Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja:09-05-2016 Uruchomiony przez Administrator (2016-05-13 10:32:36) Uruchomiony z E:\FF Download Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) (2015-01-26 13:55:41) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1491950412-2009852829-4049741679-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator ASPNET (S-1-5-21-1491950412-2009852829-4049741679-1001 - Limited - Enabled) Gość (S-1-5-21-1491950412-2009852829-4049741679-501 - Limited - Disabled) Pomocnik (S-1-5-21-1491950412-2009852829-4049741679-1000 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.) Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.1.102.64 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Photoshop CS4 (HKLM\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) AIMP3 (HKLM\...\AIMP3) (Version: v3.60.1479, 06.02.2015 - AIMP DevTeam) Aktualizacja systemu Microsoft Windows (KB971513) (HKLM\...\KB971513) (Version: - Microsoft Corporation) Aktualizacja zabezpieczeń dla Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version: - Microsoft Corporation) Aktualizacja zabezpieczeń dla systemu Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation) Aktualizacja zabezpieczeń dla systemu Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation) Aktualizacja zabezpieczeń dla Windows XP (KB941569) (HKLM\...\KB941569) (Version: - Microsoft Corporation) Aktualizacje NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden android_driver_install.exe (HKLM\...\android_driver_install_is1) (Version: - android) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version: - ) AudioBox version 1.2 (HKLM\...\{554BB593-3543-4AEB-A192-2AC87EC3FF31}_is1) (Version: 1.2 - PreSonus) Bitcoin Core (32-bit) (HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\Bitcoin Core (32-bit)) (Version: 0.11.2 - Bitcoin Core project) CameraHelperMsi (Version: 13.51.815.0 - Logitech) Hidden COMODO Internet Security Premium (HKLM\...\{18F14F4B-D8A9-4309-817E-3BC0B7664E53}) (Version: 8.0.0.4344 - COMODO Security Solutions Inc.) Connect (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper) Debugging Tools for Windows (x86) (HKLM\...\{83DD27C9-CDC2-489A-87FA-8622C1F8F8EC}) (Version: 6.11.1.402 - Microsoft Corporation) Desktop Restore (HKLM\...\{228CEA74-6DD1-40B9-B95F-77273F4316B5}) (Version: 1.6.3 - JOConnell) erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden f.lux (HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\Flux) (Version: - ) Google Chrome (HKU\S-1-5-21-1491950412-2009852829-4049741679-500\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) HashCheck Shell Extension (x86-32) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.0 - Kai Liu) HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - ) ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) kuler (Version: 2.0 - Adobe Systems Incorporated) Hidden Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.) Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK (HKLM\...\{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK (HKLM\...\{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Might & Magic Heroes VI - Shades of Darkness (HKLM\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.1 - Ubisoft) Mozilla Firefox 46.0.1 (x86 pl) (HKLM\...\Mozilla Firefox 46.0.1 (x86 pl)) (Version: 46.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) NapiProjekt (2.2.0.2399) (HKLM\...\NapiProjekt_is1) (Version: - ) NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA nView 141.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.24 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik graficzny 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) Obsługa programów Apple (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) Panel sterowania NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden PDF Settings CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden Photoshop Camera Raw (Version: 5.0 - Adobe Systems Incorporated) Hidden PokerStars.eu (HKLM\...\PokerStars.eu) (Version: - PokerStars.eu) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Poprawka dla systemu Windows XP (KB942288-v3) (HKLM\...\KB942288-v3) (Version: 3 - Microsoft Corporation) PreFlopper (HKLM\...\{021A87FA-0D44-4B5F-8791-FFFD359849BD}) (Version: 2.1.0 - None provided) QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) RamDisk Plus 11.8 (HKLM\...\{D96E4F17-2635-4CBD-9308-F99228929C41}) (Version: 11.8.1298 - SuperSpeed LLC) REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.35.0000 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.7083 - Realtek Semiconductor Corp.) Skype™ 7.21 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.) Suite Shared Configuration CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation) Uplay (HKLM\...\Uplay) (Version: 2.0 - Ubisoft) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden WindowBlinds (HKLM\...\WindowBlinds) (Version: 6.30.095 - Stardock Corporation) WinRAR 5.01 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\47.0.2526.106\delegate_execute.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.165\p (dane wartości zawierają 23 znaków więcej). CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.25.11\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-1491950412-2009852829-4049741679-500_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.25.11\psuser.dll (Google Inc.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe Task: C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1993962763-1801674531-500Core.job => C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1993962763-1801674531-500UA.job => C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria\Narzędzia systemowe\Internet Explorer (bez dodatków).lnk -> C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1457940567&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=eve0311&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 ShortcutWithArgument: C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1457940567&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=eve0311&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 ShortcutWithArgument: C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1457940567&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=eve0311&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 ShortcutWithArgument: C:\Documents and Settings\All Users\Pulpit\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1457940567&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=eve0311&uid=WDCXWD5003AZEX-00MK2A0_WD-WCC3F223525535255 ==================== Załadowane moduły (filtrowane) ============== 2015-01-26 18:48 - 2012-08-31 16:01 - 00151552 _____ () C:\WINDOWS\system32\HP1100LM.DLL 2015-01-26 18:48 - 2012-08-31 16:01 - 00069632 _____ () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\HP1100PP.DLL 2015-01-26 18:48 - 2012-08-31 16:02 - 02306048 _____ () C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\hp1100su.dll 2015-01-26 18:48 - 2012-08-31 16:01 - 00794624 _____ () C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1100GC.dll 2015-01-26 17:33 - 2015-01-26 17:32 - 00008192 _____ () C:\WINDOWS\system32\srvany.exe 2015-01-26 17:33 - 2015-01-26 17:32 - 00151552 _____ () C:\WINDOWS\KMService.exe 2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2015-01-26 17:09 - 2012-01-20 14:55 - 00427520 _____ () C:\Programy\TeraCopy\TeraCopyExt.dll 2015-01-26 20:30 - 2014-07-02 22:43 - 00681760 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll 2008-04-15 22:00 - 2008-04-15 22:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll 2015-01-26 21:10 - 2015-01-26 21:10 - 00444416 _____ () C:\WINDOWS\System32\svhost.exe 2016-04-17 09:52 - 2016-04-17 09:52 - 02124288 _____ () C:\Documents and Settings\Administrator\Pulpit\Ping\2014\Katalog 2-50k 2014\PingMaster.exe 2016-04-17 09:52 - 2010-10-08 00:37 - 00546205 _____ () C:\Documents and Settings\Administrator\Pulpit\Ping\2014\Katalog 2-50k 2014\SQLITE3.DLL 2016-04-17 09:52 - 2010-03-30 23:29 - 00279955 _____ () C:\Documents and Settings\Administrator\Pulpit\Ping\2014\Katalog 2-50k 2014\libidn-11.dll 2016-04-17 09:52 - 2010-06-23 09:17 - 01546364 _____ () C:\Documents and Settings\Administrator\Pulpit\Ping\2014\Katalog 2-50k 2014\libeay32.dll 2016-04-17 09:52 - 2010-06-23 09:17 - 00346759 _____ () C:\Documents and Settings\Administrator\Pulpit\Ping\2014\Katalog 2-50k 2014\libssl32.dll 2013-04-15 18:39 - 2016-03-16 12:20 - 00067256 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2015-06-29 00:43 - 2015-06-07 12:59 - 00218112 _____ () C:\Programy_\AIMP3\System\libsoxr.dll 2015-06-29 00:43 - 2015-06-07 12:59 - 00467968 _____ () C:\Programy_\AIMP3\System\Encoders\libFLAC.dll 2015-06-29 00:43 - 2015-06-07 12:59 - 01733120 _____ () C:\Programy_\AIMP3\System\Encoders\aimp_libvorbis.dll 2015-06-29 00:43 - 2015-06-07 12:59 - 00059976 _____ () C:\Programy_\AIMP3\Plugins\aimp_AnalogMeter\aimp_AnalogMeter.dll 2015-06-29 00:43 - 2015-06-07 12:59 - 00160840 _____ () C:\Programy_\AIMP3\Plugins\aimp_cdda\aimp_cdda.dll 2015-06-29 00:43 - 2015-06-07 12:59 - 00159232 _____ () C:\Programy_\AIMP3\Plugins\aimp_sacd\libsacd.dll 2015-06-29 00:43 - 2015-06-07 12:59 - 00026624 _____ () C:\Programy_\AIMP3\Plugins\Aorta\Aorta.dll 2015-06-29 00:43 - 2015-06-07 12:59 - 00237568 _____ () C:\Programy_\AIMP3\Plugins\OptimFROG\OptimFROG.dll 2015-06-29 00:43 - 2015-06-07 12:59 - 00152648 _____ () C:\Programy_\AIMP3\Plugins\PandemicAnalogMeter\PandemicAnalogMeter.dll 2011-07-18 23:07 - 2011-07-18 23:07 - 00014336 _____ () C:\Programy\notatnik++\plugins\NppExport.dll 2014-01-07 01:42 - 2014-01-07 01:42 - 01611264 _____ () C:\Programy\notatnik++\plugins\NppFTP.dll 2014-03-19 11:20 - 2008-11-11 19:48 - 00074240 _____ () C:\Programy\notatnik++\plugins\NppNetNote.dll 2014-03-19 11:20 - 2007-08-05 03:10 - 00250368 _____ () C:\Programy\notatnik++\plugins\Config\tidy\libTidy.dll 2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf 2015-01-26 18:48 - 2012-08-31 16:02 - 00274432 _____ () C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\hp1100sd.dll 2015-06-29 00:42 - 2010-02-28 03:55 - 01040736 _____ () C:\Programy_\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll 2016-03-08 19:15 - 2016-03-08 19:15 - 01114136 _____ () C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\tmaw22zk.default-1396274136437\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll 2016-04-13 20:06 - 2016-04-13 20:06 - 19403968 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\google98b8be7cbb405262.html:$CmdZnID [26] AlternateDataStreams: C:\Wtornik_297716485.pdf:$CmdTcID [64] AlternateDataStreams: C:\Wtornik_297716485.pdf:$CmdZnID [26] AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DevManagerCore.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\dshowext.ax:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\FlashPlayerApp.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\iyuv_32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\kstvtune.ax:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\kswdmcap.ax:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ksxbar.ax:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\LogiDPP.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\LogiDPPApp.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\LVUI2.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\LVUI2RC.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msh263.drv:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msyuv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nv4_disp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvapi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvcolor.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvcompiler.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\nvcuda.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvcuvid.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispco3234052.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco3234052.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvoglnt.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvopencl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvsvc32.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\OpenCL.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\svhost.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\svhost.exe:$CmdZnID [26] AlternateDataStreams: C:\WINDOWS\system32\tsbyuv.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\vfwwdm32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\vidcap.ax:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wbsys.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\androidusb.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\drmk.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\innosusbnet.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\innosusbser.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\lvrs.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\lvuvc.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\nv4_mini.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\portcls.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\stream.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBAUDIO.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbccgp.sys:$CmdTcID [64] AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\23629544_F_11176276_05_16_F.pdf:$CmdZnID [26] AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\Alexander Elder - Zawód inwestor giełdowy.pdf:$CmdTcID [64] AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\Alexander Elder - Zawód inwestor giełdowy.pdf:$CmdZnID [26] AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\CAŁA STRONA.rar:$CmdTcID [64] AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\CAŁA STRONA.rar:$CmdZnID [26] AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\Mini051216-01.dmp:$CmdTcID [64] AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\O mnie..pdf:$CmdZnID [26] AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\Radioparty.m3u:$CmdTcID [130] AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\Radioparty.m3u:$CmdZnID [26] AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\umowa-wynajem.pdf:$CmdZnID [26] AlternateDataStreams: C:\Documents and Settings\Administrator\Pulpit\www.zip:$CmdZnID [26] AlternateDataStreams: C:\Documents and Settings\Administrator\Moje dokumenty\(16)Miasta-0009.jpg:$CmdTcID [64] AlternateDataStreams: C:\Documents and Settings\Administrator\Moje dokumenty\(16)Miasta-0009.jpg:$CmdZnID [26] AlternateDataStreams: C:\Documents and Settings\Administrator\Moje dokumenty\11295664_1008524365825496_3147538779424415360_n.jpg:$CmdZnID [26] AlternateDataStreams: C:\Documents and Settings\Administrator\Moje dokumenty\comment_h6ohDKTC92PevaH83HsPQDnQzptx4kpk.jpg:$CmdZnID [26] AlternateDataStreams: C:\Documents and Settings\Administrator\Moje dokumenty\mlefuni_4.jpg:$CmdZnID [26] AlternateDataStreams: C:\Documents and Settings\Administrator\Moje dokumenty\mleparr_6.jpg:$CmdZnID [26] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2008-04-15 22:00 - 2016-05-07 10:40 - 00001396 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 www.yamicsoft.com 127.0.0.1 activate.adobe.com 127.0.0.1 www.yoursites123.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1491950412-2009852829-4049741679-500\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp DNS Servers: 156.154.70.25 - 156.154.71.25 Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupfolder: C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^Logitech . Rejestracja produktu.lnk => C:\WINDOWS\pss\Logitech . Rejestracja produktu.lnkStartup MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Start GeekBuddy.lnk => C:\WINDOWS\pss\Start GeekBuddy.lnkCommon Startup MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k MSCONFIG\startupreg: LWS => C:\Programy_\Logitech\LWS\Webcam Software\LWS.exe -hide MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup MSCONFIG\startupreg: NvMediaCenter => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login MSCONFIG\startupreg: nwiz => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Svhost => C:\WINDOWS\system32\svhost.exe MSCONFIG\startupreg: uTorrent => "C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent\uTorrent.exe" /MINIMIZED ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe] => Enabled:WebKit StandardProfile\AuthorizedApplications: [C:\Programy_\Microsoft Office\Office14\GROOVE.EXE] => Enabled:Microsoft SharePoint Workspace StandardProfile\AuthorizedApplications: [C:\Programy_\Microsoft Office\Office14\ONENOTE.EXE] => Enabled:Microsoft OneNote StandardProfile\AuthorizedApplications: [C:\Programy_\Microsoft Office\Office14\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe] => Enabled:Adobe CSI CS4 StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Administrator\Dane aplikacji\uTorrent\uTorrent.exe] => Enabled:µTorrent StandardProfile\AuthorizedApplications: [C:\Programy\WTW\wtw.exe] => Enabled:WTW Instant Messenger StandardProfile\AuthorizedApplications: [C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe] => Enabled:NVIDIA Network Service TCP Exception (HTTPS) StandardProfile\AuthorizedApplications: [C:\Programy_\NapiProjekt\napisy.exe] => Enabled:NapiProjekt StandardProfile\AuthorizedApplications: [D:\Might & Magic Heroes VI\Might & Magic Heroes VI.exe] => Enabled:Might & Magic Heroes VI StandardProfile\AuthorizedApplications: [C:\Programy_\Steam\Steam.exe] => Enabled:Steam StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox) StandardProfile\GloballyOpenPorts: [5353:TCP] => Enabled:Adobe CSI CS4 ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone 26-01-2015 15:57:56 Punkt kontrolny systemu 26-01-2015 15:58:02 Zainstalowano %1 %2. 26-01-2015 15:58:21 Zainstalowano Windows XP KB2936068. 26-01-2015 15:58:36 Zainstalowano Windows XP KB2964358. ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (03/28/2016 10:41:07 PM) (Source: WmiAdapter) (EventID: 4099) (User: BAIT) Description: Otwarcie usługi nie powiodło się. Error: (03/28/2016 10:41:06 PM) (Source: WmiAdapter) (EventID: 4099) (User: BAIT) Description: Otwarcie usługi nie powiodło się. Error: (03/28/2016 10:41:06 PM) (Source: WmiAdapter) (EventID: 4099) (User: BAIT) Description: Otwarcie usługi nie powiodło się. Error: (03/28/2016 10:41:05 PM) (Source: WmiAdapter) (EventID: 4099) (User: BAIT) Description: Otwarcie usługi nie powiodło się. Error: (03/28/2016 10:41:04 PM) (Source: WmiAdapter) (EventID: 4099) (User: BAIT) Description: Otwarcie usługi nie powiodło się. Error: (03/28/2016 10:41:03 PM) (Source: WmiAdapter) (EventID: 4099) (User: BAIT) Description: Otwarcie usługi nie powiodło się. Error: (03/28/2016 10:41:03 PM) (Source: WmiAdapter) (EventID: 4099) (User: BAIT) Description: Otwarcie usługi nie powiodło się. Error: (03/28/2016 10:41:02 PM) (Source: WmiAdapter) (EventID: 4099) (User: BAIT) Description: Otwarcie usługi nie powiodło się. Error: (03/28/2016 10:41:01 PM) (Source: WmiAdapter) (EventID: 4099) (User: BAIT) Description: Otwarcie usługi nie powiodło się. Error: (03/28/2016 10:41:01 PM) (Source: WmiAdapter) (EventID: 4099) (User: BAIT) Description: Otwarcie usługi nie powiodło się. Dziennik System: ============= Error: (05/12/2016 08:49:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi CLCV0 z powodu następującego błędu: %%193 Error: (05/12/2016 08:49:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi CLCV0 z powodu następującego błędu: %%193 Error: (05/12/2016 08:48:04 PM) (Source: 0) (EventID: 9) (User: ) Description: \Device\Ide\IdePort1 Error: (05/12/2016 07:18:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi CLCV0 z powodu następującego błędu: %%193 Error: (05/12/2016 09:45:29 AM) (Source: DCOM) (EventID: 10005) (User: BAIT) Description: Model DCOM odebrał błąd „%%1058” podczas próby uruchomienia usługi BITS z argumentami „” w celu uruchomienia serwera: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (05/12/2016 09:45:29 AM) (Source: DCOM) (EventID: 10005) (User: BAIT) Description: Model DCOM odebrał błąd „%%1058” podczas próby uruchomienia usługi BITS z argumentami „” w celu uruchomienia serwera: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (05/12/2016 09:45:28 AM) (Source: DCOM) (EventID: 10005) (User: BAIT) Description: Model DCOM odebrał błąd „%%1058” podczas próby uruchomienia usługi BITS z argumentami „” w celu uruchomienia serwera: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (05/11/2016 07:13:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi CLCV0 z powodu następującego błędu: %%193 Error: (05/10/2016 06:47:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi CLCV0 z powodu następującego błędu: %%193 Error: (05/08/2016 04:57:19 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Limit czasu (30000 milisekund) podczas oczekiwania na odpowiedź transakcji z usługi WZCSVC. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz Procent pamięci w użyciu: 64% Całkowita pamięć fizyczna: 3326.42 MB Dostępna pamięć fizyczna: 1188.14 MB Całkowita pamięć wirtualna: 7256.39 MB Dostępna pamięć wirtualna: 4915.71 MB ==================== Dyski ================================ Drive c: (System) (Fixed) (Total:50 GB) (Free:19.02 GB) NTFS ==>[dysk z komponentami startowymi (Windows XP)] Drive d: (Other) (Fixed) (Total:199.98 GB) (Free:37.98 GB) NTFS Drive e: (Pliki) (Fixed) (Total:215.77 GB) (Free:22.77 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 4C02D0A6) Partition 1: (Not Active) - (Size=200 GB) - (Type=OF Extended) Partition 2: (Active) - (Size=50 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=215.8 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================