Niedziałające przyciski w trayu. błędy systemowe.

**Posty:** 118 · przez **4_life** 07 Maj 2016, 14:21

Witam serdecznie,

od około tygodnia zmagam się z problemem niemożności odpalenia ikonki głośności oraz rozwinięcia belki powiadomień. Podczas próby uruchomienia wyskakuje błąd jak na screenie. Proszę o pomoc w rozwiązaniu problemu.

Log z Gmera

Kod: Zaznacz wszystko: GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2016-05-07 14:18:36 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000028 ST1000LM024_HN-M101MBB rev.2BA30001 931,51GB Running: eosf92tb.exe; Driver: C:\Users\Marek\AppData\Local\Temp\agkdyuoc.sys ---- User code sections - GMER 2.2 ---- ? C:\Windows\system32\apphelp.dll [3736] entry point in ".rdata" section 000000006a3f0380 ? C:\Windows\system32\apphelp.dll [160] entry point in ".rdata" section 000000006a3f0380 ? C:\Windows\system32\apphelp.dll [1332] entry point in ".rdata" section 000000006a3f0380 ? C:\Windows\SYSTEM32\iertutil.dll [1332] entry point in ".rdata" section 000000007008ca20 ? C:\Windows\SYSTEM32\ActXPrxy.dll [1332] entry point in ".rdata" section 000000005f7bbc40 ? C:\Windows\system32\apphelp.dll [5688] entry point in ".rdata" section 000000006a3f0380 ? C:\Windows\system32\apphelp.dll [1460] entry point in ".rdata" section 000000006a3f0380 ? C:\Windows\SYSTEM32\iertutil.dll [1460] entry point in ".rdata" section 000000007008ca20 ? C:\Windows\SYSTEM32\NTASN1.dll [1460] entry point in ".rdata" section 000000007230bb10 ? C:\Windows\system32\apphelp.dll [5656] entry point in ".rdata" section 000000006a3f0380 ? C:\Windows\SYSTEM32\iertutil.dll [5656] entry point in ".rdata" section 000000007008ca20 ? C:\Windows\system32\apphelp.dll [2456] entry point in ".rdata" section 000000006a3f0380 ? C:\Windows\SYSTEM32\iertutil.dll [2456] entry point in ".rdata" section 000000007008ca20 ? C:\Windows\system32\apphelp.dll [6064] entry point in ".rdata" section 000000006a3f0380 ? C:\Windows\SYSTEM32\iertutil.dll [6064] entry point in ".rdata" section 000000007008ca20 ? C:\Windows\system32\apphelp.dll [4440] entry point in ".rdata" section 000000006a3f0380 ? C:\Windows\SYSTEM32\iertutil.dll [4440] entry point in ".rdata" section 000000007008ca20 ? C:\Windows\system32\apphelp.dll [2920] entry point in ".rdata" section 000000006a3f0380 ? C:\Windows\SYSTEM32\iertutil.dll [2920] entry point in ".rdata" section 000000007008ca20 ? C:\Windows\system32\apphelp.dll [5016] entry point in ".rdata" section 000000006a3f0380 ---- User IAT/EAT - GMER 2.2 ---- IAT C:\Windows\explorer.exe[3140] @ C:\Windows\explorer.exe[KERNEL32.dll!MulDiv] [52b0b150] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\explorer.exe[3140] @ C:\Windows\explorer.exe[USER32.dll!TrackPopupMenuEx] [52b098b0] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\explorer.exe[3140] @ C:\Windows\explorer.exe[USER32.dll!SetWindowCompositionAttribute] [52b0b1c0] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\explorer.exe[3140] @ C:\Windows\explorer.exe[USER32.dll!PeekMessageW] [52b0a620] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\explorer.exe[3140] @ C:\Windows\system32\SHELL32.dll[GDI32.dll!ExtTextOutW] [7ff92c071330] C:\Windows\System32\painter_x64.dll IAT C:\Windows\explorer.exe[3140] @ C:\Windows\system32\explorerframe.dll[USER32.dll!TrackPopupMenu] [52b09960] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\explorer.exe[3140] @ C:\Windows\SYSTEM32\twinui.dll[USER32.dll!SetCursorPos] [52b09b90] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\explorer.exe[3140] @ C:\Windows\SYSTEM32\twinui.dll[USER32.dll!TrackPopupMenu] [52b09960] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll IAT C:\Windows\explorer.exe[3140] @ C:\Windows\system32\SearchFolder.dll[SHELL32.dll!SHParseDisplayName] [52afa1e0] C:\Program Files (x86)\StartIsBack\StartIsBack64.dll ---- Threads - GMER 2.2 ---- Thread C:\Windows\system32\csrss.exe [596:1804] fffff961f6324060 Thread C:\Windows\system32\svchost.exe [840:960] 00007ff92c7da700 Thread C:\Windows\system32\svchost.exe [840:964] 00007ff92c7d9020 Thread C:\Windows\system32\svchost.exe [840:1012] 00007ff92c418d90 Thread C:\Windows\System32\svchost.exe [1164:1532] 00007ff92844cc70 Thread C:\Windows\System32\svchost.exe [1164:1540] 00007ff92844d540 Thread C:\Windows\System32\svchost.exe [1164:1544] 00007ff92844db50 Thread C:\Windows\System32\svchost.exe [1164:1548] 00007ff92844bed0 Thread C:\Windows\System32\svchost.exe [1164:1684] 00007ff9221ca840 Thread C:\Windows\System32\svchost.exe [1164:2540] 00007ff92008b430 Thread C:\Windows\System32\svchost.exe [1164:4008] 00007ff91b1e6f80 Thread C:\Windows\System32\svchost.exe [1164:2500] 00007ff91b1e6f80 Thread C:\Windows\System32\svchost.exe [1164:2296] 00007ff91b1e6f80 Thread C:\Windows\System32\svchost.exe [1164:3532] 00007ff91b1e6f80 Thread C:\Windows\System32\svchost.exe [1164:2752] 00007ff91b03c900 Thread C:\Windows\System32\svchost.exe [1164:2476] 00007ff91f331480 Thread C:\Windows\System32\svchost.exe [1164:2320] 00007ff91d1a2fd0 Thread C:\Windows\System32\svchost.exe [1164:1572] 00007ff91d191a20 Thread C:\Windows\System32\svchost.exe [1164:2748] 00007ff92844dd00 Thread C:\Windows\System32\svchost.exe [1164:5996] 00007ff928446a30 Thread C:\Windows\System32\spoolsv.exe [1624:3400] 00007ff91fe06320 Thread C:\Windows\System32\spoolsv.exe [1624:3404] 00007ff91fde29a0 Thread C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2520:2872] 00007ff918387944 Thread C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2520:2868] 00007ff91824beb4 Thread C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2520:968] 00007ff91824beb4 Thread C:\Windows\explorer.exe [3140:3992] 00007ff91c087fe0 Thread C:\Windows\explorer.exe [3140:4352] 00007ff92c2830f0 Thread C:\Windows\explorer.exe [3140:3916] 00007ff927f639e0 Thread C:\Windows\explorer.exe [3140:2904] 00007ff917fa9230 Thread C:\Windows\explorer.exe [3140:4496] 00007ff927f70250 Thread C:\Windows\explorer.exe [3140:32] 00007ff927f70250 Thread C:\Windows\explorer.exe [3140:852] 00007ff927f70250 Thread C:\Windows\explorer.exe [3140:4752] 00007ff927f70250 Thread C:\Windows\explorer.exe [3140:3664] 00007ff927f70250 Thread C:\Windows\explorer.exe [3140:4088] 00007ff927f70250 Thread C:\Windows\explorer.exe [3140:6044] 00007ff927f70250 ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\RNG@RNGAuxiliarySeed -1707871749 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalResumeTime 175648868 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnFromHandlerTimestamp 175648578 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@SleeperThreadEndTimestamp 175648578 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnSystemPowerState 175648830 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@DeviceResumeTime 142 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeCompleteTimestamp 0xB7 0x3E 0x7D 0x14 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\184f323c380c Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\184f323c380c@58a2b562d509 0xBE 0xD6 0x17 0xA8 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 2438 Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 860 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c60c6fe1-069b-48c8-8016-1e29acd34c49}@LeaseObtainedTime 1462617435 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c60c6fe1-069b-48c8-8016-1e29acd34c49}@T1 1462621035 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c60c6fe1-069b-48c8-8016-1e29acd34c49}@T2 1462623735 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c60c6fe1-069b-48c8-8016-1e29acd34c49}@LeaseTerminatesTime 1462624635 Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeEstimated 0xA3 0x5B 0xEE 0x4B ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeHigh 0xA3 0xC3 0xB2 0xAD ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeLow 0xA3 0xF3 0x29 0xEA ... Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\SecureTimeLimits@SecureTimeTickCount 0xF8 0xC9 0x56 0x18 ... ---- EOF - GMER 2.2 ----

Logi z FRST

Kod: Zaznacz wszystko: Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:07-05-2016 Uruchomiony przez Marek (administrator) DESKTOP-9L55HGR (07-05-2016 14:19:55) Uruchomiony z C:\Users\Marek\Downloads Załadowane profile: Marek (Dostępne profile: Marek) Platform: Windows 10 Home Wersja 1511 (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe () C:\aldiczek\ALDITALKVerbindungsassistent_Service.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe () C:\aldiczek\ALDITALKVerbindungsassistent_Launcher.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (Opera Software) C:\Program Files (x86)\Opera\37.0.2178.32\opera.exe (Opera Software) C:\Program Files (x86)\Opera\37.0.2178.32\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\37.0.2178.32\opera.exe (Opera Software) C:\Program Files (x86)\Opera\37.0.2178.32\opera.exe (Opera Software) C:\Program Files (x86)\Opera\37.0.2178.32\opera.exe (Opera Software) C:\Program Files (x86)\Opera\37.0.2178.32\opera.exe (Opera Software) C:\Program Files (x86)\Opera\37.0.2178.32\opera.exe (Opera Software) C:\Program Files (x86)\Opera\37.0.2178.32\opera.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-17] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG) HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1 HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKLM\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup HKU\S-1-5-21-3111808314-435151896-2043813346-1002\...\Run: [uTorrent] => C:\Users\Marek\AppData\Roaming\uTorrent\uTorrent.exe [1959424 2016-04-10] (BitTorrent Inc.) HKU\S-1-5-21-3111808314-435151896-2043813346-1002\...\RunOnce: [Edge_DisableAdobeFlashPlayer] => C:\Windows\System32\cmd.exe /c REG ADD "HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Microsoft (dane wartości zawierają 66 znaków więcej). HKU\S-1-5-21-3111808314-435151896-2043813346-1002\...\RunOnce: [Edge_DisablePagePrediction] => C:\Windows\System32\cmd.exe /c REG ADD "HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Microsoft (dane wartości zawierają 60 znaków więcej). HKU\S-1-5-21-3111808314-435151896-2043813346-1002\...\RunOnce: [Edge_DisableSaveProtectedMediaLicensesonmyDevice] => C:\Windows\System32\cmd.exe /c REG ADD "HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Microsoft (dane wartości zawierają 79 znaków więcej). HKU\S-1-5-21-3111808314-435151896-2043813346-1002\...\RunOnce: [Edge_DisableShowSearchSuggestionasItype] => C:\Windows\System32\cmd.exe /c REG ADD "HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Microsoft (dane wartości zawierają 94 znaków więcej). Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Launcher.lnk [2016-03-17] ShortcutTarget: Launcher.lnk -> C:\aldiczek\ALDITALKVerbindungsassistent_Launcher.exe () Startup: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Torpedo.lnk [2016-04-19] ShortcutTarget: Torpedo.lnk -> C:\Users\Marek\AppData\Local\Torpedo\Torpedo.exe (Brak pliku) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 86.63.64.48 86.63.64.49 Tcpip\..\Interfaces\{06c662de-594a-4078-bbdd-f1cb42ecb8ae}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{c60c6fe1-069b-48c8-8016-1e29acd34c49}: [DhcpNameServer] 86.63.64.48 86.63.64.49 Internet Explorer: ================== SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3111808314-435151896-2043813346-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FireFox: ======== FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-05-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-05-02] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN) Chrome: ======= CHR Profile: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-02] CHR Extension: (Dokumenty Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-02] CHR Extension: (Dysk Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-02] CHR Extension: (YouTube) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-02] CHR Extension: (Arkusze Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-02] CHR Extension: (Dokumenty Google offline) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-03] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-02] CHR Extension: (Gmail) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-02] Opera: ======= OPR Extension: (Adblock Plus) - C:\Users\Marek\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-03-17] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 ALDITALKVerbindungsassistent_Service; C:\aldiczek\ALDITALKVerbindungsassistent_Service.exe [355088 2015-03-06] () S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-17] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-17] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-17] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-17] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation) S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-12-04] (@ByELDI) [Brak podpisu cyfrowego] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) S4 Fax; %systemroot%\system32\fxssvc.exe [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-17] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137952 2016-03-17] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-02-15] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [68936 2016-03-17] (Avira Operations GmbH & Co. KG) R3 glavcam; C:\Windows\system32\DRIVERS\glavcam.sys [3476736 2015-11-19] (Windows (R) Codename Longhorn DDK provider) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [194320 2015-10-14] (Intel Corporation) S3 mtkmbim; C:\Windows\System32\drivers\mtkmbim7_x64.sys [209920 2016-03-01] (MBB) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek ) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [607512 2015-07-09] (Realtek Semiconductor Corporation) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [412400 2015-09-17] (Realsil Semiconductor Corporation) R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation ) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 wdf_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [82944 2016-03-01] (MBB) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [14800 2016-01-28] (wisecleaner.com) S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [238592 2015-10-30] (Microsoft Corporation) [Brak podpisu cyfrowego] S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [26112 2015-10-30] (Microsoft Corporation) [Brak podpisu cyfrowego] U3 agkdyuoc; C:\Users\Marek\AppData\Local\Temp\agkdyuoc.sys [56584 2016-05-07] (GMER) [Brak podpisu cyfrowego] U4 CscService; Brak ImagePath U4 dcpsvc; Brak ImagePath U4 DiagTrack; Brak ImagePath U4 lfsvc; Brak ImagePath U4 napagent; Brak ImagePath U4 PeerDistSvc; Brak ImagePath S1 sgsonyvd; \??\C:\Windows\system32\drivers\sgsonyvd.sys [X] U4 WbioSrvc; Brak ImagePath U4 WerSvc; Brak ImagePath U4 WPCSvc; Brak ImagePath U4 XboxNetApiSvc; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-05-07 14:19 - 2016-05-07 14:20 - 00013334 _____ C:\Users\Marek\Downloads\FRST.txt 2016-05-07 14:19 - 2016-05-07 14:19 - 02379264 _____ (Farbar) C:\Users\Marek\Downloads\FRST64.exe 2016-05-07 14:19 - 2016-05-07 14:19 - 00000000 ____D C:\Users\Marek\Downloads\FRST-OlderVersion 2016-05-04 22:08 - 2016-05-04 22:08 - 00004012 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1455484881 2016-05-04 22:08 - 2016-05-04 22:08 - 00001136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2016-05-02 20:53 - 2016-05-02 21:16 - 501065728 _____ C:\Users\Marek\Downloads\Game.of.Thrones.S06E02.PL.HDTV.XviD-KiT.avi 2016-05-02 20:34 - 2016-05-07 14:19 - 00000000 ____D C:\FRST 2016-05-02 20:29 - 2016-05-02 20:53 - 471736320 _____ C:\Users\Marek\Downloads\Game.of.Thrones.S06E01.PL.HDTV.XviD-KiT.avi 2016-05-02 20:19 - 2016-05-02 20:19 - 00002368 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-05-02 20:19 - 2016-05-02 20:19 - 00002356 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-05-02 20:17 - 2016-05-07 13:22 - 00001078 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-02 20:17 - 2016-05-06 20:22 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-02 20:17 - 2016-05-02 20:19 - 00000000 ____D C:\Program Files (x86)\Google 2016-05-02 20:17 - 2016-05-02 20:17 - 00004136 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-05-02 20:17 - 2016-05-02 20:17 - 00003904 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-05-02 20:16 - 2016-05-02 21:04 - 00000000 ____D C:\Users\Marek\AppData\Local\Google 2016-05-02 15:22 - 2016-05-02 15:23 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-05-02 15:22 - 2016-05-02 15:22 - 00001203 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-05-02 15:22 - 2016-05-02 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-05-02 15:22 - 2016-05-02 15:22 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-05-02 15:22 - 2016-05-02 15:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-05-02 15:22 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-05-02 15:22 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-05-02 15:22 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-04-13 19:35 - 2016-04-13 19:35 - 00000000 ____D C:\Users\Marek\Downloads\Torpedo 2016-04-12 20:11 - 2016-04-06 20:32 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-04-12 20:11 - 2016-04-06 20:32 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2016-05-07 13:54 - 2016-02-14 18:33 - 00000000 ____D C:\Users\Marek\AppData\Roaming\uTorrent 2016-05-07 08:56 - 2016-02-14 23:18 - 00004224 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6C5B5075-D5C3-43D2-B968-BCB94A0B12FA} 2016-05-04 22:08 - 2016-02-14 23:19 - 00000000 ____D C:\Program Files (x86)\Opera 2016-05-03 19:54 - 2016-04-02 16:22 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Kodi 2016-05-02 21:21 - 2016-01-28 17:27 - 01845594 _____ C:\Windows\system32\PerfStringBackup.INI 2016-05-02 21:21 - 2015-10-30 21:19 - 00818302 _____ C:\Windows\system32\perfh015.dat 2016-05-02 21:21 - 2015-10-30 21:19 - 00157970 _____ C:\Windows\system32\perfc015.dat 2016-05-02 21:21 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF 2016-05-02 20:10 - 2016-02-15 00:50 - 00000000 __SHD C:\Users\Marek\IntelGraphicsProfiles 2016-05-02 20:09 - 2016-02-14 23:15 - 00000000 ____D C:\Users\Marek 2016-05-02 20:08 - 2016-01-28 17:18 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-05-02 15:33 - 2015-10-30 08:28 - 00131072 ___SH C:\Windows\system32\config\BBI 2016-04-29 16:34 - 2016-03-17 19:17 - 00000000 ____D C:\Users\Marek\AppData\Roaming\aldiczek 2016-04-28 22:27 - 2016-04-01 22:05 - 00000000 ____D C:\Users\Marek\AppData\Roaming\vlc 2016-04-25 19:58 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\rescache 2016-04-24 10:43 - 2016-02-15 12:47 - 00000000 ____D C:\ProgramData\Package Cache 2016-04-24 10:40 - 2016-02-14 23:10 - 00171160 _____ C:\Windows\system32\FNTCACHE.DAT 2016-04-24 10:38 - 2016-03-17 18:54 - 00000000 ____D C:\Windows\system32\WinBioPlugIns 2016-04-24 10:38 - 2016-02-14 22:15 - 00000000 ___RD C:\Windows\PurchaseDialog 2016-04-24 10:38 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\SystemResetPlatform 2016-04-24 10:38 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\appraiser 2016-04-24 10:38 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\PolicyDefinitions 2016-04-24 10:38 - 2015-10-30 08:28 - 00000000 ____D C:\Windows\SysWOW64\Dism 2016-04-24 10:38 - 2015-10-30 08:28 - 00000000 ____D C:\Windows\system32\Dism 2016-04-24 10:37 - 2016-02-15 13:00 - 00000000 ____D C:\Program Files\Windows Journal 2016-04-24 10:37 - 2015-10-30 09:24 - 00000000 __RSD C:\Windows\Media 2016-04-24 10:37 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\bcastdvr 2016-04-24 10:37 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-04-24 10:37 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-04-23 20:30 - 2016-02-15 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-04-19 21:21 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp 2016-04-12 20:16 - 2016-02-14 20:47 - 00000000 ____D C:\Windows\system32\MRT 2016-04-12 20:11 - 2016-01-28 17:27 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Niektóre pliki w TEMP: ==================== C:\Users\Marek\AppData\Local\Temp\avgnt.exe C:\Users\Marek\AppData\Local\Temp\mfc80.dll C:\Users\Marek\AppData\Local\Temp\mfc80u.dll C:\Users\Marek\AppData\Local\Temp\mfcm80.dll C:\Users\Marek\AppData\Local\Temp\mfcm80u.dll C:\Users\Marek\AppData\Local\Temp\msvcm80.dll C:\Users\Marek\AppData\Local\Temp\msvcp80.dll C:\Users\Marek\AppData\Local\Temp\msvcr80.dll C:\Users\Marek\AppData\Local\Temp\OSU.exe C:\Users\Marek\AppData\Local\Temp\Uninstaller.exe C:\Users\Marek\AppData\Local\Temp\WtgDriverInstallX.dll C:\Users\Marek\AppData\Local\Temp\WTGXMLUtil.dll ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo testsigning: ==> Ustawiony "Tryb testu". Sprawdź obecność niepodpisanego sterownika <===== UWAGA LastRegBack: 2016-04-28 21:15 ==================== Koniec FRST.txt ============================

Kod: Zaznacz wszystko: Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:07-05-2016 Uruchomiony przez Marek (2016-05-07 14:20:27) Uruchomiony z C:\Users\Marek\Downloads Windows 10 Home Wersja 1511 (X64) (2016-02-14 21:15:15) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3111808314-435151896-2043813346-500 - Administrator - Disabled) Gość (S-1-5-21-3111808314-435151896-2043813346-501 - Limited - Disabled) Konto domyślne (S-1-5-21-3111808314-435151896-2043813346-503 - Limited - Disabled) Marek (S-1-5-21-3111808314-435151896-2043813346-1002 - Administrator - Enabled) => C:\Users\Marek ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-3111808314-435151896-2043813346-1002\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.) 7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov) Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated) ALDI TALK Verbindungsassistent (HKLM-x32\...\ALDITALKVerbindungsassistent) (Version: ALDI TALK 4.3 - ALDI TALK Verbindungsassistent) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.29.51 - Conexant) ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu) HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation) Kodi (HKU\S-1-5-21-3111808314-435151896-2043813346-1002\...\Kodi) (Version: - XBMC-Foundation) Lenovo EasyCamera (HKLM-x32\...\{E8266049-8C7B-4A09-9E11-8BD100E0076A}) (Version: 8.0.1.2378 - GenesysLogic) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23026 (HKLM\...\{BC958BD2-5DAC-3862-BB1A-C1BE0790438D}) (Version: 14.0.23026 - Microsoft Corporation) Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23026 (HKLM\...\{0D3E9E15-DE7A-300B-96F1-B4AF12B96488}) (Version: 14.0.23026 - Microsoft Corporation) Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026 (HKLM-x32\...\{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}) (Version: 14.0.23026 - Microsoft Corporation) Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026 (HKLM-x32\...\{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}) (Version: 14.0.23026 - Microsoft Corporation) Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\{B0A5A6EE-F8BA-48B1-BB32-BAC17E96C2B4}) (Version: 2.0.50728 - Microsoft Corporation) Old Calculator for Windows 10 (HKLM-x32\...\OldCalcForWin10) (Version: 1.0 - hxxp://winaero.com) Opera Stable 37.0.2178.32 (HKLM-x32\...\Opera 37.0.2178.32) (Version: 37.0.2178.32 - Opera Software) Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden StartIsBack++ (HKLM-x32\...\StartIsBack) (Version: 1.2 - startisback.com) TakeOwnershipEx (HKLM-x32\...\TakeOwnershipEx) (Version: 1.2.0.1 - hxxp://winaero.com) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {13F6E88F-98E4-40F5-A7CF-29F4EB472117} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-02] (Google Inc.) Task: {36D1365D-4ADF-47BF-B1E0-57BA57D18A03} - System32\Tasks\Opera scheduled Autoupdate 1455484881 => C:\Program Files (x86)\Opera\launcher.exe [2016-04-28] (Opera Software) Task: {66FE0026-8E27-493D-BED2-EF4ACF50814C} - \Microsoft\Windows\Maintenance\WinSAT -> Brak pliku <==== UWAGA Task: {ED23C6CF-E15A-4B3B-840D-DC1942800D40} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico12\AutoPico.exe [2014-12-04] (@ByELDI) Task: {F9C719B5-83D6-4CE7-AE88-79F4E8E1A9A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-02] (Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll 2016-03-17 19:16 - 2015-03-06 10:11 - 00355088 ____N () C:\aldiczek\ALDITALKVerbindungsassistent_Service.exe 2016-01-28 02:00 - 2016-01-28 02:00 - 02653816 _____ () C:\Windows\system32\CoreUIComponents.dll 2016-01-28 02:00 - 2016-01-28 02:00 - 02653816 _____ () C:\Windows\System32\CoreUIComponents.dll 2016-03-17 19:16 - 2015-03-06 10:11 - 00510736 ____N () C:\aldiczek\ALDITALKVerbindungsassistent_Launcher.exe 2016-01-21 02:00 - 2016-01-21 02:00 - 00144832 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll 2016-01-21 02:02 - 2016-01-21 02:02 - 02632640 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00554944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll 2016-01-21 02:02 - 2016-01-21 02:02 - 00041920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll 2016-01-21 02:02 - 2016-01-21 02:02 - 00039872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00086464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00078272 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 02198464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00114112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00245184 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00089536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libvdr_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00055744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00072128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00598464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00771520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00131520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00052672 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\librar_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00145856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 01566656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00334784 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 01265600 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00069568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00048576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll 2016-01-21 02:02 - 2016-01-21 02:02 - 11997632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00242624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00108992 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00046528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00127936 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libhttp_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00088512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_mms_plugin.dll 2016-01-21 02:02 - 2016-01-21 02:02 - 00261056 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll 2016-01-21 02:02 - 2016-01-21 02:02 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll 2016-01-21 02:02 - 2016-01-21 02:02 - 00298944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 01291200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00754624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00344512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00052160 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00456128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00035776 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00157632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 02668480 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00356288 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00031680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00370112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00121792 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 14929344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00789952 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00038848 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00746432 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00125376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00140224 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00064448 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00176576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00067520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 01504704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00030656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00022976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00029120 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00029632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00037312 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll 2016-01-21 02:00 - 2016-01-21 02:00 - 00024000 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00034240 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll 2016-01-21 02:01 - 2016-01-21 02:01 - 00022976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll 2016-05-04 22:07 - 2016-05-04 22:07 - 65890856 _____ () C:\Program Files (x86)\Opera\37.0.2178.32\opera.dll 2016-05-04 22:07 - 2016-05-04 22:07 - 02212392 _____ () C:\Program Files (x86)\Opera\37.0.2178.32\libglesv2.dll 2016-05-04 22:07 - 2016-05-04 22:07 - 00082472 _____ () C:\Program Files (x86)\Opera\37.0.2178.32\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3111808314-435151896-2043813346-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 86.63.64.48 - 86.63.64.49 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3111808314-435151896-2043813346-1002\...\StartupApproved\Run: => "uTorrent" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{94024B38-E748-4C1B-A6CE-EDEE106692D7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{77040681-F46E-4351-91CA-2A853B369A81}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{EFF8C8CE-DE2E-4602-BCC7-2B137630B489}] => (Allow) C:\Users\Marek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{59F21CBE-CD1C-4B65-A824-BAAFF7BB35FF}] => (Allow) C:\Users\Marek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9A2F475F-98E3-400D-B115-5B668C9526EB}] => (Allow) C:\Users\Marek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{72956737-BFC4-4D28-A0B7-B34567DBBF53}] => (Allow) C:\Users\Marek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{61F6AE0D-1030-4591-93EE-C1178076D293}] => (Allow) C:\Users\Marek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{40D63A96-9302-4C9B-A0BF-C1F49046F1EA}] => (Allow) C:\Users\Marek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{835D1FD7-49C3-4AF0-AB0C-696661D299B7}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [UDP Query User{20A9A860-74F0-493B-948F-96070949C1A1}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [{B8816F69-61B6-428A-9BFA-3E67AB2A2F1E}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{FE1C5AEB-0347-4E73-BBB5-34AD8B78A52F}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{6B578A56-1CE8-490A-A75D-B2D9F80373D7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= Sprawdź usługę "winmgmt" lub napraw WMI. ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (05/02/2016 08:10:20 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: Service_KMS.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.IO.IOException w System.IO.__Error.WinIOError(Int32, System.String) w System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean) w System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean) w System.IO.StreamWriter.CreateFile(System.String, Boolean, Boolean) w System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean) w System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding) w System.IO.File.InternalAppendAllText(System.String, System.String, System.Text.Encoding) w Service_KMS.Logging.FileLogger.ᜀ(System.String ByRef) w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) w System.Threading.ThreadHelper.ThreadStart() Error: (04/26/2016 09:39:07 PM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoId={F5D918E7-D33E-4495-BD86-0F45EBCC8F07}: The user DESKTOP-9L55HGR\Marek dialed a connection named MEDIONConnection which has failed. The error code returned on failure is 734. Error: (04/25/2016 02:01:12 AM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoId={6539ABC1-33D7-4A65-9B6E-74D746959C6D}: The user DESKTOP-9L55HGR\Marek dialed a connection named MEDIONConnection which has failed. The error code returned on failure is 734. Error: (04/24/2016 10:12:05 PM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoId={D612ABCF-908A-4770-9533-2BB2B3536E58}: The user DESKTOP-9L55HGR\Marek dialed a connection named ALDI TALK Verbindungsassistent which has failed. The error code returned on failure is 734. Error: (04/21/2016 12:21:05 AM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoId={16BFC866-F982-4CAF-BD2B-B617A204DA14}: The user DESKTOP-9L55HGR\Marek dialed a connection named MEDIONConnection which has failed. The error code returned on failure is 734. Error: (04/19/2016 09:20:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (04/19/2016 09:20:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (04/17/2016 03:47:10 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8 Error: (04/17/2016 03:47:09 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (04/17/2016 03:46:21 PM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoId={7717DC11-0CCF-4071-80AC-8690F6F52CE2}: The user DESKTOP-9L55HGR\Marek dialed a connection named ALDI TALK Verbindungsassistent which has failed. The error code returned on failure is 734. Dziennik System: ============= Error: (05/07/2016 01:47:44 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (05/06/2016 07:37:04 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (05/06/2016 07:34:41 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (05/05/2016 07:00:57 PM) (Source: TPM) (EventID: 15) (User: ) Description: Sterownik modułu TPM (Trusted Platform Module) napotkał nieodwracalny błąd modułu TPM, który uniemożliwia używanie usług TPM, takich jak szyfrowanie danych. Aby uzyskać dalszą pomoc, skontaktuj się z producentem komputera. Error: (05/05/2016 12:46:00 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (05/04/2016 10:32:44 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (05/04/2016 05:03:02 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (05/04/2016 10:39:16 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (05/03/2016 11:45:25 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (05/03/2016 07:56:28 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny CodeIntegrity: =================================== Date: 2016-04-24 10:38:46.952 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-24 10:36:36.557 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-19 20:55:49.109 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-18 03:36:24.355 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-18 03:34:05.905 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-13 19:22:12.557 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-08 20:11:05.998 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-08 20:06:51.039 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-04 23:59:15.403 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-02 23:59:24.958 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz Procent pamięci w użyciu: 51% Całkowita pamięć fizyczna: 4016.11 MB Dostępna pamięć fizyczna: 1935.77 MB Całkowita pamięć wirtualna: 4272.11 MB Dostępna pamięć wirtualna: 1889.89 MB ==================== Dyski ================================ Drive c: (SYSTEM) (Fixed) (Total:390.14 GB) (Free:365.47 GB) NTFS Drive e: () (Fixed) (Total:540.89 GB) (Free:514.19 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D9FA2484) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=390.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================

Kod: Zaznacz wszystko: Rezultat skanowania skrótów użytkowników (x64) Wersja:07-05-2016 Uruchomiony przez Marek (2016-05-07 14:20:46) Uruchomiony z C:\Users\Marek\Downloads Tryb startu: Normal ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\Marek\Documents () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\Marek\Downloads () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\Marek\Music () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\Marek\Pictures () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\Marek\Videos () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\Marek () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\ALDI TALK Verbindungsassistent.lnk -> C:\aldiczek\ALDITALKVerbindungsassistent.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk -> C:\Windows\DevicesFlow\DevicesFlow.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\Windows\MiracastView\MiracastView.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Launcher.lnk -> C:\aldiczek\ALDITALKVerbindungsassistent_Launcher.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Deinstalacja programu Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk -> C:\Program Files\KMSpico12\AutoPico.exe (@ByELDI) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk -> C:\Program Files\KMSpico12\KMSELDI.exe (@ByELDI) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Log KMSpico.lnk -> C:\Program Files\KMSpico12\scripts\Log.cmd () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant\SAII\SmartAudio.lnk -> C:\Program Files\CONEXANT\SAII\SmartAudio.exe (Conexant Systems, Inc) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira Antivirus Help.lnk -> C:\Program Files (x86)\Avira\AntiVir Desktop\150\avwin.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira on the Internet.lnk -> C:\Program Files (x86)\Avira\AntiVir Desktop\weblink.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Start Avira Antivirus.lnk -> C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALDI TALK Verbindungsassistent\ALDI TALK Verbindungsassistent.lnk -> C:\aldiczek\ALDITALKVerbindungsassistent.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\Music\Obrazy.lnk -> C:\Users\Marek\Pictures () Shortcut: C:\Users\Marek\Links\Desktop.lnk -> C:\Users\Marek\Desktop () Shortcut: C:\Users\Marek\Links\Downloads.lnk -> C:\Users\Marek\Downloads () Shortcut: C:\Users\Marek\Desktop\Kodi.lnk -> C:\Program Files (x86)\Kodi\Kodi.exe (XBMC-Foundation) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Marek\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Torpedo.lnk -> C:\Users\Marek\AppData\Local\Torpedo\Torpedo.exe (Brak pliku) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi\Uninstall Kodi.lnk -> C:\Program Files (x86)\Kodi\Uninstall.exe () Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\SendTo\Transfer plików Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\Marek\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Kodi.lnk -> C:\Program Files (x86)\Kodi\Kodi.exe (XBMC-Foundation) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk -> C:\Users\Marek\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\ALDI TALK Verbindungsassistent.lnk -> C:\aldiczek\ALDITALKVerbindungsassistent.exe () Shortcut: C:\Users\Marek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Uninstall KMSpico.lnk -> C:\Program Files\KMSpico12\UninsHs.exe (Han-soft) -> /u0=KMSpico ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Launcher.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) -> /showMiniGui ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Marek\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} InternetURL: C:\Users\Marek\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142 InternetURL: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi\Visit Kodi Online.url -> hxxp://kodi.tv ==================== Koniec Shortcut.txt =============================

**Posty:** 4765 · przez **ordynat** 07 Maj 2016, 15:31

Nie widzę tu żadnej infekcji.

Kosmetyka:
Otwórz Notatnik i wklej w nim:

testsigning: ==> Ustawiony "Tryb testu". Sprawdź obecność niepodpisanego sterownika <===== UWAGA
U3 agkdyuoc; C:\Users\Marek\AppData\Local\Temp\agkdyuoc.sys [56584 2016-05-07] (GMER) [Brak podpisu cyfrowego]
U4 CscService; Brak ImagePath
U4 dcpsvc; Brak ImagePath
U4 DiagTrack; Brak ImagePath
U4 lfsvc; Brak ImagePath
U4 napagent; Brak ImagePath
U4 PeerDistSvc; Brak ImagePath
S1 sgsonyvd; \??\C:\Windows\system32\drivers\sgsonyvd.sys [X]
U4 WbioSrvc; Brak ImagePath
U4 WerSvc; Brak ImagePath
U4 WPCSvc; Brak ImagePath
U4 XboxNetApiSvc; Brak ImagePath
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3111808314-435151896-2043813346-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
ShortcutTarget: Torpedo.lnk -> C:\Users\Marek\AppData\Local\Torpedo\Torpedo.exe (Brak pliku)
Task: {66FE0026-8E27-493D-BED2-EF4ACF50814C} - \Microsoft\Windows\Maintenance\WinSAT -> Brak pliku <==== UWAGA
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix (NAPRAW).

Sprawdź usługę "winmgmt" lub napraw WMI.

Do Notatnika wklej:

Kod: Zaznacz wszystko: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Winmgmt] "DisplayName"="@%Systemroot%\\system32\\wbem\\wmisvc.dll,-205" "ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6d,00,72,00,6f,00,6f,00,\ 74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\ 00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\ 6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00 "Description"="@%Systemroot%\\system32\\wbem\\wmisvc.dll,-204" "ObjectName"="localSystem" "ErrorControl"=dword:00000000 "Start"=dword:00000002 "Type"=dword:00000020 "DependOnService"=hex(7):52,00,50,00,43,00,53,00,53,00,00,00,00,00 "ServiceSidType"=dword:00000001 "FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\ 00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Winmgmt\Parameters] "ServiceDllUnloadOnStop"=dword:00000001 "ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\ 00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\ 77,00,62,00,65,00,6d,00,5c,00,57,00,4d,00,49,00,73,00,76,00,63,00,2e,00,64,\ 00,6c,00,6c,00,00,00 "ServiceMain"="ServiceMain"

Z Menu Notatnika >> Plik >> Zapisz jako >> Ustaw rozszerzenie na Wszystkie pliki >> Zapisz jako> FIX.REG >>
Kliknij prawym na plik i z menu wybierz opcję Scal. Potwierdź import do rejestru.
.