Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja:29-12-2015 Uruchomiony przez Ja (2015-12-29 18:28:18) Uruchomiony z C:\Users\Ja\Downloads Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2015-06-29 21:33:38) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1530225504-1027307781-76199518-500 - Administrator - Disabled) ASPNET (S-1-5-21-1530225504-1027307781-76199518-1005 - Limited - Enabled) Gość (S-1-5-21-1530225504-1027307781-76199518-501 - Limited - Disabled) Ja (S-1-5-21-1530225504-1027307781-76199518-1000 - Administrator - Enabled) => C:\Users\Ja ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1530225504-1027307781-76199518-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.) Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation) Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.47.0 - Adobe Systems Incorporated) Adobe Reader 8 - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated) Adobe Reader 8.1.2 Security Update 1 (KB403742) (HKLM\...\{AC76BA86-7AD7-1045-7B44-A81200000003}_Adobe Reader 8 - Polish) (Version: - ) ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.2.302.101 - ALPS ELECTRIC CO., LTD) ATI Catalyst Install Manager (HKLM\...\{F277C86B-04F4-1030-6236-4EC3EAAD65AC}) (Version: 3.0.691.0 - ATI Technologies, Inc.) Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) AVG (HKLM\...\AvgZen) (Version: 1.22.1.40089 - AVG Technologies) AVG (Version: 16.12.7303 - AVG Technologies) Hidden AVG 2016 (Version: 16.0.4489 - AVG Technologies) Hidden AVG Protection (HKLM\...\AVG) (Version: 2016.12.7303 - AVG Technologies) AVG Zen (Version: 1.22.1 - AVG Technologies) Hidden Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v6.10.10(T) - TOSHIBA CORPORATION) Brother MFL-Pro Suite (HKLM\...\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) (Version: 1.00 - Brother Industries, Ltd.) Camera Assistant Software for Toshiba (HKLM\...\{37C866E4-AA67-4725-9E95-A39968DD7960}) (Version: 1.7.231.1126L - Chicony Electronics Co.,Ltd.) ccc-core-static (Version: 2008.0917.337.4556 - Nazwa firmy) Hidden CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.02.05 - TOSHIBA) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) Dolby Control Center (HKLM\...\{87725CEF-1BC6-47C5-B2CD-96DD6D392EE3}) (Version: 1.2.0704 - Dolby) DVD MovieFactory for TOSHIBA (HKLM\...\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}) (Version: 5.51 - Ulead Systems, Inc.) FMW 1 (Version: 1.32.2 - AVG Technologies) Hidden Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Desktop (HKLM\...\Google Desktop) (Version: 5.7.0802.22438 - Google) Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden HDMI Control Manager (HKLM\...\{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}) (Version: 1.7 - TOSHIBA) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Java(TM) 6 Update 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160060}) (Version: 1.6.0.60 - Sun Microsystems, Inc.) JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.19.04 - JMicron Technology Corp.) K-Lite Codec Pack 11.2.0 Standard (HKLM\...\KLiteCodecPack_is1) (Version: 11.2.0 - ) Księga Express STD ver. 5.1.01 (HKLM\...\Księga Express STD_is1) (Version: - ) Manager (Version: 4.0.1.25166 - 2015 pdfforge GmbH. All rights reserved) Hidden Medieval II Total War (HKLM\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA) Medieval II Total War : Kingdoms : Britannia (HKLM\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA) Medieval II Total War : Kingdoms : Teutonic (HKLM\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA) Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - ) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Works (HKLM\...\{306B39C9-3AB1-4161-8567-9C7E50B41AE3}) (Version: 9.7.0621 - Microsoft Corporation) Mozilla Firefox 39.0 (x86 pl) (HKLM\...\Mozilla Firefox 39.0 (x86 pl)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla) MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) OLYMPUS Digital Camera Updater (HKLM\...\{D18925CE-5AF9-4394-8EF7-1081FFE7E98B}) (Version: 1.2.0 - OLYMPUS IMAGING CORP.) OLYMPUS Viewer 3 (HKLM\...\{B8737126-7348-4F84-93BF-D4A82E653CA7}) (Version: 1.1.0 - OLYMPUS IMAGING CORP.) Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) Pakiet sterowników systemu Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\E77704EF5E71F4F18CADFBFA68595AFE036D5D97) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.) PDF Architect 4 (HKLM\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH) PDF Architect 4 Create Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden PDF Architect 4 Edit Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden PDF Architect 4 View Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge) PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC) Picasa 2 (HKLM\...\Picasa2) (Version: 2.0 - Google, Inc.) PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Podreczniki TOSHIBA (HKLM\...\{10DFB03F-845F-4BC6-BE9E-7FEC377A0CD0}) (Version: 7.40 - TOSHIBA) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5923 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skins (Version: 2008.0917.337.4556 - ATI) Hidden Skype™ 7.15 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.103 - Skype Technologies S.A.) Sprzęt instalacyjny TOSHIBA (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.58.0.4C - TOSHIBA) TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.08 - TOSHIBA) TOSHIBA ConfigFree (HKLM\...\{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}) (Version: 7.3.15 - TOSHIBA Corporation) TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.1.3 - TOSHIBA Corporation) TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 2.10.18 - TOSHIBA Corporation) TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - Toshiba) TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 2.0.17.32 - TOSHIBA Corporation) TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.58.0.2C - TOSHIBA) TOSHIBA Hasło administratora (HKLM\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.58.0.2C - TOSHIBA) Toshiba Online Product Information (HKLM\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 1.00.0012 - TOSHIBA) TOSHIBA Recovery Disc Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.0.0.2 - TOSHIBA) TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.8.1.5JM2 - TOSHIBA) TOSHIBA Software Modem (HKLM\...\TOSHIBA Software Modem) (Version: 2.1.77 (SM2177ALD04) - Agere Systems) Toshiba TEMPRO (HKLM\...\{03FAA727-E2B7-471C-AC41-2E1C7F29C7EA}) (Version: 1.2 - Toshiba Europe GmbH) TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.1.32 - TOSHIBA Corporation) TRDCReminder (HKLM\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0015 - TOSHIBA) TRDCReminder (Version: 1.00.0015 - TOSHIBA) Hidden TRORDCLauncher (HKLM\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.1 - TOSHIBA) TRORDCLauncher (Version: 1.0.0.1 - TOSHIBA) Hidden Utility Common Driver (Version: 0.0.1.1C - TOSHIBA) Hidden Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - ) WinRAR 5.21 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WinUHA 2.0 RC1 (2005.02.27) (HKLM\...\WinUHA_is1) (Version: - Klaimsoft) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {467E7ED2-5A98-47D2-9407-C4563FE77F20} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-29] (Google Inc.) Task: {4BE52582-3861-4985-9583-2149711246EA} - \Price Fountain -> Brak pliku <==== UWAGA Task: {60356256-C0DE-4FAA-BBDE-727559AB196D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-29] (Google Inc.) Task: {70335DE8-DF3B-4484-B45A-A0998AA0806A} - System32\Tasks\klcp_update => D:\kodeki\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-05-31] () Task: {AF06C4CC-1DC4-43B6-A37E-37F385E131B4} - System32\Tasks\PrecipitatenessTootsyV2 => Rundll32.exe OpusHouseless.dll,main 7 1 <==== UWAGA Task: {C8D56D65-E18A-4D4E-A31E-322719A01AC9} - System32\Tasks\DeftnessSwoppedV2 => Rundll32.exe ReframedWrathily.dll,main 7 1 <==== UWAGA Task: {F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2008-08-22 19:07 - 2008-08-22 19:07 - 00126976 _____ () C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll 2008-08-22 19:07 - 2008-08-22 19:07 - 06701056 _____ () C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll 2008-08-22 19:07 - 2008-08-22 19:07 - 00995328 _____ () C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll 2008-12-08 16:11 - 2008-09-17 04:16 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll 2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2015-07-04 14:20 - 2005-02-16 00:44 - 00412672 _____ () D:\medieval\WinUHA\shellwinuha.dll 2006-11-06 17:14 - 2006-11-06 17:14 - 00034352 _____ () C:\Program Files\Toshiba\Utilities\KeNotify.exe 2008-09-24 14:44 - 2008-09-24 14:44 - 05360184 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll 2008-07-14 09:37 - 2008-07-14 09:37 - 00095544 _____ () C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll 2008-12-08 16:30 - 2006-10-10 11:44 - 00009728 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll 2007-12-25 12:03 - 2007-12-25 12:03 - 00015184 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll 2006-10-07 12:57 - 2006-10-07 12:57 - 00053248 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll 2006-12-01 17:55 - 2006-12-01 17:55 - 00009216 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll 2015-12-29 13:54 - 2015-12-29 13:53 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll 2015-12-06 00:15 - 2015-12-06 00:15 - 00349184 _____ () C:\Users\Ja\AppData\Local\DeftnessSwopped\ReframedWrathily.dll 2015-12-29 14:48 - 2015-12-11 04:54 - 16573256 _____ () C:\Program Files\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1530225504-1027307781-76199518-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ja\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [{6AC33D79-694E-475B-82C5-7798F33BD12F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{C8E9DADC-3430-49F6-8B39-12144C039A93}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{6E78F464-4F92-404C-9976-689551D956FE}] => (Allow) D:\AVG\avgmfapx.exe FirewallRules: [{6039A915-4F7F-4D26-A6AA-59493287826C}] => (Allow) D:\AVG\avgmfapx.exe FirewallRules: [{E4FFE00D-55D4-42C6-AB21-D0CA73ECAF18}] => (Allow) C:\Users\Ja\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{272D2FC5-C556-4FDB-896C-AA9FAEACF779}] => (Allow) C:\Users\Ja\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{EB854253-DDC4-4F2E-A826-1B3DF8E256F2}] => (Allow) D:\office\Office14\GROOVE.EXE FirewallRules: [{6A3F46BC-5D25-4E58-9598-2ADD5DCAD9A1}] => (Allow) D:\office\Office14\GROOVE.EXE FirewallRules: [{CFE0A2D6-3290-4A0C-B788-4DD9FFC4F334}] => (Allow) D:\office\Office14\ONENOTE.EXE FirewallRules: [{3B5DC597-E5CE-4D44-ADF9-EA531F266A92}] => (Allow) D:\office\Office14\ONENOTE.EXE FirewallRules: [{6EF4957F-6123-4D7F-92BC-97A79E6BEF0B}] => (Allow) D:\office\Office14\outlook.exe FirewallRules: [{8B4641CE-041C-45F6-8DD0-B3DA0201AA6A}] => (Allow) LPort=80 FirewallRules: [{16F39DCB-0ACE-4BE7-A072-289105F81268}] => (Allow) LPort=80 FirewallRules: [{CA0BACC4-203A-47D6-A58B-873F9D531778}] => (Allow) LPort=80 FirewallRules: [{4255863E-F004-451D-9F23-AA418B418C25}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{649C3126-7656-48FB-9529-3B2D5205F2D5}] => (Allow) D:\AVG\avgnsx.exe FirewallRules: [{B406D7E8-DD30-4932-A605-338864054926}] => (Allow) D:\AVG\avgnsx.exe FirewallRules: [{C9B9A6DC-2B4A-4F17-ACFC-E4E201ACEF58}] => (Allow) D:\AVG\avgdiagex.exe FirewallRules: [{083C7F95-CA01-4EF5-8697-84272FA4ECBD}] => (Allow) D:\AVG\avgdiagex.exe FirewallRules: [{D37E3780-A51F-4D86-9CE1-BD6BE339BF2D}] => (Allow) D:\AVG\avgemcx.exe FirewallRules: [{F6245770-C2F0-41CA-9D44-B0A19F174421}] => (Allow) D:\AVG\avgemcx.exe FirewallRules: [{DB479BEB-CEEF-4A1E-8438-C254A39E9962}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe FirewallRules: [{426C031C-3335-4B46-90BC-A24324A3D543}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe FirewallRules: [{09D72868-8DAC-41BC-ADEE-23A280A8299D}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe FirewallRules: [{AF54DF0C-3786-451F-9916-7181BD63A5CF}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe FirewallRules: [{384F8D78-F394-40EE-9612-A83E76EB7D50}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe FirewallRules: [{EC076BFB-89C8-43F7-ADF9-8C446775E4F2}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe FirewallRules: [{CC336457-6760-47C7-91FA-EFDFD62F6C13}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe FirewallRules: [{4151AEF4-443C-42A2-8E1D-EE897D905A84}] => (Allow) C:\Program Files\AVG\Av\avgemcx.exe FirewallRules: [{16E3D781-43B6-4E90-8241-9110853E5C68}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= 17-12-2015 05:27:03 Windows Update 17-12-2015 18:57:48 Zaplanowany punkt kontrolny 18-12-2015 17:04:47 Windows Update 19-12-2015 08:03:12 Windows Update 20-12-2015 12:42:24 Windows Update 20-12-2015 17:38:59 Windows Update 21-12-2015 19:33:58 Windows Update 22-12-2015 17:59:50 Windows Update 22-12-2015 18:02:27 Removed Visual Studio 2012 x86 Redistributables 22-12-2015 18:07:39 Removed AVG 22-12-2015 18:10:33 Removed AVG 2016 22-12-2015 18:32:56 Installed AVG 2016 22-12-2015 18:33:41 Installed AVG 22-12-2015 22:25:11 Windows Update 22-12-2015 22:26:57 Windows Update 22-12-2015 22:28:07 Windows Update 22-12-2015 22:34:29 Windows Update 22-12-2015 22:36:23 Windows Update 25-12-2015 12:03:31 Windows Update 26-12-2015 12:42:29 Windows Update 27-12-2015 14:17:10 Windows Update 28-12-2015 14:45:43 Windows Update 28-12-2015 17:54:46 Advanced System~Protector 29-12-2015 11:19:18 Windows Update 29-12-2015 13:40:20 Operacja przywracania 29-12-2015 14:00:07 Windows Update 29-12-2015 14:25:42 Installed AVG 2016 29-12-2015 14:26:43 Installed AVG ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/29/2015 03:21:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/29/2015 03:20:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd creator-ws.exe, wersja 4.0.9.25450, sygnatura czasowa 0x56250cc7, moduł powodujący błąd MSVCR110.dll, wersja 11.0.51106.1, sygnatura czasowa 0x5098858e, kod wyjątku 0x40000015, przesunięcie błędu 0x000a327c, identyfikator procesu 0xb08, godzina rozpoczęcia aplikacji 0xcreator-ws.exe0. Error: (12/29/2015 03:08:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd ProtectWindowsManager.exe, wersja 20.0.0.2508, sygnatura czasowa 0x56615852, moduł powodujący błąd ProtectWindowsManager.exe, wersja 20.0.0.2508, sygnatura czasowa 0x56615852, kod wyjątku 0xc0000417, przesunięcie błędu 0x00020865, identyfikator procesu 0x23c, godzina rozpoczęcia aplikacji 0xProtectWindowsManager.exe0. Error: (12/29/2015 02:44:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd chrome.exe, wersja 47.0.2526.80, sygnatura czasowa 0x5661f059, moduł powodujący błąd chrome.dll, wersja 47.0.2526.80, sygnatura czasowa 0x5661ebb9, kod wyjątku 0x80000003, przesunięcie błędu 0x000164e6, identyfikator procesu 0x10b0, godzina rozpoczęcia aplikacji 0xchrome.exe0. Error: (12/29/2015 02:39:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd chrome.exe, wersja 47.0.2526.80, sygnatura czasowa 0x5661f059, moduł powodujący błąd chrome.dll, wersja 47.0.2526.80, sygnatura czasowa 0x5661ebb9, kod wyjątku 0x80000003, przesunięcie błędu 0x000164e6, identyfikator procesu 0x29c, godzina rozpoczęcia aplikacji 0xchrome.exe0. Error: (12/29/2015 02:36:04 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/29/2015 02:35:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd creator-ws.exe, wersja 4.0.9.25450, sygnatura czasowa 0x56250cc7, moduł powodujący błąd MSVCR110.dll, wersja 11.0.51106.1, sygnatura czasowa 0x5098858e, kod wyjątku 0x40000015, przesunięcie błędu 0x000a327c, identyfikator procesu 0xb6c, godzina rozpoczęcia aplikacji 0xcreator-ws.exe0. Error: (12/29/2015 02:21:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd chrome.exe, wersja 47.0.2526.80, sygnatura czasowa 0x5661f059, moduł powodujący błąd chrome.dll, wersja 47.0.2526.80, sygnatura czasowa 0x5661ebb9, kod wyjątku 0x80000003, przesunięcie błędu 0x000164e6, identyfikator procesu 0x17bc, godzina rozpoczęcia aplikacji 0xchrome.exe0. Error: (12/29/2015 02:16:54 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/29/2015 02:15:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd creator-ws.exe, wersja 4.0.9.25450, sygnatura czasowa 0x56250cc7, moduł powodujący błąd MSVCR110.dll, wersja 11.0.51106.1, sygnatura czasowa 0x5098858e, kod wyjątku 0x40000015, przesunięcie błędu 0x000a327c, identyfikator procesu 0x6a4, godzina rozpoczęcia aplikacji 0xcreator-ws.exe0. Dziennik System: ============= Error: (12/29/2015 03:21:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: PDF Architect 4 Creator1 Error: (12/29/2015 03:21:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (12/29/2015 03:17:11 PM) (Source: PlugPlayManager) (EventID: 11) (User: ) Description: Urządzenie Root\LEGACY_ISAFEKRNLR3\0000 zniknęło z systemu bez uprzedniego przygotowania go do usunięcia. Error: (12/29/2015 03:14:32 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExWStart%%5 Error: (12/29/2015 03:14:32 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExWStart%%5 Error: (12/29/2015 02:37:04 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: domyślne ustawienia komputeraLokalnyAktywacja{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}ZARZĄDZANIE NTUSŁUGA SIECIOWAS-1-5-20LocalHost (użycie LRPC) Error: (12/29/2015 02:36:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: PDF Architect 4 Creator1 Error: (12/29/2015 02:36:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (12/29/2015 02:17:33 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: domyślne ustawienia komputeraLokalnyAktywacja{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}ZARZĄDZANIE NTUSŁUGA SIECIOWAS-1-5-20LocalHost (użycie LRPC) Error: (12/29/2015 02:16:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: PDF Architect 4 Creator1 CodeIntegrity: =================================== Date: 2015-12-29 18:27:39.243 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-29 18:27:39.040 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-29 18:27:38.822 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-29 18:27:38.603 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-29 18:27:38.042 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-29 18:27:37.839 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-29 18:27:37.621 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-29 18:27:37.402 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-29 18:27:37.012 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-29 18:27:36.809 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz Procent pamięci w użyciu: 64% Całkowita pamięć fizyczna: 3035.96 MB Dostępna pamięć fizyczna: 1086.79 MB Całkowita pamięć wirtualna: 6278.17 MB Dostępna pamięć wirtualna: 4208.57 MB ==================== Dyski ================================ Drive c: (Vista) (Fixed) (Total:83.06 GB) (Free:11.89 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: (Nowy) (Fixed) (Total:66.35 GB) (Free:38.36 GB) NTFS Drive e: (Data) (Fixed) (Total:147.21 GB) (Free:103.53 GB) NTFS Drive h: (MED2TW_1) (CDROM) (Total:3.74 GB) (Free:0 GB) UDF ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 8FDCD06D) Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27) Partition 2: (Active) - (Size=83.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=66.4 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=147.2 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================