Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:14-12-2015 Uruchomiony przez Lenovo (2015-12-14 21:44:50) Uruchomiony z C:\Users\Lenovo\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2014-05-22 14:21:07) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-583818649-3997608106-3267890143-500 - Administrator - Disabled) Gość (S-1-5-21-583818649-3997608106-3267890143-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-583818649-3997608106-3267890143-1003 - Limited - Enabled) Lenovo (S-1-5-21-583818649-3997608106-3267890143-1000 - Administrator - Enabled) => C:\Users\Lenovo UpdatusUser (S-1-5-21-583818649-3997608106-3267890143-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-583818649-3997608106-3267890143-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.) µTorrent (HKU\S-1-5-21-583818649-3997608106-3267890143-1001\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated) Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated) Adobe Reader XI (11.0.13) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated) Aktualizacje NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Championship Manager 01-02 (HKLM-x32\...\Championship Manager 01-02) (Version: - ) Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version: - Valve) Diablo II + Diablo II - Lord of Destruction PL 1.12a (HKLM-x32\...\Diablo II + Diablo II - Lord of Destruction PL 1.12a) (Version: - ) Dishonored - Game of the Year Edition (HKLM-x32\...\Dishonored - Game of the Year Edition_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky) Don't Starve - Reign of Giants (HKLM-x32\...\Don't Starve - Reign of Giants_is1) (Version: 1.99241 - Релиз от Brick) Download Accelerator Plus (DAP) (HKLM-x32\...\Download Accelerator Plus (DAP)) (Version: 10059 (Build 2593) - Speedbit Ltd.) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.4 - Lenovo) Energy Management (x32 Version: 7.0.3.4 - Lenovo) Hidden Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski) Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.3 - Genesys Logic) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.) Google Photos Backup (HKU\S-1-5-21-583818649-3997608106-3267890143-1000\...\Google Photos Backup) (Version: 1.1.1.259 - Google, Inc.) Google Photos Backup (HKU\S-1-5-21-583818649-3997608106-3267890143-1001\...\Google Photos Backup) (Version: 1.1.1.259 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden HP Deskjet Ink Adv 2060 K110 Badanie ulepszeń produktu (HKLM\...\{11947265-738E-42D1-A9C6-CFD2D7FAE5BE}) (Version: 22.50.231.0 - Hewlett-Packard Co.) HP Deskjet Ink Adv 2060 K110 Podstawowe oprogramowanie urządzenia (HKLM\...\{55198058-B9BD-4574-8CD0-1E4EC1240B90}) (Version: 22.50.231.0 - Hewlett-Packard Co.) HP Deskjet Ink Adv 2060 K110 Pomoc (HKLM-x32\...\{261A4762-744B-4C71-81D2-57FA5038DC7B}) (Version: 140.0.2.2 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife) HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard) HWiNFO32 Version 5.10 (HKLM-x32\...\HWiNFO32_is1) (Version: 5.10 - Martin Malík - REALiX) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation) Intel(R) WiDi (HKLM\...\{90621A56-901E-417D-A8CB-E8E3A6793C29}) (Version: 4.1.19.0 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Internet Manager (HKLM\...\{27D28586-BEF1-4E06-8787-3B1FC3A41489}) (Version: 1.0.0.3 - ZTE CORPORATION) K-Lite Mega Codec Pack 10.5.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.5.0 - ) Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10223 - Realtek Semiconductor Corp.) LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere) Mafia II (HKLM-x32\...\Mafia II_is1) (Version: - ) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{20DEB77C-21D6-4D22-BB47-233E47613D57}) (Version: 1.1.0322 - Microsoft Corporation) Microsoft ReportViewer 2010 SP1 Redistributable (KB2549864) (HKLM-x32\...\{1282C0BC-3B22-33D4-B72E-62922415DDCA}) (Version: 10.0.40220 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 34.0.5 (x86 pl) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 pl)) (Version: 34.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.5.0 - Mozilla) Mozilla Thunderbird 31.6.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 pl)) (Version: 31.6.0 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA Sterownik graficzny 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation) Oddworld: Abe's Exoddus (HKLM-x32\...\Steam App 15710) (Version: - Oddworld Inhabitants) Oddworld: Abe's Oddysee (HKLM-x32\...\Steam App 15700) (Version: - Oddworld Inhabitants) OpenOffice 4.1.0 (HKLM-x32\...\{7EB1185B-6319-42D7-B103-707570BFB0D8}) (Version: 4.10.9764 - Apache Software Foundation) Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{aaf3655f-6961-4be2-aa4e-6de4dc1dc8f4}) (Version: 16.1.5 - Intel Corporation) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo) Panel sterowania NVIDIA 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden PhotoFiltre 7 (HKU\S-1-5-21-583818649-3997608106-3267890143-1000\...\PhotoFiltre 7) (Version: - ) PhotoFiltre 7 (HKU\S-1-5-21-583818649-3997608106-3267890143-1001\...\PhotoFiltre 7) (Version: - ) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.) Portal (HKLM-x32\...\Portal) (Version: - ) Portal 2 (HKLM-x32\...\Postal 2_is1) (Version: - ) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6923 - Realtek Semiconductor Corp.) Registry Life version 2.0 (HKLM-x32\...\Registry Life_is1) (Version: 2.0 - ChemTable Software) Southpark Stick of Truth (HKLM-x32\...\U291dGhwYXJrU3RpY2tvZlRydXRo_is1) (Version: 1 - ) Spotify (HKU\S-1-5-21-583818649-3997608106-3267890143-1000\...\Spotify) (Version: 1.0.19.106.gb8a7150f - Spotify AB) Spotify (HKU\S-1-5-21-583818649-3997608106-3267890143-1001\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB) SpyHunter (HKLM-x32\...\{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}) (Version: 4.12.13.4202 - Enigma Software Group USA, LLC) Starcraft (HKLM-x32\...\Starcraft) (Version: - ) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.4.1.0 - Synaptics Incorporated) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer) Trojan Killer (HKLM-x32\...\GridinSoft Trojan Killer) (Version: 2.2.0.4 - Gridinsoft LLC) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) webcamXP 5 (HKLM-x32\...\wLite) (Version: 5.8.2.0 - Moonware Studios) Wiedźmin 2 Zabójcy Królów Edycja Rozszerzona version 3.4.0 (HKLM-x32\...\Wiedźmin 2 Zabójcy Królów Edycja Rozszerzona_is1) (Version: 3.4.0 - GTX Box Team) WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.130 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== UWAGA ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-583818649-3997608106-3267890143-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-583818649-3997608106-3267890143-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.) ==================== Punkty Przywracania systemu ========================= 13-12-2015 09:14:52 Zaplanowany punkt kontrolny 14-12-2015 17:55:23 Kopia zapasowa systemu Windows 14-12-2015 20:08:21 DAEMON Tools Pro restore point 14-12-2015 20:11:35 SPTD setup V1.87 14-12-2015 21:14:16 Removed Symantec Endpoint Protection. ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0565C1B1-57A7-4F2A-8E9A-B927673F2B1C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-583818649-3997608106-3267890143-1000UA => C:\Users\Lenovo\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {3280A8FD-0004-47AF-B6DE-C51FF250720F} - System32\Tasks\{AB847C6D-29E6-4AA4-9146-68D335289A56} => pcalua.exe -a "F:\Torrentz\Neighbours from Hell\V. 2\Neighbours From Hell 2.exe" -d "F:\Torrentz\Neighbours from Hell\V. 2" Task: {3D45EED3-F7C0-4295-B6B1-6C638ED0CCD9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {46428005-9063-4343-8544-74B77F2CC08C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {58D91819-96CF-41EC-9C24-D56BBA42EDC8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-583818649-3997608106-3267890143-1000Core => C:\Users\Lenovo\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {67138E62-FD61-4FD4-BE7C-A22E16827CD0} - System32\Tasks\{7CD1E58D-370A-44E0-BBA8-AD75A64071CA} => pcalua.exe -a "C:\Program Files (x86)\blueconnect\uninst.exe" Task: {720D7694-AA19-4059-B01A-05CF1C2A6114} - System32\Tasks\Driver Robot => C:\Program Files (x86)\Driver Robot\Driver Robot.lnk Task: {84CDC4A9-627E-4602-A5E5-B5B1542287EE} - System32\Tasks\{B1FC8512-39AA-46C0-87E5-D93112AB03A4} => pcalua.exe -a "F:\Torrentz\V. 1\Neighbours From Hell.exe" -d "F:\Torrentz\V. 1" Task: {86038957-A65A-4F89-B668-78FCF2F84DE7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {8BC2BFB2-46E6-4B42-8828-8A22009DA641} - System32\Tasks\HPCustParticipation HP Deskjet Ink Adv 2060 K110 => C:\Program Files\HP\HP Deskjet Ink Adv 2060 K110\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.) Task: {A449703D-EA8A-4C6C-AEDD-F8220D4E503A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated) Task: {BEFDDD47-5E0F-4E5F-AF8F-F9B362DBC2FF} - \globalUpdateUpdateTaskMachineCore -> Brak pliku <==== UWAGA Task: {E64E0964-9EC0-4BD8-BB8E-B1323825C695} - \globalUpdateUpdateTaskMachineUA -> Brak pliku <==== UWAGA Task: {EFA3EA65-6A8A-4E54-B3E8-29AD20AD3AAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {FE426643-020C-4EEE-A56A-B00185E3148B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Driver Robot.job => C:\Program Files (x86)\Driver Robot\Driver Robot.lnk Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-583818649-3997608106-3267890143-1000Core.job => C:\Users\Lenovo\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-583818649-3997608106-3267890143-1000UA.job => C:\Users\Lenovo\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Lenovo\Desktop\Gry\Dishonored - Game of the Year Edition.lnk -> F:\Program Files (x86)\Dishonored - Game of the Year Edition\Binaries\Win32\Launcher.exe () -> hxxp://www.istartpageing.com/?type=sc&ts=1448999514&z=850773ff302d02196bf8352g7zaz6bft1tdt4w5g6z&from=cor&uid=ST1000LM014-SSHD-8GB_W380X9AHXXXXW380X9AH <==== UWAGA ShortcutWithArgument: C:\Users\Lenovo\Desktop\Gry\Play Dying Light.lnk -> D:\Program Files (x86)\Dying Light\Launcher.exe () -> hxxp://www.istartpageing.com/?type=sc&ts=1448999514&z=850773ff302d02196bf8352g7zaz6bft1tdt4w5g6z&from=cor&uid=ST1000LM014-SSHD-8GB_W380X9AHXXXXW380X9AH <==== UWAGA ShortcutWithArgument: C:\Users\Lenovo\Desktop\Gry\Wiedźmin 2 Zabójcy Królów Edycja Rozszerzona.lnk -> D:\Program Files (x86)\GTX Box Team\Wiedźmin 2 Zabójcy Królów Edycja Rozszerzona\Launcher.exe (CD Projekt RED) -> hxxp://www.istartpageing.com/?type=sc&ts=1448999514&z=850773ff302d02196bf8352g7zaz6bft1tdt4w5g6z&from=cor&uid=ST1000LM014-SSHD-8GB_W380X9AHXXXXW380X9AH <==== UWAGA ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450111643&z=d73703014a7cfc2da4793c8gaz1w1e4g1g6gfq2wde&from=wpm07173&uid=ST1000LM014-SSHD-8GB_W380X9AHXXXXW380X9AH <==== UWAGA ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450111643&z=d73703014a7cfc2da4793c8gaz1w1e4g1g6gfq2wde&from=wpm07173&uid=ST1000LM014-SSHD-8GB_W380X9AHXXXXW380X9AH <==== UWAGA ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1450111643&z=d73703014a7cfc2da4793c8gaz1w1e4g1g6gfq2wde&from=wpm07173&uid=ST1000LM014-SSHD-8GB_W380X9AHXXXXW380X9AH <==== UWAGA ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450111643&z=d73703014a7cfc2da4793c8gaz1w1e4g1g6gfq2wde&from=wpm07173&uid=ST1000LM014-SSHD-8GB_W380X9AHXXXXW380X9AH <==== UWAGA ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1450111643&z=d73703014a7cfc2da4793c8gaz1w1e4g1g6gfq2wde&from=wpm07173&uid=ST1000LM014-SSHD-8GB_W380X9AHXXXXW380X9AH <==== UWAGA ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1450111643&z=d73703014a7cfc2da4793c8gaz1w1e4g1g6gfq2wde&from=wpm07173&uid=ST1000LM014-SSHD-8GB_W380X9AHXXXXW380X9AH <==== UWAGA ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450111643&z=d73703014a7cfc2da4793c8gaz1w1e4g1g6gfq2wde&from=wpm07173&uid=ST1000LM014-SSHD-8GB_W380X9AHXXXXW380X9AH <==== UWAGA ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1450111643&z=d73703014a7cfc2da4793c8gaz1w1e4g1g6gfq2wde&from=wpm07173&uid=ST1000LM014-SSHD-8GB_W380X9AHXXXXW380X9AH <==== UWAGA ==================== Załadowane moduły (filtrowane) ============== 2013-12-26 18:42 - 2013-12-26 18:42 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2008-12-20 02:20 - 2014-05-23 09:39 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll 2012-03-10 15:30 - 2014-05-23 09:39 - 01509936 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll 2012-03-08 14:40 - 2014-05-23 09:39 - 00011096 _____ () C:\Program Files (x86)\Lenovo\Energy Management\pl-PL\EMWpfUI.resources.dll 2008-12-20 02:20 - 2014-05-23 09:39 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll 2015-09-17 22:09 - 2012-09-10 03:03 - 00221552 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe 2015-09-17 22:09 - 2012-09-10 03:03 - 00037232 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\db_daemon.exe 2015-12-14 17:57 - 2015-08-06 04:47 - 00582144 _____ () C:\Program Files (x86)\WinZipper\curlpp.dll 2015-12-14 17:57 - 2015-07-15 06:58 - 00065688 _____ () C:\Program Files (x86)\WinZipper\zlib1.dll 2015-09-17 22:09 - 2011-05-06 04:03 - 00594944 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-1.dll 2015-09-17 22:09 - 2012-09-10 02:42 - 00099840 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\itapi.dll 2015-09-17 22:09 - 2012-09-10 02:42 - 00027648 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\log.dll 2015-09-17 22:09 - 2010-10-14 10:37 - 00971776 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libxml2.dll 2015-09-17 22:09 - 2010-10-14 10:37 - 00080688 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\zlib1.dll 2015-09-17 22:09 - 2012-09-10 02:42 - 00058880 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\coder.dll 2015-09-17 22:09 - 2012-09-10 02:42 - 00043520 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\audio.dll 2015-09-17 22:09 - 2012-09-10 02:42 - 00036352 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libConfig.dll 2015-09-17 22:09 - 2012-09-10 02:39 - 00021504 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libctlsvr.dll 2015-09-17 22:09 - 2011-12-26 08:41 - 00090624 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\CaptureCrash.dll 2015-09-17 22:09 - 2007-09-09 16:07 - 00151552 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libexpat.dll 2015-09-17 22:09 - 2011-05-06 04:02 - 00341504 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\sqlite3.dll 2015-12-09 22:00 - 2015-12-04 22:32 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\libglesv2.dll 2015-12-09 22:00 - 2015-12-04 22:32 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\libegl.dll 2015-12-09 22:00 - 2015-12-04 22:32 - 16573256 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{0CBD4F48-3751-475D-BE88-4F271385B672} => ""="Service" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-583818649-3997608106-3267890143-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Lenovo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" MSCONFIG\startupreg: Tiny download manager => "C:\Users\Lenovo\AppData\Local\DM\TinyDM.exe" /M MSCONFIG\startupreg: UMonit64 => C:\Windows\SysWOW64\UMonit64.exe ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{85549F76-FDF2-4DC5-9320-EFD8D28860CC}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{2C10AF90-5249-4925-B49A-B0F8CD7CF166}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{4789D38C-682D-466A-9B94-BD0D878D74D4}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{5A2A0D3F-8167-47A2-9DAA-C2E65696A259}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe FirewallRules: [{8DA0C4C9-FC4B-4F0D-9B08-338AA66DC331}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{8AE0BA02-2029-4D1E-8531-A8D7FC33F005}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{163195DF-CCDC-44E4-8CCE-251984812152}] => (Allow) F:\SteamLibrary\SteamApps\common\Half-Life\hl.exe FirewallRules: [{74E68612-B019-4053-BB3B-58A1BFE0D0F9}] => (Allow) F:\SteamLibrary\SteamApps\common\Half-Life\hl.exe FirewallRules: [{39521449-FC6D-4E36-9638-789D1E6BC9C3}] => (Allow) C:\Users\Lenovo\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4432C8F5-DEA9-48E6-BFBC-FCE6502785E9}] => (Allow) C:\Users\Lenovo\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A11A55CA-1D62-4018-B8D0-18D3B20525EF}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{DA7E9B0B-116B-487A-A06E-6B6956D354BF}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [TCP Query User{7E87DA60-BE87-4265-BD20-CF4509B29972}C:\gears of war pc full game ^^nosteam^^\gears of war\binaries\wargame-g4wlive.exe] => (Block) C:\gears of war pc full game ^^nosteam^^\gears of war\binaries\wargame-g4wlive.exe FirewallRules: [UDP Query User{239F390A-6D24-43A6-B60A-4E8CDB6D14C2}C:\gears of war pc full game ^^nosteam^^\gears of war\binaries\wargame-g4wlive.exe] => (Block) C:\gears of war pc full game ^^nosteam^^\gears of war\binaries\wargame-g4wlive.exe FirewallRules: [{0C3DDBE0-2C5B-49B8-8DA7-B0E5530C8348}] => (Allow) C:\Program Files\HP\HP Deskjet Ink Adv 2060 K110\Bin\USBSetup.exe FirewallRules: [{DB333E50-1814-44CA-857C-EEB4B30CF467}] => (Allow) C:\Program Files\HP\HP Deskjet Ink Adv 2060 K110\Bin\USBSetup.exe FirewallRules: [{A293A1A2-A3F7-472D-8BF7-1527B0284052}] => (Allow) C:\Program Files (x86)\webcamXP5\wLite.exe FirewallRules: [{28BCFFF3-041A-43B0-B2F1-BFB9D2AB330E}] => (Allow) C:\Program Files (x86)\webcamXP5\wLite.exe FirewallRules: [{030A5772-648C-4322-BA82-25B270B68C20}] => (Allow) C:\Program Files (x86)\webcamXP5\wService.exe FirewallRules: [{BB8C6E97-AA8E-4C94-B081-9C17C3846AA1}] => (Allow) C:\Program Files (x86)\webcamXP5\wService.exe FirewallRules: [{8ADB6B29-5FD0-47F4-A420-808FF00FF841}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{6A78D841-5E82-4E0C-9689-66C7750A0D57}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{E29B9B75-9A0C-40DD-B2F3-D04502125E5E}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{5D8D7E81-3D7F-4B6B-BAEF-E0AB23A99649}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{8D34FD7E-93C1-4A58-9BA3-CBC140D935CD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{BC7E85C8-1BC7-4CE6-AB26-62DC450994B4}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{E9BBC5CD-3DFF-4C2F-805A-6B7E92FA4126}] => (Allow) C:\Users\Lenovo\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{94B6EAFB-465D-4874-BB04-D2BF3C166B50}] => (Allow) D:\Program Files (x86)\SteamLibrary\SteamApps\common\Oddworld Abes Oddysee\AbeWin.exe FirewallRules: [{0BD3B9E2-4477-45F2-A00E-F95455221353}] => (Allow) D:\Program Files (x86)\SteamLibrary\SteamApps\common\Oddworld Abes Oddysee\AbeWin.exe FirewallRules: [{695503DF-6213-435B-9753-A51EFF016232}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld Abes Oddysee\AbeWin.exe FirewallRules: [{33157F4E-E223-4A42-AFCB-FE573ABECA7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld Abes Oddysee\AbeWin.exe FirewallRules: [{D17A070C-4CB4-4183-934F-8866A9ECB4D3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld Abes Exoddus\Exoddus.exe FirewallRules: [{E4D3828A-DF8E-46BF-B4AD-81DD117C240E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld Abes Exoddus\Exoddus.exe FirewallRules: [TCP Query User{72123F0E-E408-43D7-8070-11745D93456D}D:\program files (x86)\valve\portal 2\portal2.exe] => (Allow) D:\program files (x86)\valve\portal 2\portal2.exe FirewallRules: [UDP Query User{A0C00DD0-1367-43A7-AE24-2FA75BA82070}D:\program files (x86)\valve\portal 2\portal2.exe] => (Allow) D:\program files (x86)\valve\portal 2\portal2.exe FirewallRules: [TCP Query User{EC3FB913-DBFF-4B17-8C3D-01BA256340E0}F:\games\starcraft\starcraft.exe] => (Allow) F:\games\starcraft\starcraft.exe FirewallRules: [UDP Query User{E7E94926-828C-41BD-870F-023945D72291}F:\games\starcraft\starcraft.exe] => (Allow) F:\games\starcraft\starcraft.exe FirewallRules: [{9BBA917A-6AC9-4AD0-A616-4BC35D2DAAE4}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{ED27F6D3-8C50-4499-A659-680E42AB54D4}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{435B67BF-2D79-4646-9D11-699D4ED993D6}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe FirewallRules: [{BADBE768-51A5-49E9-BC5C-2B7B9180B514}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe FirewallRules: [TCP Query User{8AB03EA4-9ACC-400B-B0B4-E5FFA9526590}F:\program files (x86)\cm 01-02\cm0102.exe] => (Block) F:\program files (x86)\cm 01-02\cm0102.exe FirewallRules: [UDP Query User{659941FA-807F-451F-8272-9A0111EEF449}F:\program files (x86)\cm 01-02\cm0102.exe] => (Block) F:\program files (x86)\cm 01-02\cm0102.exe FirewallRules: [{D95CF6C4-F59D-46FA-83C6-69657A044ACA}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{F3F92056-8DFB-408E-A6B6-72C627F0D861}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [TCP Query User{F5AA9BAE-D53A-4C82-8790-28358AD3D03E}D:\program files (x86)\dying light\dyinglightgame.exe] => (Allow) D:\program files (x86)\dying light\dyinglightgame.exe FirewallRules: [UDP Query User{4CEF736B-BCAA-4A42-94B3-478EED779FC1}D:\program files (x86)\dying light\dyinglightgame.exe] => (Allow) D:\program files (x86)\dying light\dyinglightgame.exe FirewallRules: [TCP Query User{892F46E6-BF5C-48FE-8E6C-0B1E3439000E}D:\program files (x86)\gtx box team\wiedźmin 2 zabójcy królów edycja rozszerzona\bin\witcher2.exe] => (Allow) D:\program files (x86)\gtx box team\wiedźmin 2 zabójcy królów edycja rozszerzona\bin\witcher2.exe FirewallRules: [UDP Query User{F9C2806A-F765-4856-BAAA-9166F5F4789F}D:\program files (x86)\gtx box team\wiedźmin 2 zabójcy królów edycja rozszerzona\bin\witcher2.exe] => (Allow) D:\program files (x86)\gtx box team\wiedźmin 2 zabójcy królów edycja rozszerzona\bin\witcher2.exe FirewallRules: [{3A1D3658-8373-4712-80F8-DC254C5E7083}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{D4376356-6F03-4538-8FDB-E48B43E3D892}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{635C807F-418A-4B6C-8037-099196E3CCC2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{BD4D58BB-C29A-4C5E-A957-BCA0DC3FCEF7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{54D7647B-0991-42B0-82EF-D1747B31CBD4}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe FirewallRules: [UDP Query User{3D0FED3D-1519-4A94-A5F7-72A871F1541C}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe FirewallRules: [{D71BE0FB-04FD-46CC-8A3E-DC9825150708}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/14/2015 09:37:54 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: ZARZĄDZANIE NT) Description: System Windows nie może załadować pliku rejestru klas. SZCZEGÓŁY — Nieokreślony błąd. Error: (12/14/2015 09:36:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/14/2015 09:22:24 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: ZARZĄDZANIE NT) Description: System Windows nie może załadować pliku rejestru klas. SZCZEGÓŁY — Nieokreślony błąd. Error: (12/14/2015 09:20:22 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/14/2015 09:13:48 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: ZARZĄDZANIE NT) Description: System Windows nie może załadować pliku rejestru klas. SZCZEGÓŁY — Nieokreślony błąd. Error: (12/14/2015 09:11:47 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/14/2015 09:07:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: ZARZĄDZANIE NT) Description: System Windows nie może załadować pliku rejestru klas. SZCZEGÓŁY — Nieokreślony błąd. Error: (12/14/2015 09:05:22 PM) (Source: Symantec Network Protection) (EventID: 400) (User: ) Description: Network Intrusion Prevention is not protecting machine because its driver was unloaded Error: (12/14/2015 09:05:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/14/2015 08:27:59 PM) (Source: Symantec AntiVirus) (EventID: 51) (User: ) Description: Security Risk Found!WS.Reputation.1 in File: C:\Users\Lenovo\Downloads\FRST64.exe by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully. Dziennik System: ============= Error: (12/14/2015 09:35:53 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: ZARZĄDZANIE NT) Description: Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 9 Identyfikator procesora: 0 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error: (12/14/2015 09:35:41 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x00000109 (0xa3a039d8b0dd1786, 0xb3b7465f035b55f0, 0xfffff880031705c0, 0x0000000000000002)C:\Windows\MEMORY.DMP121415-18907-01 Error: (12/14/2015 09:35:40 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 21:33:48 na ‎2015-‎12-‎14 było nieoczekiwane. Error: (12/14/2015 09:20:23 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: ZARZĄDZANIE NT) Description: Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 9 Identyfikator procesora: 0 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error: (12/14/2015 09:12:00 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: ZARZĄDZANIE NT) Description: Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 9 Identyfikator procesora: 0 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error: (12/14/2015 09:08:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Advanced SystemCare Service 9 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/14/2015 09:05:09 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: ZARZĄDZANIE NT) Description: Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 9 Identyfikator procesora: 0 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error: (12/14/2015 09:04:31 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x00000109 (0xa3a039d8b59447b9, 0xb3b7465f081286e3, 0xfffff880035e25c0, 0x0000000000000002)C:\Windows\MEMORY.DMP121415-28267-01 Error: (12/14/2015 09:04:28 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 21:03:05 na ‎2015-‎12-‎14 było nieoczekiwane. Error: (12/14/2015 08:21:36 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: ZARZĄDZANIE NT) Description: Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 9 Identyfikator procesora: 0 Widok szczegółów tego wpisu zawiera dodatkowe informacje. CodeIntegrity: =================================== Date: 2015-12-13 12:07:49.328 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-11 18:47:16.814 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-11 18:46:39.464 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-02 19:23:05.884 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-02 17:53:13.962 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-10 21:33:58.784 Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available. Date: 2015-08-10 21:33:58.779 Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available. Date: 2015-08-10 21:33:58.645 Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available. Date: 2015-08-10 21:33:58.640 Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available. Date: 2015-08-10 21:33:58.496 Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz Procent pamięci w użyciu: 55% Całkowita pamięć fizyczna: 4012.36 MB Dostępna pamięć fizyczna: 1779.28 MB Całkowita pamięć wirtualna: 8022.93 MB Dostępna pamięć wirtualna: 5358.72 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:235.18 GB) (Free:89.68 GB) NTFS Drive d: () (Fixed) (Total:492.06 GB) (Free:411.66 GB) NTFS Drive f: (Nowy) (Fixed) (Total:204.18 GB) (Free:105.08 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D9FA2484) Partition 1: (Not Active) - (Size=993 KB) - (Type=42) Partition 2: (Active) - (Size=100 MB) - (Type=42) Partition 3: (Not Active) - (Size=235.2 GB) - (Type=42) Partition 4: (Not Active) - (Size=696.2 GB) - (Type=42) ==================== Koniec Addition.txt ============================