Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja:09-01-2015 Uruchomiony przez Administrator (2016-01-10 14:21:49) Uruchomiony z E:\FF Download Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) (2015-01-26 13:55:41) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1491950412-2009852829-4049741679-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator ASPNET (S-1-5-21-1491950412-2009852829-4049741679-1001 - Limited - Enabled) Gość (S-1-5-21-1491950412-2009852829-4049741679-501 - Limited - Disabled) Pomocnik (S-1-5-21-1491950412-2009852829-4049741679-1000 - Limited - Disabled) postgres (S-1-5-21-1491950412-2009852829-4049741679-1003 - Limited - Enabled) => %SystemDrive%\Documents and Settings\postgres ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.) Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.) Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.1.102.64 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated) Adobe Photoshop CS4 (HKLM\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) AIMP3 (HKLM\...\AIMP3) (Version: v3.60.1503, 26.09.2015 - AIMP DevTeam) Aktualizacja systemu Microsoft Windows (KB971513) (HKLM\...\KB971513) (Version: - Microsoft Corporation) Aktualizacja zabezpieczeń dla Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version: - Microsoft Corporation) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation) Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation) Aktualizacja zabezpieczeń dla Windows XP (KB941569) (HKLM\...\KB941569) (Version: - Microsoft Corporation) Aktualizacje NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden android_driver_install.exe (HKLM\...\android_driver_install_is1) (Version: - android) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version: - ) AudioBox version 1.2 (HKLM\...\{554BB593-3543-4AEB-A192-2AC87EC3FF31}_is1) (Version: 1.2 - PreSonus) calibre (HKLM\...\{DD649DA2-BBD9-4247-85DD-E04F7C1E8552}) (Version: 1.48.0 - Kovid Goyal) CameraHelperMsi (Version: 13.51.815.0 - Logitech) Hidden COMODO Internet Security Premium (HKLM\...\{18F14F4B-D8A9-4309-817E-3BC0B7664E53}) (Version: 8.0.0.4344 - COMODO Security Solutions Inc.) Connect (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd) Desktop Restore (HKLM\...\{228CEA74-6DD1-40B9-B95F-77273F4316B5}) (Version: 1.6.3 - JOConnell) erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden f.lux (HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\Flux) (Version: - ) Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden HashCheck Shell Extension (x86-32) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.0 - Kai Liu) HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - ) Java 8 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) KMPlayer (HKLM\...\The KMPlayer) (Version: 4.0.1.5 - PandoraTV) kuler (Version: 2.0 - Adobe Systems Incorporated) Hidden Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.) MagicHoldem (HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\MagicHoldem) (Version: 4.2.2.3122 - Kessem Holdings Limited) MaxBulk Mailer 7.9.1 (HKLM\...\MaxBulk Mailer_is1) (Version: - Max Programming LLC) Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK (HKLM\...\{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK (HKLM\...\{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Might & Magic Heroes VI - Shades of Darkness (HKLM\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.1 - Ubisoft) Mozilla Firefox 43.0.4 (x86 pl) (HKLM\...\Mozilla Firefox 43.0.4 (x86 pl)) (Version: 43.0.4 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) NapiProjekt (2.2.0.2399) (HKLM\...\NapiProjekt_is1) (Version: - ) NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA nView 141.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.24 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik graficzny 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) Obsługa programów Apple (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) Panel sterowania NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden PDF Settings CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden Photoshop Camera Raw (Version: 5.0 - Adobe Systems Incorporated) Hidden PokerStars.eu (HKLM\...\PokerStars.eu) (Version: - PokerStars.eu) PokerTracker 4 (remove only) (HKLM\...\PokerTracker4) (Version: - ) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Poprawka dla systemu Windows XP (KB942288-v3) (HKLM\...\KB942288-v3) (Version: 3 - Microsoft Corporation) PostgreSQL 8.4 (HKLM\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group) QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) RamDisk Plus 11.8 (HKLM\...\{D96E4F17-2635-4CBD-9308-F99228929C41}) (Version: 11.8.1298 - SuperSpeed LLC) REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.35.0000 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.7083 - Realtek Semiconductor Corp.) Skype™ 7.17 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.) Suite Shared Configuration CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation) Uplay (HKLM\...\Uplay) (Version: 2.0 - Ubisoft) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden WindowBlinds (HKLM\...\WindowBlinds) (Version: 6.30.095 - Stardock Corporation) WinRAR 5.01 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.27.5\psu (dane wartości zawierają 21 znaków więcej). CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{38216570-5DB1-45F8-A344-B0C4E252B14B}\InprocServer32 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.26.7\psu (dane wartości zawierają 21 znaków więcej). CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.28.1\psu (dane wartości zawierają 21 znaków więcej). CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.165\p (dane wartości zawierają 23 znaków więcej). CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.25.11\ps (dane wartości zawierają 22 znaków więcej). ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe Task: C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1993962763-1801674531-500Core.job => C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1993962763-1801674531-500UA.job => C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\task Update.job => C:\Program Files\Window Update\task Update\task.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Documents and Settings\All Users\Menu Start\Programy\PostgreSQL 8.4\SQL Shell (psql).lnk -> C:\postgreSQL\scripts\runpsql.bat () ShortcutWithArgument: C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria\Narzędzia systemowe\Internet Explorer (bez dodatków).lnk -> C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 ShortcutWithArgument: C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 ShortcutWithArgument: C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 ShortcutWithArgument: C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 ShortcutWithArgument: C:\Documents and Settings\All Users\Menu Start\Programy\Google Chrome\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 ShortcutWithArgument: C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 ShortcutWithArgument: C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1452242230&z=e971aa1195e3e43f2351851g6z7wfo8o8zbo7o2z8z&from=wpm01073&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 ==================== Załadowane moduły (filtrowane) ============== 2015-01-26 17:48 - 2012-08-31 15:01 - 00151552 _____ () C:\WINDOWS\system32\HP1100LM.DLL 2015-01-26 17:48 - 2012-08-31 15:01 - 00069632 _____ () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\HP1100PP.DLL 2015-01-26 17:48 - 2012-08-31 15:02 - 02306048 _____ () C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\hp1100su.dll 2015-01-26 17:48 - 2012-08-31 15:01 - 00794624 _____ () C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1100GC.dll 2015-01-26 16:33 - 2015-01-26 16:32 - 00008192 _____ () C:\WINDOWS\system32\srvany.exe 2015-01-26 16:33 - 2015-01-26 16:32 - 00151552 _____ () C:\WINDOWS\KMService.exe 2015-11-01 16:01 - 2014-02-18 09:11 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll 2015-11-01 16:02 - 2012-08-14 14:19 - 00999424 _____ () c:\postgreSQL\bin\libxml2.dll 2015-01-26 20:10 - 2015-01-26 20:10 - 00444416 _____ () C:\WINDOWS\System32\svhost.exe 2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2015-11-01 16:47 - 2015-11-01 16:49 - 00073728 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\fpdb.exe 2015-11-01 16:47 - 2010-07-04 10:03 - 00040960 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\_socket.pyd 2015-11-01 16:47 - 2010-07-04 10:03 - 00721408 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\_ssl.pyd 2015-11-01 16:47 - 2012-02-07 17:37 - 00098816 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\win32api.pyd 2015-11-01 16:47 - 2012-02-07 17:35 - 00110080 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\pywintypes27.dll 2015-11-01 16:47 - 2010-07-04 10:03 - 00073216 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\_ctypes.pyd 2015-11-01 16:47 - 2010-07-04 10:04 - 00011776 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\select.pyd 2015-11-01 16:47 - 2010-07-04 10:04 - 00153088 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\pyexpat.pyd 2015-11-01 16:47 - 2011-04-09 09:59 - 00058368 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\glib._glib.pyd 2015-11-01 16:47 - 2011-04-09 09:59 - 00113152 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\gobject._gobject.pyd 2015-11-01 16:47 - 2011-04-09 10:02 - 01882624 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\gtk._gtk.pyd 2015-11-01 16:47 - 2012-02-09 00:50 - 01294335 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\libcairo-2.dll 2015-11-01 16:47 - 2012-02-09 00:50 - 00279059 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\libfontconfig-1.dll 2015-11-01 16:47 - 2012-02-09 00:50 - 00143096 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\libexpat-1.dll 2015-11-01 16:47 - 2012-02-09 00:50 - 00538324 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\freetype6.dll 2015-11-01 16:47 - 2012-02-09 00:51 - 00230529 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\libpng14-14.dll 2015-11-01 16:47 - 2012-02-09 00:51 - 00100352 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\zlib1.dll 2015-11-01 16:47 - 2010-11-02 21:35 - 00069632 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\cairo._cairo.pyd 2015-11-01 16:47 - 2011-04-09 09:59 - 00263168 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\gio._gio.pyd 2015-11-01 16:47 - 2011-04-09 10:03 - 00111616 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\pango.pyd 2015-11-01 16:47 - 2011-04-09 10:03 - 00208384 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\atk.pyd 2015-11-01 16:47 - 2011-04-09 10:03 - 00017920 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\pangocairo.pyd 2015-11-01 16:47 - 2012-02-09 00:51 - 00100255 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\lib\gtk-2.0\2.10.0\engines\libwimp.dll 2015-11-01 16:47 - 2012-02-07 17:36 - 00018432 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\win32event.pyd 2015-11-01 16:47 - 2011-11-19 21:46 - 01093467 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\numpy.core.multiarray.pyd 2015-11-01 16:47 - 2011-11-19 21:46 - 00389046 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\numpy.core.umath.pyd 2015-11-01 16:47 - 2011-11-19 21:46 - 00127559 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\numpy.core._sort.pyd 2015-11-01 16:47 - 2011-11-19 21:46 - 00177416 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\numpy.core.scalarmath.pyd 2015-11-01 16:47 - 2011-11-19 21:46 - 00039360 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\numpy.lib._compiled_base.pyd 2015-11-01 16:47 - 2011-11-19 21:46 - 01036535 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\numpy.linalg.lapack_lite.pyd 2015-11-01 16:47 - 2011-11-19 21:46 - 00049073 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\numpy.fft.fftpack_lite.pyd 2015-11-01 16:47 - 2011-11-19 21:46 - 00505062 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\numpy.random.mtrand.pyd 2015-11-01 16:47 - 2010-07-04 10:03 - 00057344 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\_sqlite3.pyd 2015-11-01 16:47 - 2010-07-04 10:03 - 00635392 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\sqlite3.dll 2015-11-01 16:47 - 2012-02-02 00:01 - 00216064 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\cdecimal.pyd 2015-11-01 16:47 - 2011-02-27 21:35 - 00143360 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\pokereval._pokereval_2_7.pyd 2015-11-01 16:47 - 2012-02-07 17:37 - 00045568 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\win32console.pyd 2015-11-01 16:47 - 2011-11-20 18:40 - 00135680 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\matplotlib._path.pyd 2015-11-01 16:47 - 2011-11-20 18:40 - 00498688 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\matplotlib.ft2font.pyd 2015-11-01 16:47 - 2011-11-20 18:40 - 00011776 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\matplotlib.nxutils.pyd 2015-11-01 16:47 - 2010-07-04 10:03 - 00688128 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\unicodedata.pyd 2015-11-01 16:47 - 2011-11-20 18:40 - 00197632 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\matplotlib._png.pyd 2015-11-01 16:47 - 2010-07-04 10:03 - 00030208 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\_tkinter.pyd 2015-11-01 16:47 - 2010-05-15 16:03 - 00324096 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\PIL._imaging.pyd 2015-11-01 16:47 - 2011-11-20 18:40 - 00018944 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\matplotlib._cntr.pyd 2015-11-01 16:47 - 2010-07-04 10:04 - 00287232 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\_hashlib.pyd 2015-11-01 16:47 - 2011-11-20 18:40 - 00146432 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\matplotlib._image.pyd 2015-11-01 16:47 - 2011-11-20 18:40 - 00047616 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\matplotlib._delaunay.pyd 2015-11-01 16:47 - 2011-11-20 18:40 - 00123904 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\matplotlib._tri.pyd 2015-11-01 16:47 - 2011-11-20 18:40 - 00009216 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\matplotlib.backends._backend_gdk.pyd 2015-11-01 16:47 - 2011-11-20 18:40 - 00216064 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\matplotlib.backends._backend_agg.pyd 2015-11-01 16:47 - 2011-11-20 18:40 - 00071168 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\matplotlib.backends._gtkagg.pyd 2015-11-01 16:47 - 2011-11-20 18:40 - 00063488 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\matplotlib.backends._tkagg.pyd 2015-11-01 16:47 - 2015-11-01 16:49 - 00031744 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\HUD_main.exe 2015-11-01 16:47 - 2012-02-07 17:37 - 00167424 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\win32gui.pyd 2015-11-01 16:47 - 2012-02-07 17:36 - 00035840 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\win32process.pyd 2015-11-01 16:47 - 2012-02-07 17:36 - 00108544 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\win32security.pyd 2015-11-01 16:47 - 2012-02-09 00:51 - 00025609 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-svg.dll 2015-11-01 16:47 - 2013-11-14 18:11 - 00273302 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\librsvg-2-2.dll 2015-11-01 16:47 - 2013-11-14 18:11 - 00257706 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\libcroco-0.6-3.dll 2015-11-01 16:47 - 2013-11-14 18:11 - 01225225 _____ () C:\Documents and Settings\Administrator\Pulpit\Poker\pyfpdb\libxml2-2.dll 2008-04-15 21:00 - 2008-04-15 21:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll 2015-01-26 16:09 - 2012-01-20 13:55 - 00427520 _____ () C:\Programy\TeraCopy\TeraCopyExt.dll 2015-01-26 19:30 - 2014-07-02 21:43 - 00681760 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll 2015-01-26 17:48 - 2012-08-31 15:02 - 00274432 _____ () C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\hp1100sd.dll 2013-04-15 17:39 - 2015-01-08 23:02 - 00061152 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2015-12-25 09:34 - 2016-01-04 20:56 - 00074752 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\MagicHoldem_service.exe 2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf 2015-06-28 23:42 - 2010-02-28 02:55 - 01040736 _____ () C:\Programy_\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll 2015-09-07 08:21 - 2015-10-01 08:58 - 00218112 _____ () C:\Programy_\AIMP3\System\libsoxr.dll 2015-09-07 08:21 - 2015-10-01 08:58 - 00467968 _____ () C:\Programy_\AIMP3\System\Encoders\libFLAC.dll 2015-09-07 08:21 - 2015-10-01 08:58 - 01733120 _____ () C:\Programy_\AIMP3\System\Encoders\aimp_libvorbis.dll 2015-10-01 08:58 - 2015-10-01 08:58 - 00059976 _____ () C:\Programy_\AIMP3\Plugins\aimp_AnalogMeter\aimp_AnalogMeter.dll 2015-10-01 08:58 - 2015-10-01 08:58 - 00160840 _____ () C:\Programy_\AIMP3\Plugins\aimp_cdda\aimp_cdda.dll 2015-10-01 08:58 - 2015-10-01 08:58 - 00159232 _____ () C:\Programy_\AIMP3\Plugins\aimp_sacd\libsacd.dll 2015-10-01 08:58 - 2015-10-01 08:58 - 00026624 _____ () C:\Programy_\AIMP3\Plugins\Aorta\Aorta.dll 2015-10-01 08:58 - 2015-10-01 08:58 - 00237568 _____ () C:\Programy_\AIMP3\Plugins\OptimFROG\OptimFROG.dll 2015-10-01 08:58 - 2015-10-01 08:58 - 00152648 _____ () C:\Programy_\AIMP3\Plugins\PandemicAnalogMeter\PandemicAnalogMeter.dll 2015-12-14 14:36 - 2015-12-14 22:48 - 17647296 ____N () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll 2015-12-25 09:34 - 2015-12-25 09:34 - 28396032 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\libcef.dll 2015-12-25 09:35 - 2015-12-25 09:35 - 00291328 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\MH_Detector.dll 2015-12-25 09:35 - 2015-12-25 09:35 - 00123392 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\MH_Utils.dll 2015-12-25 09:35 - 2015-12-25 09:35 - 00152064 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\MH_Reader.dll 2015-12-25 09:36 - 2015-12-25 09:36 - 00019968 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\MH_Level1.dll 2015-12-25 09:36 - 2015-12-25 09:36 - 00182272 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\MH_Level1A.dll 2015-12-25 09:34 - 2015-12-25 09:34 - 00628224 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\libglesv2.dll 2015-12-25 09:34 - 2015-12-25 09:34 - 00110592 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\libegl.dll 2015-12-25 09:34 - 2015-12-25 09:34 - 01195022 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\avcodec-54.dll 2015-12-25 09:34 - 2015-12-25 09:34 - 00138766 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\avutil-51.dll 2015-12-25 09:34 - 2015-12-25 09:34 - 00217614 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\avformat-54.dll 2015-12-25 09:35 - 2015-12-25 09:35 - 00635392 _____ () C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\MagicHoldem\MH_Level2_PS.dll 2015-10-01 10:16 - 2015-10-01 10:16 - 01659672 _____ () C:\Programy_\PokerStars2\gameutil2.exe 2015-10-01 10:16 - 2015-11-12 18:46 - 00297400 _____ () C:\Programy_\PokerStars2\br\PokerStarsBr.exe 2015-10-01 10:16 - 2015-10-01 10:16 - 40560920 _____ () C:\Programy_\PokerStars2\br\libcef.dll 2015-10-01 10:16 - 2015-10-01 10:16 - 09306392 _____ () C:\Programy_\PokerStars2\br\pdf.dll 2015-10-01 10:16 - 2015-10-01 10:16 - 00989976 _____ () C:\Programy_\PokerStars2\br\ffmpegsumo.dll 2016-01-04 18:16 - 2016-01-04 18:16 - 01114648 _____ () C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll 2016-01-09 09:51 - 2016-01-09 09:51 - 17882304 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll 2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files\Adobe\Reader 11.0\Reader\sqlite.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\headerPic.jpg:$CmdTcID AlternateDataStreams: C:\headerPic.jpg:$CmdZnID AlternateDataStreams: C:\WINDOWS\stub.exe:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\CNHMCA.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\CNMLM9Y.DLL:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\DevManagerCore.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\drmupgds.exe:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\dshowext.ax:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\FlashPlayerApp.exe:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\iyuv_32.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\kstvtune.ax:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\kswdmcap.ax:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\ksxbar.ax:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\LogiDPP.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\LogiDPPApp.exe:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\LVUI2.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\LVUI2RC.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\msfeedssync.exe:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\msh263.drv:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\msyuv.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\nv4_disp.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\nvapi.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\nvcolor.exe:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\nvcompiler.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\nvcuda.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\nvcuvid.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\nvdispco3234052.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco3234052.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\nvoglnt.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\nvopencl.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\nvsvc32.exe:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\OpenCL.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\ptpusb.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\ptpusd.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\svhost.exe:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\svhost.exe:$CmdZnID AlternateDataStreams: C:\WINDOWS\system32\tsbyuv.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\uwdf.exe:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\vfwwdm32.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\vidcap.ax:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\wbsys.dll:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\wdfmgr.exe:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\winfxdocobj.exe:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\wpdshextautoplay.exe:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\wudfhost.exe:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\Drivers\androidusb.sys:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\Drivers\drmk.sys:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\Drivers\dtlitescsibus.sys:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\Drivers\dtliteusbbus.sys:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\Drivers\innosusbnet.sys:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\Drivers\innosusbser.sys:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\Drivers\lvrs.sys:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\Drivers\lvuvc.sys:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\Drivers\nv4_mini.sys:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\Drivers\portcls.sys:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\Drivers\stream.sys:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBAUDIO.sys:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbccgp.sys:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbscan.sys:$CmdTcID AlternateDataStreams: C:\WINDOWS\system32\dllcache\msi.dll:$CmdTcID AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\CAŁA STRONA.rar:$CmdTcID AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\CAŁA STRONA.rar:$CmdZnID AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\E-book2.docx:$CmdZnID AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\lee-nelson.pdf:$CmdTcID AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\lee-nelson.pdf:$CmdZnID AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\lp.pdf:$CmdZnID AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\poker.jpg:$CmdZnID AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\Radioparty.m3u:$CmdZnID AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\umowa-wynajem.pdf:$CmdZnID AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\umowa. 1.07.docx:$CmdZnID AlternateDataStreams: C:\Documents and Settings\Administrator\Moje dokumenty\(16)Miasta-0009.jpg:$CmdTcID AlternateDataStreams: C:\Documents and Settings\Administrator\Moje dokumenty\(16)Miasta-0009.jpg:$CmdZnID AlternateDataStreams: C:\Documents and Settings\Administrator\Moje dokumenty\11295664_1008524365825496_3147538779424415360_n.jpg:$CmdZnID AlternateDataStreams: C:\Documents and Settings\postgres\Del1281.bat:$CmdTcID ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2008-04-15 21:00 - 2015-01-26 18:23 - 00000800 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 www.yamicsoft.com 127.0.0.1 activate.adobe.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1491950412-2009852829-4049741679-1003\Control Panel\Desktop\\Wallpaper -> (Brak) HKU\S-1-5-21-1491950412-2009852829-4049741679-500\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp DNS Servers: 156.154.70.25 - 156.154.71.25 Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupfolder: C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^FLCInstaller.lnk => C:\WINDOWS\pss\FLCInstaller.lnkStartup MSCONFIG\startupfolder: C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^Logitech . Rejestracja produktu.lnk => C:\WINDOWS\pss\Logitech . Rejestracja produktu.lnkStartup MSCONFIG\startupfolder: C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^WLANDLL.lnk => C:\WINDOWS\pss\WLANDLL.lnkStartup MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Start GeekBuddy.lnk => C:\WINDOWS\pss\Start GeekBuddy.lnkCommon Startup MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Programy_\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: Graphics Drivers => C:\WINDOWS\stub.exe MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k MSCONFIG\startupreg: LWS => C:\Programy_\Logitech\LWS\Webcam Software\LWS.exe -hide MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup MSCONFIG\startupreg: NvMediaCenter => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login MSCONFIG\startupreg: nwiz => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Svhost => C:\WINDOWS\system32\svhost.exe MSCONFIG\startupreg: uTorrent => "C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent\uTorrent.exe" /MINIMIZED ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe] => Enabled:WebKit StandardProfile\AuthorizedApplications: [C:\Programy_\Microsoft Office\Office14\GROOVE.EXE] => Enabled:Microsoft SharePoint Workspace StandardProfile\AuthorizedApplications: [C:\Programy_\Microsoft Office\Office14\ONENOTE.EXE] => Enabled:Microsoft OneNote StandardProfile\AuthorizedApplications: [C:\Programy_\Microsoft Office\Office14\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe] => Enabled:Adobe CSI CS4 StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent\uTorrent.exe] => Enabled:µTorrent StandardProfile\AuthorizedApplications: [C:\Programy\WTW\wtw.exe] => Enabled:WTW Instant Messenger StandardProfile\AuthorizedApplications: [C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe] => Enabled:NVIDIA Network Service TCP Exception (HTTPS) StandardProfile\AuthorizedApplications: [C:\Programy_\NapiProjekt\napisy.exe] => Enabled:NapiProjekt StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome StandardProfile\AuthorizedApplications: [D:\Might & Magic Heroes VI\Might & Magic Heroes VI.exe] => Enabled:Might & Magic Heroes VI StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox) StandardProfile\GloballyOpenPorts: [5353:TCP] => Enabled:Adobe CSI CS4 ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone 26-01-2015 14:57:56 Punkt kontrolny systemu 26-01-2015 14:58:02 Zainstalowano %1 %2. 26-01-2015 14:58:21 Zainstalowano Windows XP KB2936068. 26-01-2015 14:58:36 Zainstalowano Windows XP KB2964358. ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (01/10/2016 02:15:09 PM) (Source: Userenv) (EventID: 1041) (User: ZARZĄDZANIE NT) Description: System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error: (01/10/2016 02:15:09 PM) (Source: Userenv) (EventID: 1041) (User: ZARZĄDZANIE NT) Description: System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {7B849a69-220F-451E-B3FE-2CB811AF94AE}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error: (01/10/2016 01:05:13 PM) (Source: Userenv) (EventID: 1041) (User: ZARZĄDZANIE NT) Description: System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error: (01/10/2016 01:05:13 PM) (Source: Userenv) (EventID: 1041) (User: ZARZĄDZANIE NT) Description: System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {7B849a69-220F-451E-B3FE-2CB811AF94AE}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error: (01/10/2016 12:44:09 PM) (Source: Userenv) (EventID: 1041) (User: ZARZĄDZANIE NT) Description: System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error: (01/10/2016 12:44:09 PM) (Source: Userenv) (EventID: 1041) (User: ZARZĄDZANIE NT) Description: System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {7B849a69-220F-451E-B3FE-2CB811AF94AE}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error: (01/10/2016 11:15:13 AM) (Source: Userenv) (EventID: 1041) (User: ZARZĄDZANIE NT) Description: System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error: (01/10/2016 11:15:13 AM) (Source: Userenv) (EventID: 1041) (User: ZARZĄDZANIE NT) Description: System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {7B849a69-220F-451E-B3FE-2CB811AF94AE}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error: (01/10/2016 10:58:08 AM) (Source: Userenv) (EventID: 1041) (User: ZARZĄDZANIE NT) Description: System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Error: (01/10/2016 10:58:08 AM) (Source: Userenv) (EventID: 1041) (User: ZARZĄDZANIE NT) Description: System Windows nie może wykonać kwerendy wpisu rejestru DllName dla aplikacji {7B849a69-220F-451E-B3FE-2CB811AF94AE}, która nie zostanie załadowana. Prawdopodobną przyczyną jest błąd rejestracji. Dziennik System: ============= Error: (01/10/2016 02:22:08 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D Error: (01/10/2016 01:18:29 PM) (Source: DCOM) (EventID: 10005) (User: BAIT) Description: Model DCOM odebrał błąd „%%1058” podczas próby uruchomienia usługi BITS z argumentami „” w celu uruchomienia serwera: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (01/10/2016 01:18:29 PM) (Source: DCOM) (EventID: 10005) (User: BAIT) Description: Model DCOM odebrał błąd „%%1058” podczas próby uruchomienia usługi BITS z argumentami „” w celu uruchomienia serwera: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (01/10/2016 01:18:28 PM) (Source: DCOM) (EventID: 10005) (User: BAIT) Description: Model DCOM odebrał błąd „%%1058” podczas próby uruchomienia usługi BITS z argumentami „” w celu uruchomienia serwera: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (01/07/2016 08:22:19 AM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D Error: (01/07/2016 08:22:16 AM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D Error: (01/07/2016 08:22:12 AM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D Error: (01/06/2016 08:53:21 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D Error: (01/06/2016 08:53:17 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D Error: (01/06/2016 08:53:14 PM) (Source: 0) (EventID: 7) (User: ) Description: \Device\Harddisk0\D ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz Procent pamięci w użyciu: 68% Całkowita pamięć fizyczna: 3326.42 MB Dostępna pamięć fizyczna: 1051.49 MB Całkowita pamięć wirtualna: 7256.39 MB Dostępna pamięć wirtualna: 3387.66 MB ==================== Dyski ================================ Drive c: (System) (Fixed) (Total:50 GB) (Free:17.05 GB) NTFS ==>[dysk z komponentami startowymi (Windows XP)] Drive d: (Other) (Fixed) (Total:199.98 GB) (Free:52.86 GB) NTFS Drive e: (Pliki) (Fixed) (Total:215.77 GB) (Free:31.03 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 4C02D0A6) Partition 1: (Not Active) - (Size=200 GB) - (Type=OF Extended) Partition 2: (Active) - (Size=50 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=215.8 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================