MRX <==== UWAGA ShortcutWithArgument: C:\Users\Kinga\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449824751&z=a070925003a15e01b412f83gazfz1t0bfoazcm6z2c&from=ient07021&uid=HitachiXHTS545050A7E380_TE85113Q29B1MR29B1MRX <==== UWAGA ShortcutWithArgument: C:\Users\Kinga\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449824751&z=a070925003a15e01b412f83gazfz1t0bfoazcm6z2c&from=ient07021&uid=HitachiXHTS545050A7E380_TE85113Q29B1MR29B1MRX <==== UWAGA ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449824751&z=a070925003a15e01b412f83gazfz1t0bfoazcm6z2c&from=ient07021&uid=HitachiXHTS545050A7E380_TE85113Q29B1MR29B1MRX <==== UWAGA ==================== Załadowane moduły (filtrowane) ============== 2015-08-06 12:29 - 2015-08-06 12:29 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-08-19 12:42 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-11-19 11:55 - 2015-11-19 11:55 - 00712432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareService.exe 2015-11-19 11:59 - 2015-11-19 11:59 - 00025856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\boost_system-vc120-mt-1_57.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 00123656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\boost_filesystem-vc120-mt-1_57.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 00057096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\boost_date_time-vc120-mt-1_57.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 11670776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareServiceKernel.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 03549904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\RCF.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 00911616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\boost_regex-vc120-mt-1_57.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 00107776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\boost_thread-vc120-mt-1_57.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 00035072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\boost_chrono-vc120-mt-1_57.dll 2015-11-19 11:58 - 2015-11-19 11:58 - 00709360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareActivation.dll 2015-11-19 11:58 - 2015-11-19 11:58 - 00474368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareApplicationUpdater.dll 2015-11-19 11:58 - 2015-11-19 11:58 - 00847600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareGamingMode.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 00101096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareReset.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 00123104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareTime.dll 2015-11-19 11:58 - 2015-11-19 11:58 - 01011968 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareDefinitionsUpdater.dll 2015-11-19 11:58 - 2015-11-19 11:58 - 00905488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareDefinitionsUpdaterScheduler.dll 2015-11-19 11:58 - 2015-11-19 11:58 - 01146608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareIgnoreList.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 00243440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareQuarantine.dll 2015-11-19 11:58 - 2015-11-19 11:58 - 01570048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareAntiMalwareEngine.dll 2015-11-19 11:58 - 2015-11-19 11:58 - 00206080 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareAntiRootkitEngine.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 01210616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareScannerHistory.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 01373416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareScanner.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 00036096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\boost_timer-vc120-mt-1_57.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 01019128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareScannerScheduler.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 01190656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareRealTimeProtection.dll 2015-11-19 11:58 - 2015-11-19 11:58 - 02489592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareIncompatibles.dll 2015-11-19 11:58 - 2015-11-19 11:58 - 01466600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareAntiSpam.dll 2015-11-19 11:58 - 2015-11-19 11:58 - 01415408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareAntiPhishing.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 03263736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareParentalControl.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 02995960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareWebProtection.dll 2015-11-19 11:58 - 2015-11-19 11:58 - 01325816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareEmailProtection.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 00059656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\boost_iostreams-vc120-mt-1_57.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 01856768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareNetworkProtection.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 01013992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwarePromo.dll 2015-11-19 11:58 - 2015-11-19 11:58 - 00365288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareFeedback.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 02958592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareThreatWorkAlliance.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 01261800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwarePinCode.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 01014504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareNotice.dll 2015-11-19 11:58 - 2015-11-19 11:58 - 01541360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareAvcEngine.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 01222416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareRealTimeProtectionHistory.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 00469744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareStatistics.dll 2015-09-28 21:47 - 2015-01-06 12:47 - 00156936 _____ () C:\WINDOWS\SYSTEM32\bdfwcore.dll 2015-12-04 22:35 - 2015-12-04 22:35 - 00876888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttpbr.mdl 2015-12-04 22:35 - 2015-12-04 22:35 - 00742976 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttpdsp.mdl 2015-12-04 22:35 - 2015-12-04 22:35 - 02803536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttpph.mdl 2015-12-04 22:35 - 2015-12-04 22:35 - 01415584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttprbl.mdl 2015-10-01 10:15 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-10-01 10:15 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-11-19 11:59 - 2015-11-19 11:59 - 02794744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.662.8718\AdAwareShellExtension.dll 2015-10-01 08:28 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-12-09 17:07 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-12-09 17:07 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-12-09 17:07 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-10-01 10:15 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 12:00 - 2015-07-10 17:34 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2015-12-11 10:09 - 2015-08-06 04:47 - 00582144 _____ () C:\Program Files (x86)\Picexa\curlpp.dll 2015-12-11 10:09 - 2015-07-15 06:58 - 00065688 _____ () C:\Program Files (x86)\Picexa\zlib1.dll 2015-04-09 03:58 - 2015-05-15 04:09 - 00297968 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.118812.0\HipsLogger.dll 2015-04-09 03:58 - 2015-05-15 04:09 - 00540656 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.118812.0\sqlite.dll 2015-04-09 03:58 - 2015-05-15 04:09 - 00198128 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.118812.0\dark.dll 2013-10-27 19:07 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2015-04-09 03:58 - 2015-05-15 04:09 - 00277488 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.118812.0\Pulgin_Dark_DeleteFileTip.dll 2015-10-30 16:57 - 2015-10-30 16:57 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\c3535c7f59b994a805e9b67d05fe955a\PSIClient.ni.dll 2012-12-12 02:30 - 2012-06-26 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => ""="Service" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-996966027-1595442658-2413617871-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kinga\Desktop\polski.jpg DNS Servers: 192.168.8.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\...\StartupApproved\Run: => "AdAwareTray" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-996966027-1595442658-2413617871-1001\...\StartupApproved\StartupFolder: => "Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk" HKU\S-1-5-21-996966027-1595442658-2413617871-1001\...\StartupApproved\Run: => "Power2GoExpress8" HKU\S-1-5-21-996966027-1595442658-2413617871-1001\...\StartupApproved\Run: => "OneDrive" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{7F90E592-4FAC-4F43-B527-92AEDD7E4F5C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{88DDC551-B51A-4134-B6C0-466231977126}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{61CB3634-A4DB-4050-98A5-6F4AFDEA0446}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{BE02179A-833D-4EDA-AFA3-240675316F79}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{F59DAFE8-E1C6-4BDF-B0D4-E9322EEDF7EB}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{FE0CF4CA-D263-4202-8C71-2C69F5D38534}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{CA941785-4781-4F8A-8454-B81F90FED394}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [TCP Query User{C4665125-DB4B-40D4-B960-58C7FCDB5035}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [UDP Query User{FD3CB322-4154-445F-90CD-38EF3969F645}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{7E42E6F6-3FFB-4C33-ACB5-0B383FD86CAF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{20BE3CF7-ED54-4D04-BCB1-4AD6C302E0F6}] => (Allow) C:\Users\Kinga\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5395FBA5-E19D-4F49-A832-678CDDE4A1CA}] => (Allow) C:\Users\Kinga\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [UDP Query User{20FC6614-9D1D-4E2E-BB6D-9C1CC51894CF}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{E11ABAC7-A852-431E-98F5-6459B2BDD40B}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{873F8A83-5B53-4286-BE4E-5ED1888B71AF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{E9F52A03-8277-4913-8202-621963A85C7B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{BEED73AB-9A8C-45CE-978D-10379BEC671B}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [TCP Query User{9EA5F03C-2A53-4FE5-8ABB-7EDB5B182114}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [UDP Query User{B28F7623-AC90-416E-BCED-BF20C4845399}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe FirewallRules: [TCP Query User{EE3AF8CD-7507-4E89-A8AB-0A6665E0CA10}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe FirewallRules: [{88951CC9-36D6-4B34-A10D-0A804AAA5CF2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{94B97B0B-6633-41D9-9792-9473CF75997A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B69F1611-FBC5-43C0-B75D-0F5695E329CD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{72E92AA8-F1F9-4B93-BF7A-F7C7D1BE6470}] => (Allow) LPort=2869 FirewallRules: [{B737B6F8-5208-425C-A98F-93B5F4C38024}] => (Allow) LPort=1900 FirewallRules: [{2DFBB3E9-5830-4437-81F9-BCC00C0533F4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{1B20447E-3375-4F7F-9645-49266D2A9570}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{1FA3C690-D9B5-47F3-B8B8-BBC4AD7F6988}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{05BE9B92-AAE5-4FC4-9627-86EDBEFB4777}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{1047BD7A-8250-4469-A14D-B760E74E99ED}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [{FC616462-FCE9-4D6E-8DA5-592A7F9F7FF9}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [{164981B2-FD5E-4BC9-BB42-B1CD9AE7E3E3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{8066AC62-A932-476B-9EC1-C49CD80BB0E5}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [{AEABA1B9-B562-41F5-9F43-7ECD2472102F}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [TCP Query User{7BF0DE98-0E7D-4B56-9A5F-AB15B67461F8}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{0A193164-B3C7-4961-9E8B-452693D73FE8}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{6200B6B7-6EF4-4F18-A551-081A58D8DC04}] => (Allow) C:\Users\Kinga\AppData\Roaming\BavMini\BavPro_Setup_Mini_GL.exe FirewallRules: [{45305D58-F56E-43FE-848C-A6413EA7F226}] => (Allow) C:\Users\Kinga\AppData\Roaming\BavMini\BavPro_Setup_Mini_GL.exe FirewallRules: [{86273F95-D0FF-47E6-84D4-7476B34E9DB9}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{069E6921-086E-4098-B083-1A93B5004B66}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{471DFDC7-E07A-472E-8E26-E12508807B19}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{FB39FB2B-3E97-4988-B484-1AFB9EE8B9C7}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [TCP Query User{87DC9385-15FC-4EF6-839C-321B606A6C06}C:\program files\strogino cs portal\counter-strike source\hl2.exe] => (Allow) C:\program files\strogino cs portal\counter-strike source\hl2.exe FirewallRules: [UDP Query User{C4501DB1-990F-4EBB-A4CA-D02F28E03362}C:\program files\strogino cs portal\counter-strike source\hl2.exe] => (Allow) C:\program files\strogino cs portal\counter-strike source\hl2.exe FirewallRules: [{DE89FF79-4248-40A7-A36F-EEB07DD64DE1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{AA94E781-3C9B-4FA8-8639-1E66F802459B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{D2909122-19A6-429D-BDA7-110C6DF5A1D7}C:\users\kinga\downloads\counter-strike 1.6 cs.go romania 2015\counter-strike 1.6 cs.go - 2015\hl.exe] => (Allow) C:\users\kinga\downloads\counter-strike 1.6 cs.go romania 2015\counter-strike 1.6 cs.go - 2015\hl.exe FirewallRules: [UDP Query User{CC969365-A917-4A71-A9F0-9F9A9C073EA8}C:\users\kinga\downloads\counter-strike 1.6 cs.go romania 2015\counter-strike 1.6 cs.go - 2015\hl.exe] => (Allow) C:\users\kinga\downloads\counter-strike 1.6 cs.go romania 2015\counter-strike 1.6 cs.go - 2015\hl.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/11/2015 03:56:47 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program SearchUI.exe w wersji 10.0.10240.16603 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 1230 Godzina rozpoczęcia: 01d13423925f3329 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe Identyfikator raportu: 60326803-a017-11e5-bfcc-6c3be5f73402 Pełna nazwa pakietu powodującego błąd: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy Identyfikator aplikacji względem pakietu powodującego błąd: CortanaUI Error: (12/11/2015 03:56:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: SREBERKO) Description: Działanie pakietu Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI zostało zakończone, ponieważ operacja wstrzymywania pakietu trwała zbyt długo. Error: (12/11/2015 03:49:57 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program SpyHunter4.exe w wersji 4.17.6.4336 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 12bc Godzina rozpoczęcia: 01d1342018a70446 Godzina zakończenia: 118 Ścieżka aplikacji: C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe Identyfikator raportu: 65cf5303-a016-11e5-bfcb-6c3be5f73402 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (12/11/2015 03:15:26 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (1112) Nie można utworzyć nowego pliku dziennika, ponieważ baza danych nie może dokonać zapisu na dysku dziennika. Dysk może być tylko do odczytu, zapełniony, niewłaściwie skonfigurowany lub uszkodzony. Błąd -1032. Error: (12/11/2015 03:15:26 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (1112) Próba utworzenia pliku „C:\WINDOWS\system32\edbtmp.log” zakończyła się niepomyślnie z błędem systemowym 5 (0x00000005): „Odmowa dostępu. ”. Operacja tworzenia pliku zostanie zakończona z błędem -1032 (0xfffffbf8). Error: (12/11/2015 03:15:16 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (1112) Nie można utworzyć nowego pliku dziennika, ponieważ baza danych nie może dokonać zapisu na dysku dziennika. Dysk może być tylko do odczytu, zapełniony, niewłaściwie skonfigurowany lub uszkodzony. Błąd -1032. Error: (12/11/2015 03:15:16 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (1112) Próba utworzenia pliku „C:\WINDOWS\system32\edbtmp.log” zakończyła się niepomyślnie z błędem systemowym 5 (0x00000005): „Odmowa dostępu. ”. Operacja tworzenia pliku zostanie zakończona z błędem -1032 (0xfffffbf8). Error: (12/11/2015 03:15:04 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (1112) Nie można utworzyć nowego pliku dziennika, ponieważ baza danych nie może dokonać zapisu na dysku dziennika. Dysk może być tylko do odczytu, zapełniony, niewłaściwie skonfigurowany lub uszkodzony. Błąd -1032. Error: (12/11/2015 03:15:04 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (1112) Próba utworzenia pliku „C:\WINDOWS\system32\edbtmp.log” zakończyła się niepomyślnie z błędem systemowym 5 (0x00000005): „Odmowa dostępu. ”. Operacja tworzenia pliku zostanie zakończona z błędem -1032 (0xfffffbf8). Error: (12/11/2015 03:14:53 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (1112) Nie można utworzyć nowego pliku dziennika, ponieważ baza danych nie może dokonać zapisu na dysku dziennika. Dysk może być tylko do odczytu, zapełniony, niewłaściwie skonfigurowany lub uszkodzony. Błąd -1032. Dziennik System: ============= Error: (12/11/2015 03:55:09 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (12/11/2015 03:50:52 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: ZARZĄDZANIE NT) Description: Licznik alarmowy systemu został wyzwolony. Error: (12/11/2015 03:51:19 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 15:24:33 na ‎11.‎12.‎2015 było nieoczekiwane. Error: (12/11/2015 03:30:40 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (12/11/2015 03:24:33 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 15:13:18 na ‎11.‎12.‎2015 było nieoczekiwane. Error: (12/11/2015 03:23:17 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Usługa Usługa śledzenia diagnostyki nie została poprawnie zamknięta po odebraniu kodu sterującego przed zamknięciem. Error: (12/11/2015 03:22:45 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Usługa Klient zasad grupy nie została poprawnie zamknięta po odebraniu kodu sterującego przed zamknięciem. Error: (12/11/2015 03:22:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dostęp do danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/11/2015 03:22:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Magazyn danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/11/2015 03:22:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dane kontaktowe_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz Procent pamięci w użyciu: 51% Całkowita pamięć fizyczna: 3983.28 MB Dostępna pamięć fizyczna: 1934.59 MB Całkowita pamięć wirtualna: 4687.28 MB Dostępna pamięć wirtualna: 2300.1 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:449.77 GB) (Free:114.75 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive d: (RECOVERY) (Fixed) (Total:13.96 GB) (Free:1.82 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 9229C08D) Partition: GPT. ==================== Koniec Addition.txt ============================