Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:13-06-2016 Uruchomiony przez Miłosz (2016-06-13 22:09:51) Uruchomiony z C:\Users\Miłosz\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2015-12-23 18:29:39) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3088862897-2558729093-2797936310-500 - Administrator - Disabled) Gość (S-1-5-21-3088862897-2558729093-2797936310-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3088862897-2558729093-2797936310-1002 - Limited - Enabled) Miłosz (S-1-5-21-3088862897-2558729093-2797936310-1000 - Administrator - Enabled) => C:\Users\Miłosz ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden Adobe Reader XI (11.0.16) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated) DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 6.0.0.0445 - Disc Soft Ltd) Dell Digital Delivery (HKLM-x32\...\{98CB551E-EDB1-4535-82A6-E3258597F64E}) (Version: 2.7.1000.0 - Dell Products, LP) Dell OpenManage Inventory Agent (for Dell Business Client Systems) (HKLM-x32\...\{D22B0B3D-4C7F-4212-95CC-9141A91606F4}) (Version: 1.4.1.352 - Dell) Dell System Detect (HKU\S-1-5-21-3088862897-2558729093-2797936310-1000\...\58d94f3ce2c27db0) (Version: 7.5.0.6 - Dell) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.134 - ALPS ELECTRIC CO., LTD.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.) Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.) Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden HP Support Solutions Framework (HKLM-x32\...\{5D014961-1B0B-4C40-99B0-63C3FB04E669}) (Version: 12.4.18.7 - Hewlett-Packard Company) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT) InstallVC90Support (x32 Version: 1.01.0000 - Novatel Wireless) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4176 - Intel Corporation) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) SafeFinder (HKLM-x32\...\{5EFCBFA2-A8E1-4276-B180-4E7391134263}) (Version: 1.0.0.0 - Linkury) <==== UWAGA Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) VBA (2720) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden WinRAR 5.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ZW3D 2012 (x32 Version: 3.2.12.1018 - ZWCAD Software Co.,Ltd) Hidden ZW3D 2012 Eng (HKLM-x32\...\{F5E849B9-17EB-4c12-9B48-D18227426E43}) (Version: 3.2.12.1018 - ZWCAD Software Co.,Ltd) ZWCAD+ 2015 (x32 Version: 15.0.2016.1117 - ZWSOFT) Hidden ZWCAD+ 2015 English (HKLM-x32\...\{B72D1CAE-F497-4F57-A5BF-D25250074793}) (Version: 15.0.2016.1117 - ZWSOFT) ZWCAD+ 2015 Language Pack - English (x32 Version: 15.0.2016.1117 - ZWSOFT) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {03DA2FB0-BCE3-471C-9430-E59A8229E0A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-23] (Google Inc.) Task: {220E4994-1B1B-46E5-B793-C79A27573F33} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe [2016-05-03] () Task: {37E14062-5E56-4C5D-BD72-F4EEAE055BA4} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2016-05-03] () Task: {71ABE0A4-C140-46E5-861F-9DB8F7B03BDB} - System32\Tasks\{B83A7B4D-B1D1-4AB8-81AE-11CAA0590EF1} => pcalua.exe -a "C:\Program Files (x86)\Hostify\uninstaller.exe" Task: {75536DAD-0AB1-41F3-AC75-3EE32469126D} - System32\Tasks\{DDB87F90-E410-47D8-A809-66F68150752B} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Holdtop\uninstall.exe" -c shuz -f "C:\Program Files (x86)\Common Files\Holdtop\uninstall.dat" -a uninstallme 5EFCBFA2-A8E1-4276-B180-4E7391134263 DeviceId=1d3dadad-c54d-c172-e170-de801dcdccde BarcodeId=51113011 ChannelId=11 DistributerName=APSFTuto4PC Task: {8FC56435-F164-4A0F-9D90-FCEFB608DADF} - System32\Tasks\{305AED41-8A8F-4374-A5BB-64234BFDECAD} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.109/pl/abandoninstall?source=lightinstaller&page=tsBing Task: {950B2E80-65FA-4F10-8F25-3C674BE75347} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard) Task: {9D091001-DDCE-4DF7-B7AD-4731D89BB779} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-23] (Google Inc.) Task: {BE3A97A9-75B5-4032-B433-5E06142E5720} - System32\Tasks\close sysprep => C:\rpktools\closesysprep.bat [2014-07-04] () Task: {E72E6B94-D79D-4ACF-9741-1202C1378C57} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard) Task: {F6F25743-0099-4E3E-80E5-0F8D72B8D029} - System32\Tasks\MiłoszMulberryIodinesV2 => Rundll32.exe NonphysiologicalScapulae.dll,main 7 1 <==== UWAGA Task: {FA1EC4C2-CD35-4D2A-A5DB-99EEE9F88C1D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {FDCAFBCB-B191-406A-9AA2-D726CEE2EE93} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Miłosz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safebrowsing.biz/?ssid=1465821429&a=1054912&src=sh&uuid=7390d8e5-27a0-4b94-a1eb-3089014a6ff8" ShortcutWithArgument: C:\Users\Miłosz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safebrowsing.biz/?ssid=1465821429&a=1054912&src=sh&uuid=7390d8e5-27a0-4b94-a1eb-3089014a6ff8" ShortcutWithArgument: C:\Users\Miłosz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://safebrowsing.biz/?ssid=1465821429&a=1054912&src=sh&uuid=7390d8e5-27a0-4b94-a1eb-3089014a6ff8" ShortcutWithArgument: C:\Users\Miłosz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safebrowsing.biz/?ssid=1465821429&a=1054912&src=sh&uuid=7390d8e5-27a0-4b94-a1eb-3089014a6ff8" ShortcutWithArgument: C:\Users\Miłosz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://safebrowsing.biz/?ssid=1465821429&a=1054912&src=sh&uuid=7390d8e5-27a0-4b94-a1eb-3089014a6ff8" ShortcutWithArgument: C:\Users\Miłosz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safebrowsing.biz/?ssid=1465821429&a=1054912&src=sh&uuid=7390d8e5-27a0-4b94-a1eb-3089014a6ff8" ShortcutWithArgument: C:\Users\Miłosz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (3).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safebrowsing.biz/?ssid=1465821429&a=1054912&src=sh&uuid=7390d8e5-27a0-4b94-a1eb-3089014a6ff8" ShortcutWithArgument: C:\Users\Miłosz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safebrowsing.biz/?ssid=1465821429&a=1054912&src=sh&uuid=7390d8e5-27a0-4b94-a1eb-3089014a6ff8" ==================== Załadowane moduły (filtrowane) ============== 2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2016-06-13 12:49 - 2016-06-13 12:49 - 00170496 _____ () C:\Users\Miłosz\AppData\Roaming\Wolcacfent\Wolcacfent.exe 2016-06-13 12:49 - 2016-06-13 12:49 - 00112128 _____ () C:\Users\Miłosz\AppData\Roaming\Wolcacfent\Loxera.exe 2016-06-12 13:45 - 2016-06-12 13:45 - 00170496 _____ () C:\Users\Miłosz\AppData\Roaming\Fuwijoagky\Fuwijoagky.exe 2016-06-12 13:45 - 2016-06-12 13:45 - 00112128 _____ () C:\Users\Miłosz\AppData\Roaming\Fuwijoagky\Zeqamh.exe 2016-06-13 12:49 - 2016-06-13 12:49 - 00121344 _____ () C:\Users\Miłosz\AppData\Roaming\OuniilGesjau\Eivynf.exe 2016-06-13 12:49 - 2016-06-13 12:49 - 00258560 _____ () C:\Users\Miłosz\AppData\Roaming\Wolcacfent\Loxera.dll 2016-06-12 13:45 - 2016-06-12 13:45 - 00258560 _____ () C:\Users\Miłosz\AppData\Roaming\Fuwijoagky\Zeqamh.dll 2016-04-04 12:36 - 2014-11-18 21:45 - 00002048 _____ () C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll 2016-06-13 12:50 - 2016-06-13 14:48 - 00218112 _____ () C:\Users\Miłosz\AppData\Roaming\OuniilGesjau\Tupuhutm.din 2016-06-13 18:38 - 2016-06-13 18:38 - 00098816 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\win32api.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00110080 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\pywintypes27.dll 2016-06-13 18:38 - 2016-06-13 18:38 - 00364544 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\pythoncom27.dll 2016-06-13 18:38 - 2016-06-13 18:38 - 00320512 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\win32com.shell.shell.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00776704 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\_hashlib.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 01176576 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\wx._core_.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00806400 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\wx._gdi_.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00816128 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\wx._windows_.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 01067008 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\wx._controls_.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00733184 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\wx._misc_.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00682496 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\pysqlite2._sqlite.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00088064 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\_ctypes.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00119808 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\win32file.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00108544 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\win32security.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00007168 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\hashobjs_ext.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00017920 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\thumbnails_ext.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00088064 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\usb_ext.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00012288 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\common.time34.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00018432 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\win32event.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00167936 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\win32gui.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00046080 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\_socket.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 01208320 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\_ssl.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00128512 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\_elementtree.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00127488 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\pyexpat.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00038912 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\win32inet.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00036864 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\_psutil_windows.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00525208 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\windows._lib_cacheinvalidation.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00011264 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\win32crypt.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00077312 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\wx._html2.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00027136 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\_multiprocessing.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00020480 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\_yappi.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00035840 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\win32process.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00686080 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\unicodedata.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00078848 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\wx._animate.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00123392 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\wx._wizard.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00024064 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\win32pipe.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00010240 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\select.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00025600 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\win32pdh.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00017408 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\win32profile.pyd 2016-06-13 18:38 - 2016-06-13 18:38 - 00022528 ____R () C:\Users\MIOSZ~1\AppData\Local\Temp\_MEI16562\win32ts.pyd 2015-12-23 23:00 - 2013-11-13 21:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2016-06-08 22:40 - 2016-06-04 03:56 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll 2016-06-08 22:40 - 2016-06-04 03:56 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll 2016-06-08 22:40 - 2016-06-04 03:56 - 17565848 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-3088862897-2558729093-2797936310-1000\...\dell.com -> dell.com ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2016-06-13 18:34 - 00005005 ____A C:\Windows\system32\Drivers\etc\hosts 107.178.255.88 www.google-analytics.com 107.178.255.88 www.statcounter.com 107.178.255.88 statcounter.com 107.178.255.88 ssl.google-analytics.com 107.178.255.88 partner.googleadservices.com 107.178.255.88 google-analytics.com 107.178.248.130 static.doubleclick.net 107.178.247.130 connect.facebook.net 107.178.255.88 www.google-analytics.com 107.178.255.88 www.statcounter.com 107.178.255.88 statcounter.com 107.178.255.88 ssl.google-analytics.com 107.178.255.88 partner.googleadservices.com 107.178.255.88 google-analytics.com 107.178.248.130 static.doubleclick.net 107.178.247.130 connect.facebook.net 107.178.255.88 www.google-analytics.com 107.178.255.88 www.statcounter.com 107.178.255.88 statcounter.com 107.178.255.88 ssl.google-analytics.com 107.178.255.88 partner.googleadservices.com 107.178.255.88 google-analytics.com 107.178.248.130 static.doubleclick.net 107.178.247.130 connect.facebook.net 107.178.255.88 www.google-analytics.com 107.178.255.88 www.statcounter.com 107.178.255.88 statcounter.com 107.178.255.88 ssl.google-analytics.com 107.178.255.88 partner.googleadservices.com 107.178.255.88 google-analytics.com Wykryto więcej niż wyliczono: 77 linii. ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3088862897-2558729093-2797936310-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Miłosz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.20 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{68B987CE-F326-44B1-A45A-FD963E29678E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{19EDCC15-00FB-47E9-98AF-14C6AA3BD04C}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2015\ZWCAD.EXE FirewallRules: [{35823E30-DAD7-4967-B919-C4E6C1F37541}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2015\ZWCAD.EXE FirewallRules: [{7C54A533-5D3A-4F51-B8C1-A9137FD50ECF}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2015\ZwCrashReportManagement.exe FirewallRules: [{97108CBC-92D1-4F9C-935A-BECD556E74F1}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2015\ZwCrashReportManagement.exe FirewallRules: [{6DF21B8E-0D69-4516-9AB7-AC9A9FF989A6}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2015\ZWErrorDialog.exe FirewallRules: [{034987B9-8013-4DD3-A3C3-E3772D893194}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2015\ZWErrorDialog.exe FirewallRules: [{0677E93F-C62D-45DD-AFD4-96CCADA295B4}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2015\ZwAuthHost.exe FirewallRules: [{8BD9EA35-F788-4968-90EB-EE5980B6A569}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2015\ZwAuthHost.exe FirewallRules: [{630CBCD9-D21B-4F23-9F90-146E3FC5F0F1}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2015\ZwUpdHost.exe FirewallRules: [{3B175195-69A1-4F41-AADD-67366307E3D7}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2015\ZwUpdHost.exe FirewallRules: [{0EBC019D-B585-4CCF-97F0-DB6E78399BD1}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2015\ZwSyble.exe FirewallRules: [{433B09B4-7551-46A3-A40F-635954D50027}] => (Allow) C:\Program Files (x86)\ZWCAD+ 2015\ZwSyble.exe FirewallRules: [TCP Query User{5D637C2D-6531-4AAA-AB88-85CC230D1D6A}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe FirewallRules: [UDP Query User{FBD8F60E-C14A-4EE6-AF87-A3015FD75ED8}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe FirewallRules: [{CB6A94AF-79FF-45B8-B16C-5E98B3D9B1B0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{2DD462C3-81A6-4286-91C8-CE8A80A8322E}] => (Allow) C:\Program Files (x86)\ZWSOFT\ZW3D 2012 Eng\zw3d.exe FirewallRules: [{0B805268-8E1B-4F58-96BA-DC5E6619D89D}] => (Allow) C:\Program Files (x86)\ZWSOFT\ZW3D 2012 Eng\zw3d.exe FirewallRules: [{3F67AEFE-B101-4B82-83A2-ACD291CEE3CB}] => (Allow) C:\Program Files (x86)\ZWSOFT\ZW3D 2012 Eng\ZwAppLm.exe FirewallRules: [{84AF46D9-E5BB-4AD7-B698-D4C348868B7A}] => (Allow) C:\Program Files (x86)\ZWSOFT\ZW3D 2012 Eng\ZwAppLm.exe FirewallRules: [{400408D9-621E-44FE-B82E-1C9172D1F12E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{0481CBEA-FC8F-43C4-96CA-F1FE6100562B}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{6EE6A9C2-CFE0-428A-906C-43EC5598FBCC}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{436CE38A-18DF-4FC8-BD8D-3C15B6F8ADF9}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{9226D58C-A7A2-4C97-8965-44C58CB57469}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{9E145D93-DF67-4BCC-8044-E787EA3CBEA3}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{EB4E7FFE-9EB3-4AB0-8C2A-7887E370EAFF}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{9244D4C6-0328-4412-A699-618A28C6C82E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe ==================== Punkty Przywracania systemu ========================= 01-06-2016 23:18:17 Windows Update 02-06-2016 22:10:25 Windows Update 07-06-2016 16:46:24 Windows Update 10-06-2016 19:12:18 Windows Update 13-06-2016 13:27:36 Installed ZW3D 2012 13-06-2016 13:49:21 Installed ZW3D 2012 13-06-2016 14:29:18 Zainstalowano: ZWCAD 2012 Polski 13-06-2016 14:29:59 Zainstalowano program ZWCAD 2012 Polski 13-06-2016 14:51:34 Operacja przywracania 13-06-2016 15:15:01 Usunięto program ZWCAD 2012 Polski ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (06/13/2016 09:45:01 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1”. Błąd w pliku manifestu lub w pliku zasad „C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2” w wierszu C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (06/13/2016 09:41:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/13/2016 06:37:22 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/13/2016 06:31:41 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/13/2016 06:30:26 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"1". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (06/13/2016 06:20:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/13/2016 05:53:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/13/2016 03:38:21 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/13/2016 03:28:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.1.7601.19135, sygnatura czasowa: 0x56a1bbe2 Nazwa modułu powodującego błąd: kernel32.dll, wersja: 6.1.7601.23418, sygnatura czasowa: 0x5708a89b Kod wyjątku: 0xc00000fd Przesunięcie błędu: 0x00000000000136a6 Identyfikator procesu powodującego błąd: 0x918 Godzina uruchomienia aplikacji powodującej błąd: 0xExplorer.EXE0 Ścieżka aplikacji powodującej błąd: Explorer.EXE1 Ścieżka modułu powodującego błąd: Explorer.EXE2 Identyfikator raportu: Explorer.EXE3 Error: (06/13/2016 03:27:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary UCGuard. System Error: Nie można odnaleźć określonego pliku. . Dziennik System: ============= Error: (06/13/2016 09:40:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error: (06/13/2016 09:40:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error: (06/13/2016 09:40:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error: (06/13/2016 09:40:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error: (06/13/2016 09:40:45 PM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 Error: (06/13/2016 09:40:45 PM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 Error: (06/13/2016 09:40:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error: (06/13/2016 09:40:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error: (06/13/2016 09:40:34 PM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 Error: (06/13/2016 06:38:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Key Tip z powodu następującego błędu: System nie może odnaleźć określonej ścieżki. CodeIntegrity: =================================== Date: 2016-06-13 18:38:40.802 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-13 18:29:53.888 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-13 18:19:00.933 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-13 17:51:47.337 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-13 15:36:34.200 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-13 15:04:14.649 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-13 14:54:15.396 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-13 14:29:26.155 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-13 13:46:51.879 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-13 13:31:37.240 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz Procent pamięci w użyciu: 27% Całkowita pamięć fizyczna: 8095.31 MB Dostępna pamięć fizyczna: 5857.68 MB Całkowita pamięć wirtualna: 16188.8 MB Dostępna pamięć wirtualna: 13689.38 MB ==================== Dyski ================================ Drive c: (Windows) (Fixed) (Total:105.19 GB) (Free:39.47 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: DB53D0D1) Partition 1: (Not Active) - (Size=6.6 GB) - (Type=27) Partition 2: (Active) - (Size=105.2 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================