Sprawdzenie logów, reklamy i niechciane programy

**Posty:** 118 · przez **4_life** 29 Lis 2015, 17:25

Witam,

serdecznie proszę o sprawdzenie logów. Laptop zamula i podczas otwierania nowych kart uruchamia się strona delta

Poniżej logi Z FRST:

Kod: Zaznacz wszystko: Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:28-11-2015 Uruchomiony przez Martyna (administrator) COMPUTER (29-11-2015 16:18:14) Uruchomiony z C:\Users\Martyna\Desktop\czyszczenie Załadowane profile: Martyna & UpdatusUser (Dostępne profile: Martyna & UpdatusUser) Platform: Windows 8.1 Pro (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Elex do Brasil cenzura!ções Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe (Elex do Brasil cenzura!ções Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Elex do Brasil cenzura!ções Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Taiwan Shui Mu Chih Ching Technology Limited) C:\Program Files (x86)\Picexa\picexasvc.exe (Taiwan Shui Mu Chih Ching Technology Limited) C:\Program Files (x86)\WinZipper\winzipersvc.exe (Big Muscle) C:\AeroGlass\aerohost.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (tsvr.com) C:\Users\Martyna\AppData\Roaming\TSv\TSvr.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [StartIsBackTR] => C:\Program Files (x86)\StartIsBack\SIBTR.exe [319435 2013-03-04] () HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-11] (AVAST Software) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [477064 2013-12-22] (Autodesk Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1 HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKLM\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd) HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\Run: [Spotify Web Helper] => C:\Users\Martyna\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-20] (Spotify Ltd) HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\Run: [Spotify] => C:\Users\Martyna\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-20] (Spotify Ltd) HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\MountPoints2: {92032d7e-bab0-11e4-8263-6036ddf83e6e} - "D:\SETUP.EXE" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\MountPoints2: {bc9d38d4-9372-11e5-82d6-6036ddf83e72} - "H:\start.exe" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\MountPoints2: {bc9d4005-9372-11e5-82d6-6036ddf83e72} - "H:\LGAutoRun.exe" HKU\S-1-5-18\...\Run: [tiny.cmd] => C:\Windows\System32\tiny\tiny.cmd HKU\S-1-5-18\...\Run: [] => 0 ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-27] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2015-11-25] ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG) GroupPolicy: Ograniczenia - Chrome <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 86.63.64.48 86.63.64.49 Tcpip\..\Interfaces\{423147C8-7EFB-466B-B3DE-1609016EF4DC}: [DhcpNameServer] 86.63.64.48 86.63.64.49 Tcpip\..\Interfaces\{8D3BC2DD-DD2A-4A5F-B8B0-53A948C2B3F3}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.omniboxes.com/web/?type=ds&ts=1448353096&z=171d2aabe8a50ca1e078d00g8z3zcb2c5w3c8g9g4t&from=ient07031&uid=ST1000LM024XHN-M101MBB_S2U5J9CD145092&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1448353096&z=171d2aabe8a50ca1e078d00g8z3zcb2c5w3c8g9g4t&from=ient07031&uid=ST1000LM024XHN-M101MBB_S2U5J9CD145092&q={searchTerms} HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z URLSearchHook: [S-1-5-21-492168682-3674762022-4208976723-1002] UWAGA => Brak domyślnego URLSearchHook SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-19 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-19 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-20 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-20 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1001 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1002 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1002 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} BHO: Brak nazwy -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Windows\system32\OldNewExplorer64.dll [2014-07-20] (www.startisback.com) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-27] (AVAST Software) BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-01] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-27] (AVAST Software) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-01] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-01-21] (Microsoft Corporation) FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-01] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-01] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-27] [Brak podpisu cyfrowego] Chrome: ======= CHR HomePage: Default -> hxxp://www.v9.com?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z CHR StartupUrls: Default -> "hxxp://www.v9.com?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z" CHR DefaultSearchURL: Default -> hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} CHR DefaultSearchKeyword: Default -> v9 CHR Profile: C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-02] CHR Extension: (Dokumenty Google) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-02] CHR Extension: (Dysk Google) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23] CHR Extension: (Video AdBlock for Chrome) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-09-02] CHR Extension: (YouTube) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29] CHR Extension: (Adblock Plus) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-28] CHR Extension: (Google Search) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-25] CHR Extension: (Arkusze Google) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-02] CHR Extension: (Dokumenty Google offline) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03] CHR Extension: (Avast Online Security) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-02] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-02] CHR Extension: (Gmail) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-02] CHR HKU\S-1-5-21-492168682-3674762022-4208976723-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-27] Opera: ======= OPR Extension: (Adblock Plus) - C:\Users\Martyna\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-11-25] OPR Extension: (Google Translate) - C:\Users\Martyna\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcfaommkmdjacdkbaoohklbccfmbnnod [2015-09-11] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-27] (AVAST Software) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-08] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-08] (Dropbox, Inc.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation) R2 IhPul; C:\Users\Martyna\AppData\Roaming\TSv\TSvr.exe [580752 2015-11-23] (tsvr.com) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-08-19] (Elex do Brasil cenzura!ções Ltda) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [Brak podpisu cyfrowego] R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R2 PicexaService; C:\Program Files (x86)\Picexa\PicexaSvc.exe [730248 2015-11-04] (Taiwan Shui Mu Chih Ching Technology Limited) S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [965776 2014-10-26] (@ByELDI) [Brak podpisu cyfrowego] S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [707760 2015-11-03] (Taiwan Shui Mu Chih Ching Technology Limited) <==== UWAGA ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.) S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-27] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-27] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-27] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-27] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-11] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-11] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-27] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-27] (AVAST Software) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-02-22] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [260856 2015-05-14] (Elex do Brasil cenzura!ções Ltda) S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2015-08-19] (Elex do Brasil cenzura!ções Ltda) R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2015-08-19] (Elex do Brasil cenzura!ções Ltda) R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2015-08-19] (Elex do Brasil cenzura!ções Ltda) R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2015-08-19] (Elex do Brasil cenzura!ções Ltda) R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-06-30] (Elex do Brasil cenzura!ções Ltda) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation) R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) U4 clr_optimization_v2.0.50727_32; Brak ImagePath U4 clr_optimization_v2.0.50727_64; Brak ImagePath U4 clr_optimization_v4.0.30319_32; Brak ImagePath U4 clr_optimization_v4.0.30319_64; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-29 16:17 - 2015-11-29 16:18 - 00000000 ____D C:\Users\Martyna\Desktop\czyszczenie 2015-11-29 16:17 - 2015-11-29 16:18 - 00000000 ____D C:\FRST 2015-11-29 16:15 - 2015-11-29 16:15 - 02349056 _____ (Farbar) C:\Users\Martyna\Downloads\FRST64.exe 2015-11-29 15:11 - 2015-11-29 15:11 - 00000000 ____H C:\ProgramData\cm-lock 2015-11-29 14:49 - 2015-11-29 14:49 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2015-11-29 14:45 - 2015-11-29 14:45 - 00000000 ____D C:\Users\Martyna\AppData\Local\VirtualStore 2015-11-27 11:06 - 2015-11-27 11:07 - 00000000 ____D C:\Users\Martyna\Desktop\15.11.15 2015-11-25 17:55 - 2015-11-25 17:58 - 00000000 ____D C:\Users\Martyna\Downloads\UMYWALKA CITTERIO.3DS 2015-11-25 17:55 - 2015-11-25 17:55 - 02173042 _____ C:\Users\Martyna\Downloads\UMYWALKA CITTERIO.3DS.zip 2015-11-25 14:15 - 2015-11-25 14:15 - 00401049 _____ C:\Users\Martyna\Downloads\citterio-kibelek.3ds 2015-11-25 14:14 - 2015-11-25 14:14 - 00000000 ____D C:\Users\Martyna\Downloads\citterio kibelekk 2015-11-25 14:13 - 2015-11-25 14:13 - 00446948 _____ C:\Users\Martyna\Downloads\citterio kibelekk.zip 2015-11-25 14:13 - 2015-11-25 14:13 - 00000000 ____D C:\Users\Martyna\Downloads\citterio kibelek 2015-11-25 14:09 - 2015-11-25 14:09 - 00375556 _____ C:\Users\Martyna\Downloads\citterio kibelek.zip 2015-11-25 13:50 - 2015-11-25 13:50 - 00000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-11-25 13:44 - 2015-11-25 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter 2015-11-25 13:44 - 2015-11-25 13:44 - 00000000 ____D C:\ProgramData\CodeMeter 2015-11-25 13:44 - 2015-11-25 13:44 - 00000000 ____D C:\Program Files\WIBU-SYSTEMS 2015-11-25 13:44 - 2015-11-25 13:44 - 00000000 ____D C:\Program Files\CodeMeter 2015-11-25 13:44 - 2015-11-25 13:44 - 00000000 ____D C:\Program Files (x86)\CodeMeter 2015-11-25 13:37 - 2015-11-25 13:37 - 00375556 _____ C:\Users\Martyna\Downloads\7026L43100caddecor.zip 2015-11-24 15:39 - 2015-11-24 15:39 - 00204712 _____ C:\Users\Martyna\Downloads\Baby+Changing+Station.skp 2015-11-24 09:19 - 2015-11-29 16:17 - 00000000 ____D C:\Program Files (x86)\Picexa 2015-11-24 09:19 - 2015-11-29 15:05 - 00000000 ____D C:\Program Files (x86)\SFK 2015-11-24 09:19 - 2015-11-29 15:03 - 00000000 ____D C:\ProgramData\MWMiniProM 2015-11-24 09:19 - 2015-11-24 09:19 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2015-11-24 09:19 - 2015-11-24 09:19 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Picexa Viewer 2015-11-24 09:19 - 2015-11-24 09:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picexa 2015-11-23 19:33 - 2015-11-23 19:33 - 00000000 ____D C:\Users\Martyna\Documents\Adobe 2015-11-23 18:36 - 2015-11-23 18:36 - 00036793 _____ C:\Users\Martyna\Downloads\GRAWER.pdf 2015-11-22 14:12 - 2015-11-22 14:12 - 03374967 _____ C:\Users\Martyna\Downloads\Toalha.skp 2015-11-22 14:10 - 2015-11-22 14:10 - 00235524 _____ C:\Users\Martyna\Downloads\Senza.skp 2015-11-22 14:10 - 2015-11-22 14:10 - 00235524 _____ C:\Users\Martyna\Downloads\Senza (1).skp 2015-11-22 14:05 - 2015-11-22 14:05 - 00164597 _____ C:\Users\Martyna\Downloads\towel+ring.skp 2015-11-22 13:46 - 2015-11-22 13:46 - 01368768 _____ C:\Users\Martyna\Downloads\Towels+by+Own+Design+Rendering.skp 2015-11-22 13:38 - 2015-11-22 13:38 - 00676280 _____ C:\Users\Martyna\Downloads\Untitled.skp 2015-11-22 13:32 - 2015-11-22 13:32 - 00808333 _____ C:\Users\Martyna\Downloads\bathroom_personalcare_set.skp 2015-11-22 11:58 - 2015-11-22 12:20 - 00000090 _____ C:\Users\Martyna\Desktop\SANITARNY.txt 2015-11-22 11:24 - 2015-11-22 11:28 - 42759329 _____ C:\Users\Martyna\Downloads\sh+1+%282%29 (1).skp 2015-11-20 13:04 - 2015-11-20 13:04 - 00003872 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1441966932 2015-11-20 13:04 - 2015-11-20 13:04 - 00001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-11-20 12:58 - 2015-11-03 01:23 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-20 12:58 - 2015-11-03 01:23 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-18 21:23 - 2015-11-18 21:23 - 11517544 _____ C:\Users\Martyna\Documents\1.skp 2015-11-18 21:23 - 2015-11-18 14:07 - 11528102 _____ C:\Users\Martyna\Documents\1.skb 2015-11-16 17:09 - 2015-11-16 17:09 - 00319299 _____ C:\Users\Martyna\Desktop\PENSJONAT.pdf 2015-11-15 21:47 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2015-11-15 21:47 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2015-11-12 22:50 - 2015-11-12 22:50 - 00026880 _____ (Western Digital Technologies, Inc.) C:\Windows\system32\Drivers\wdcsam64.sys 2015-11-12 15:26 - 2015-11-12 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-11-11 19:49 - 2015-11-11 19:49 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2015-11-11 19:49 - 2015-11-11 19:49 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2015-11-11 14:48 - 2015-11-11 14:48 - 00000000 ____D C:\Users\Martyna\Downloads\kanapa-bar 2015-11-11 13:03 - 2015-11-11 13:03 - 00000000 ____D C:\Users\Martyna\Downloads\hekry2-club 2015-11-11 13:01 - 2015-11-11 13:09 - 00000000 ____D C:\Users\Martyna\Downloads\hokery-club 2015-11-11 09:29 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys 2015-11-11 09:28 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys 2015-11-11 09:28 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe 2015-11-11 09:28 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-11-11 09:28 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-11-11 09:28 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2015-11-11 09:28 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2015-11-11 08:51 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-11 08:51 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-11-11 08:51 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-11-11 08:51 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-11-11 08:50 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2015-11-11 08:50 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2015-11-11 08:50 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-11-11 08:50 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-11-11 08:50 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2015-11-11 08:50 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2015-11-11 08:50 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-11-11 08:50 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-11-11 08:50 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-11-11 08:50 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-11-11 08:50 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-11-11 08:50 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-11-11 08:50 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-11 08:50 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-11-11 08:50 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-11-11 08:49 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2015-11-11 08:49 - 2015-09-07 17:21 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll 2015-11-11 08:49 - 2015-09-07 17:17 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll 2015-11-11 08:49 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2015-11-11 08:49 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2015-11-11 08:48 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-11 08:48 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-11 08:48 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-11-11 08:48 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-11-11 08:48 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-11-11 08:48 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-11-11 08:48 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml 2015-11-11 08:46 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-11-11 08:46 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-11-11 08:46 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-11-11 08:46 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-11-11 08:46 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-11-11 08:46 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-11-11 08:46 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-11-11 08:46 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-11-11 08:46 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-11-11 08:46 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-11-11 08:46 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-11-11 08:46 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-11-11 08:42 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-11 08:42 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-11 08:42 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-11 08:42 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-11 08:42 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-11 08:42 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-11-11 08:42 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-11-11 08:42 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-11-11 08:42 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-11-11 08:42 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-11-11 08:42 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-11-11 08:42 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-11 08:42 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-11 08:42 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-11 08:42 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-11-11 08:42 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-11-11 08:42 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-11-11 08:42 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-11-11 08:42 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-11 08:42 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-11-11 08:42 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-11-11 08:42 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-11-11 08:42 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-11-11 08:41 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2015-11-11 08:41 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2015-11-11 08:41 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2015-11-11 08:41 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2015-11-11 08:41 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2015-11-11 08:41 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2015-11-11 08:41 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2015-11-05 12:29 - 2015-11-05 12:29 - 00000000 ____D C:\Users\Martyna\Downloads\HG_3D_Axor_Citterio_M 2015-11-05 12:29 - 2015-11-05 12:29 - 00000000 ____D C:\Users\Martyna\Downloads\HG_3D_Axor_Citterio_E 2015-11-05 12:29 - 2015-11-05 12:29 - 00000000 ____D C:\Users\Martyna\Downloads\HG_3D_Axor_Citterio 2015-11-04 11:18 - 2015-11-05 20:31 - 00000189 _____ C:\Users\Martyna\Desktop\prezenty.txt 2015-11-04 08:30 - 2015-11-04 08:30 - 00000000 ____D C:\Windows\system32\log 2015-11-04 08:30 - 2015-11-04 08:30 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Elex-tech 2015-11-04 08:30 - 2015-11-04 08:30 - 00000000 ____D C:\Program Files (x86)\Elex-tech 2015-11-04 08:30 - 2015-08-19 08:02 - 00055056 _____ (Elex do Brasil cenzura!ções Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys 2015-11-04 08:30 - 2015-06-30 03:50 - 00052392 _____ (Elex do Brasil cenzura!ções Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys 2015-10-31 10:35 - 2015-10-31 10:35 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-492168682-3674762022-4208976723-1001 2015-10-30 16:38 - 2015-10-30 16:40 - 00000000 ____D C:\Users\Martyna\Downloads\lampa - stoliki ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-29 16:17 - 2015-10-12 07:31 - 00000000 ____D C:\Program Files (x86)\WinZipper 2015-11-29 16:17 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2015-11-29 16:16 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2015-11-29 15:32 - 2015-09-18 08:27 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-29 15:24 - 2015-06-08 15:23 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2015-11-29 15:11 - 2015-09-18 08:27 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-29 15:10 - 2015-06-08 15:23 - 00001168 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2015-11-29 15:10 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-29 15:07 - 2015-09-29 11:06 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Spotify 2015-11-29 15:07 - 2015-06-08 15:26 - 00000000 ___RD C:\Users\Martyna\Dropbox 2015-11-29 15:06 - 2015-09-29 11:08 - 00000000 ____D C:\Users\Martyna\AppData\Local\Spotify 2015-11-29 15:06 - 2015-09-23 09:37 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-29 14:57 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-11-29 14:50 - 2014-03-18 10:56 - 01825074 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-29 14:50 - 2014-03-18 10:28 - 00807160 _____ C:\Windows\system32\perfh015.dat 2015-11-29 14:50 - 2014-03-18 10:28 - 00163478 _____ C:\Windows\system32\perfc015.dat 2015-11-29 14:50 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2015-11-29 14:49 - 2015-08-11 19:49 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-11-29 14:47 - 2015-06-08 15:23 - 00000000 ____D C:\Users\Martyna\AppData\Local\Dropbox 2015-11-28 12:59 - 2015-09-14 07:21 - 00000992 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-11-28 12:37 - 2015-03-04 10:49 - 00000321 _____ C:\Users\Martyna\Documents\BIMx_Export_Log.txt 2015-11-28 12:37 - 2015-03-04 10:48 - 00000000 ____D C:\Users\Martyna\Graphisoft 2015-11-27 12:55 - 2015-04-16 09:45 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\vlc 2015-11-27 09:48 - 2015-03-04 10:49 - 00000000 ____D C:\Users\Martyna\Documents\BIMx 2015-11-26 16:33 - 2015-02-23 18:00 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Abvent_Artlantis5 2015-11-26 16:25 - 2015-02-23 17:16 - 00000000 ____D C:\Program Files\Artlantis Studio 5 2015-11-25 18:02 - 2015-02-22 15:02 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-492168682-3674762022-4208976723-1001 2015-11-25 16:07 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\FxsTmp 2015-11-25 13:52 - 2015-03-04 10:48 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Graphisoft 2015-11-25 13:42 - 2015-02-23 18:02 - 00006536 _____ C:\Windows\vpd.properties 2015-11-25 13:40 - 2015-02-23 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRAPHISOFT 2015-11-25 12:44 - 2015-02-23 17:57 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Install.GS 2015-11-24 09:19 - 2015-10-12 07:30 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\TSv 2015-11-24 03:07 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2015-11-23 19:33 - 2015-02-22 14:57 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Adobe 2015-11-20 21:25 - 2014-11-11 22:20 - 00000000 ____D C:\Windows\system32\MRT 2015-11-20 21:20 - 2015-03-16 19:09 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-11-20 13:04 - 2015-09-01 22:08 - 00000000 ____D C:\Program Files (x86)\Opera 2015-11-20 12:54 - 2013-08-22 15:44 - 05029000 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-20 12:49 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData 2015-11-19 17:11 - 2015-02-22 14:56 - 00000000 ____D C:\Users\Martyna\AppData\Local\Packages 2015-11-16 15:07 - 2015-10-09 07:22 - 00000000 ____D C:\Users\Martyna\Desktop\PORTFOLIO 2015-11-12 18:17 - 2015-02-23 17:01 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-11-12 15:24 - 2015-06-08 15:23 - 00000000 ____D C:\Program Files (x86)\Dropbox 2015-11-12 15:09 - 2015-08-22 10:25 - 00000000 ____D C:\Users\Martyna\Desktop\Filmy 2015-11-12 10:37 - 2015-02-23 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-11-10 21:34 - 2015-02-22 14:56 - 00000000 ____D C:\Users\Martyna 2015-11-10 19:06 - 2015-09-23 09:37 - 00003818 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-10 19:06 - 2015-09-14 07:21 - 00003960 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2015-11-04 15:13 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF 2015-11-04 11:06 - 2015-02-22 16:23 - 00000000 ____D C:\Users\UpdatusUser 2015-11-04 08:31 - 2015-02-22 14:57 - 00001492 _____ C:\Users\Martyna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-11-04 08:31 - 2014-11-11 21:33 - 00001462 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-10-31 10:35 - 2015-08-26 08:36 - 00000000 ___RD C:\Users\Martyna\OneDrive 2015-10-30 14:20 - 2015-10-25 11:31 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-10-30 14:20 - 2015-10-25 11:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-03-18 16:47 - 2015-07-13 09:01 - 0000132 _____ () C:\Users\Martyna\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe 2015-08-26 10:37 - 2015-08-26 10:41 - 0000161 _____ () C:\Users\Martyna\AppData\Roaming\settings.xml 2015-08-27 07:57 - 2015-09-02 20:30 - 0029184 _____ () C:\Users\Martyna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-11-29 15:11 - 2015-11-29 15:11 - 0000000 ____H () C:\ProgramData\cm-lock 2015-11-24 09:19 - 2015-11-24 09:19 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Niektóre pliki w TEMP: ==================== C:\Users\Martyna\AppData\Local\Temp\AcDeltree.exe C:\Users\Martyna\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsbmlsd.dll C:\Users\Martyna\AppData\Local\Temp\FNP_ACT_InstallerCA.dll C:\Users\Martyna\AppData\Local\Temp\ICSW1.14_0R0S1E1T1C1J1.14.exe C:\Users\Martyna\AppData\Local\Temp\ose00000.exe C:\Users\Martyna\AppData\Local\Temp\Quarantine.exe C:\Users\Martyna\AppData\Local\Temp\sqlite3.dll C:\Users\Martyna\AppData\Local\Temp\StartIsBack_update.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-11-27 08:59 ==================== Koniec FRST.txt ============================

Kod: Zaznacz wszystko: Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:28-11-2015 Uruchomiony przez Martyna (2015-11-29 16:19:08) Uruchomiony z C:\Users\Martyna\Desktop\czyszczenie Windows 8.1 Pro (X64) (2015-02-22 13:55:23) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-492168682-3674762022-4208976723-500 - Administrator - Disabled) Gość (S-1-5-21-492168682-3674762022-4208976723-501 - Limited - Disabled) Martyna (S-1-5-21-492168682-3674762022-4208976723-1001 - Administrator - Enabled) => C:\Users\Martyna UpdatusUser (S-1-5-21-492168682-3674762022-4208976723-1002 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 3DS Export for SketchUp (HKLM-x32\...\3DS Export for SketchUp_is1) (Version: - SYCODE) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Aero Glass for Win8.1 (HKLM\...\Aero Glass for Win8.1_is1) (Version: 1.2.5 - Big Muscle) ArchiCAD 18 POL (HKLM\...\001FFF2FFF18FF00FF1801F01F02F000-R1) (Version: 18.0 - GRAPHISOFT) Artlantis 5 Exporter for SketchUp 8 (HKLM-x32\...\Abvent_Skp8toATL5) (Version: - ) Artlantis 5 Exporter for SketchUp Pro 2015 32-Bit (HKLM-x32\...\Abvent_SkpPro2015_32BittoATL5) (Version: - Abvent R&D) Artlantis Studio 5.1.2.4 (64 bit) (HKLM\...\Artlantis Studio 5 (64 bit)) (Version: 5.1.2.4 - Abvent R&D) Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk) Autodesk 3ds Max Design 2015 (HKLM\...\Autodesk 3ds Max Design 2015) (Version: 17.3.374.0 - Autodesk) Autodesk 3ds Max Design 2015 (Version: 17.3.374.0 - Autodesk) Hidden Autodesk 3ds Max Design 2015 SP3 (HKLM\...\Autodesk 3ds Max Design 2015 SP3) (Version: 17.3.374.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk) Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk) Autodesk Civil View for 3ds Max Design 2015 64-bit (HKLM\...\{1C4FFAF0-5DBB-4F7A-A386-46747D060826}) (Version: 17.0.0.0 - Autodesk) Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk) Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden Autodesk Inventor Server Engine for 3ds Max Design 2015 (HKLM\...\{D7DEFF4A-BB64-48CC-81AB-845BA62D6032}) (Version: 17.0 - Autodesk) Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk) Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk) Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.107.0 - Autodesk) Hidden Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software) CodeMeter Runtime Kit v5.10a (HKLM\...\{CADFF08A-A157-474F-B6A8-8F26F81F7ABE}) (Version: 5.10.1224.501 - WIBU-SYSTEMS AG) CWK (Czasowy Wyłącznik Komputera) (HKLM-x32\...\CWK) (Version: 2.52.3.43 - Damian Pasternak) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd) Driver (HKLM-x32\...\{C9A7E6A6-110D-4DBC-A8E2-F634613B5A8C}_is1) (Version: - TCL Commumication Technology Holdings Limited) Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.143.923 - Foxit Software Inc.) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.3.320 - Foxit Software Inc.) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.) Google SketchUp Pro 8 (HKLM-x32\...\{E0A160F1-127B-43AC-AF96-EBB6319B01C7}) (Version: 3.0.4811 - Google, Inc.) Google SketchUp Pro 8 PL (x32 Version: 8.0.4811.3 - Progrupa sp. z o.o.) Hidden Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu) HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) KeyShot 5 64 bit (HKLM-x32\...\KeyShot 5_64) (Version: 5.0 64 bit - Luxion ApS) K-Lite Codec Pack 11.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - ) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.0.3 - LG Electronics) LG One Click Root (HKLM-x32\...\{5085AFF1-777B-4052-85D1-59140D26DB28}) (Version: 1.3.0.0 - avicohh software) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker 6.0 for Windows 7 (64-bit) (HKLM\...\{A7395F20-2B22-4CB8-8510-B452C0F47E02}) (Version: 6.0.0 - Microsoft Corporation) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden NVIDIA Oprogramowanie systemu PhysX 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA Sterownik graficzny 326.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 326.49 - NVIDIA Corporation) Opera Stable 33.0.1990.115 (HKLM-x32\...\Opera 33.0.1990.115) (Version: 33.0.1990.115 - Opera Software) Panel sterowania NVIDIA 326.49 (Version: 326.49 - NVIDIA Corporation) Hidden PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.) Picexa (HKLM-x32\...\Picexa) (Version: - Taiwan Shui Mu Chih Ching Technology Limited) <==== UWAGA Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Polski pakiet językowy dla programu Google SketchUp Pro 8 (HKLM-x32\...\Google SketchUp Pro 8 PL) (Version: 8.0.4811.3 - Progrupa sp. z o.o.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SketchUp 2015 (HKLM-x32\...\{D0A0BE3D-8D66-4BE9-87C4-D30CA5AA93A3}) (Version: 15.3.330 - Trimble Navigation Limited) Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB) StartIsBack+ (HKLM-x32\...\StartIsBack) (Version: 1.6.2 - startisback.com) TakeOwnershipEx (HKLM-x32\...\TakeOwnershipEx) (Version: 1.2.0.1 - hxxp://winaero.com) Total Video Converter 3.71 100812 (HKLM-x32\...\Total Video Converter 3.71_is1) (Version: - EffectMatrix Inc.) Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{CF394926-359E-48E1-AA25-E56B32FCB335}) (Version: - Microsoft) VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation) WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.119 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== UWAGA YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL cenzura!ÇÕES LTDA) <==== UWAGA ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max Design 2015\Inventor Server\Bin\TestServer.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Martyna\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Martyna\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max Design 2015\Inventor Server\Bin\TestServer.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max Design 2015\Inventor Server\Bin\TestServer.dll => Brak pliku ==================== Punkty Przywracania systemu ========================= 08-11-2015 13:09:35 Windows Update 12-11-2015 10:08:59 Windows Update 15-11-2015 21:45:12 Windows Update 18-11-2015 22:10:28 Windows Update 22-11-2015 13:51:15 Windows Update 26-11-2015 10:29:44 Windows Update 29-11-2015 14:35:15 Windows Update ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {187D6D59-297A-4BAD-9CA9-DE86D211D3AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10] (Adobe Systems Incorporated) Task: {3180FCB5-9736-43AE-A78B-D2928717262D} - System32\Tasks\Opera scheduled Autoupdate 1441966932 => C:\Program Files (x86)\Opera\launcher.exe [2015-11-16] (Opera Software) Task: {39C7CFC0-398A-4F57-A801-7CD4CFEDFF5E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-27] (AVAST Software) Task: {4635C4D9-6DBE-43A9-AA69-BBB5DFD00EC8} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-08] (Dropbox, Inc.) Task: {47BFE674-5DFA-4395-B88C-47D28D6E5597} - \Microsoft\Windows\Maintenance\WinSAT -> Brak pliku <==== UWAGA Task: {4D651F49-A17C-4925-9949-B2C72B985990} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-492168682-3674762022-4208976723-1001 => C:\Users\Martyna\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-10-31] (Microsoft Corporation) Task: {5668346C-2418-4C31-8945-52A38019D917} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-11-20] (Microsoft Corporation) Task: {653BF400-8182-4E2A-AB7F-8E5468DB0577} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {7049A30B-1FBF-49D9-8A39-061A7313B931} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-22] (Google Inc.) Task: {74E39FCB-92A6-4093-946F-AC888F846677} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-08] (Dropbox, Inc.) Task: {802265C3-D48E-43B2-ADCC-212BFC322CCC} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe [2015-11-10] (Adobe Systems Incorporated) Task: {82061315-9B7C-4C08-8C0F-E1CB0A245F82} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-22] (Google Inc.) Task: {86FF49C7-C00D-4272-8EC2-554BE91360CE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {93BC20C8-F222-435D-986F-207A54F27E64} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {B0D2B174-4C0E-4482-9B5F-0804629C52D3} - System32\Tasks\Aero Glass => C:\AeroGlass\aerohost.exe [2014-05-04] (Big Muscle) Task: {B3A13EDC-B908-479E-9E2E-F37FBC7A758A} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-10-26] (@ByELDI) Task: {F8E67123-EA00-49AF-A258-4561F6ACA4EF} - System32\Tasks\{4E78E308-9159-478A-B389-081DA17BD841} => pcalua.exe -a "C:\Program Files (x86)\Damian Pasternak\CWK\CWK.exe" -d "C:\Program Files (x86)\Damian Pasternak\CWK\" Task: {FA7C4196-4556-4AC6-80D7-300D65831178} - System32\Tasks\{5F91188F-6EFC-4A27-B30F-36CC8B8F376D} => Chrome.exe hxxp://ui.skype.com/ui/0/7.6.0.105/pl/go/help.faq.installer?LastError=1618 (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Martyna\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.delta-homes.com/?type=sc&ts=1444631399&z=f03fed69dab3d8b4d36821egbzdzdz1q1c4g1z1g1g&from=wpm07163&uid=ST1000LM024XHN-M101MBB_S2U5J9CD145092 <==== UWAGA ==================== Załadowane moduły (filtrowane) ============== 2015-02-22 16:18 - 2013-08-01 22:10 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2015-02-22 16:20 - 2013-08-01 14:22 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-11-04 08:30 - 2015-08-19 07:59 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll 2015-11-04 08:30 - 2015-06-30 03:50 - 00176976 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unrar.dll 2015-11-04 08:30 - 2015-06-30 03:50 - 00087744 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unacev2.dll 2015-07-27 16:08 - 2015-07-27 16:08 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-07-27 16:08 - 2015-07-27 16:08 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-11-29 14:47 - 2015-11-29 14:47 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\15112900\algo.dll 2015-11-04 08:30 - 2015-08-19 07:59 - 00179200 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll 2015-11-24 09:19 - 2015-08-06 04:47 - 00582144 _____ () C:\Program Files (x86)\Picexa\curlpp.dll 2015-11-24 09:19 - 2015-07-15 06:58 - 00065688 _____ () C:\Program Files (x86)\Picexa\zlib1.dll 2015-10-12 07:31 - 2015-08-06 04:47 - 00582144 _____ () C:\Program Files (x86)\WinZipper\curlpp.dll 2015-10-12 07:31 - 2015-07-15 06:58 - 00065688 _____ () C:\Program Files (x86)\WinZipper\zlib1.dll 2015-02-22 16:44 - 2013-12-22 07:22 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2015-02-22 16:44 - 2013-12-22 07:22 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2015-07-27 16:09 - 2015-07-27 16:09 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-02-22 16:15 - 2013-08-08 13:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-11-20 13:04 - 2015-11-20 13:03 - 60736120 _____ () C:\Program Files (x86)\Opera\33.0.1990.115\opera.dll 2015-11-20 13:04 - 2015-11-20 13:03 - 01919608 _____ () C:\Program Files (x86)\Opera\33.0.1990.115\libglesv2.dll 2015-11-20 13:04 - 2015-11-20 13:03 - 00081528 _____ () C:\Program Files (x86)\Opera\33.0.1990.115\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Martyna\Desktop\45246e50fa741595566bf215831ac45d.jpg DNS Servers: 86.63.64.48 - 86.63.64.49 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "ADSKAppManager" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "SwitchBoard" HKLM\...\StartupApproved\Run32: => "Dropbox" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{FDFCB25C-5E1C-4E2A-8B47-AF88EE8117F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{30F9550F-4593-4E3C-8903-086F5EE98A29}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{3D28E5A8-13CC-4868-A11E-940D75852611}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe FirewallRules: [{10056017-4A31-4901-8A0D-393360D16559}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe FirewallRules: [{249371FA-059D-4DF8-A6D1-C348D1CCB614}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe FirewallRules: [{6BE76E89-A332-4CB4-890C-FD069F5E1665}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe FirewallRules: [TCP Query User{F020B984-0B3E-465A-BEDC-0F1785FE5C57}C:\program files\artlantis studio 5\artlantis license manager.exe] => (Allow) C:\program files\artlantis studio 5\artlantis license manager.exe FirewallRules: [UDP Query User{C5C6835F-49EE-41A8-BE70-88E8957699F9}C:\program files\artlantis studio 5\artlantis license manager.exe] => (Allow) C:\program files\artlantis studio 5\artlantis license manager.exe FirewallRules: [{BA4C14C2-AC96-441D-B7D5-BE02C91661A1}] => (Allow) C:\Program Files\KeyShot5\bin\keyshot5.exe FirewallRules: [{CAAF8E99-14B3-4785-A9FF-ADC2267BC3A2}] => (Allow) C:\Program Files\KeyShot5\bin\keyshot_daemon.exe FirewallRules: [{CC0BAB16-3B1F-4B53-97A3-EB722CCEF857}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe FirewallRules: [{AAB7F5C5-FEAB-460A-BF65-0266D89E6444}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe FirewallRules: [{CED1A1DB-79DE-4316-9CEE-BACB7034F013}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe FirewallRules: [{FCB5FB1A-B98A-44DF-9BF5-CDF4203E6787}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe FirewallRules: [TCP Query User{EE882780-743E-4FD1-AB0C-E78539E337A6}C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe] => (Allow) C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe FirewallRules: [UDP Query User{8D06962D-7F82-4A1F-9F07-0A77054557C9}C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe] => (Allow) C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe FirewallRules: [TCP Query User{6847D2FE-56DE-4187-9074-47311B025754}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{016D1DFC-76BB-47CC-A308-CFC602282FAF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{9938255E-FAD5-4AB0-8342-3A6FA1AB5A49}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{76BCA8A1-8EE3-467F-987E-93EA0E380ABA}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{FDB31D49-2D1A-4780-B46F-DE4E115FFE8F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{816BC97F-549C-4A6A-933E-AF17EDCB82AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{72222DDA-E68D-48A2-8335-A3353EDD2B06}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{3E786064-C37F-4884-97CB-19EA731B6C76}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{E556D021-3083-43BA-B712-4DA4F8208178}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{913AE92C-A416-442B-A24B-7FCF9DB98C5D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{74F5111C-0F69-4539-9CA8-E4DEF2E8B797}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{3A79235E-FF84-4757-8A23-47F8FA13B156}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{FCC8C1F4-E8FF-467B-B6C4-E9291E9050FF}C:\program files\artlantis studio 5\artlantis license manager.exe] => (Allow) C:\program files\artlantis studio 5\artlantis license manager.exe FirewallRules: [UDP Query User{4054FC6D-04DF-430A-B308-2ADD162228E0}C:\program files\artlantis studio 5\artlantis license manager.exe] => (Allow) C:\program files\artlantis studio 5\artlantis license manager.exe FirewallRules: [{FE756ED8-7010-4F84-9ED9-A25DB465125C}] => (Allow) LPort=1688 FirewallRules: [{8089400C-350A-4F59-B75F-E9107A50F3B5}] => (Allow) C:\Users\Martyna\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{8B4E278D-FE0C-4F19-9E90-8F53151C334A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{97C962F8-61FA-4FDE-8D61-5AC32D076C43}] => (Allow) LPort=2869 FirewallRules: [{A633F620-FB6E-44B6-AE20-F9735B491D79}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{CFE425C9-81BB-4A81-8369-BEB05E2EAF23}C:\users\martyna\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\martyna\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{2ED56141-3092-4031-918C-6016DDD731AE}C:\users\martyna\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\martyna\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{04B6B5F1-68C5-457F-9A94-230CEEA271F2}C:\users\martyna\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\martyna\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{E7629360-3A46-4361-88FA-165D8AD59FAF}C:\users\martyna\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\martyna\appdata\roaming\spotify\spotify.exe FirewallRules: [{4809F7BE-23A0-495F-BF14-A31F5C0A8212}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{50D31DAC-74C3-4531-B1AC-B536D498989D}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [TCP Query User{E02A05B2-F2A7-4E95-B50B-00565B1C3D67}C:\program files\graphisoft\archicad 18\licensefilegenerator.exe] => (Allow) C:\program files\graphisoft\archicad 18\licensefilegenerator.exe FirewallRules: [UDP Query User{A2D78FF8-FC64-41CD-B221-C27252D2DDF7}C:\program files\graphisoft\archicad 18\licensefilegenerator.exe] => (Allow) C:\program files\graphisoft\archicad 18\licensefilegenerator.exe FirewallRules: [{F1F08F6B-0084-45B8-8EF5-4C398FBAD87B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{94C13886-C27F-4ED3-8A34-7518DC99A9DC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{15993311-154A-4358-9F3F-2827B0576EDF}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe FirewallRules: [{74129EBC-3F12-43E2-ABE1-D0D5AB621FCC}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe FirewallRules: [{2B6691A1-3674-430B-B8B2-97D97676530B}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{58D28B8E-D294-4CFD-9EAD-1404D39A88B2}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{E9BBCF83-88F7-4415-B093-E7C698CFE0BD}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{527D7F6B-DABF-4FEC-8B0E-7BA4E8196F87}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{D067A096-4D20-4884-94A2-665D4322EDE6}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: USB2.0-CRW Description: USB2.0-CRW Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (11/29/2015 03:12:48 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Service_KMS.exe, wersja: 14.0.0.5, sygnatura czasowa: 0x544c78bf Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.3.9600.18007, sygnatura czasowa: 0x55c4c341 Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x000000000000871c Identyfikator procesu powodującego błąd: 0xccc Godzina uruchomienia aplikacji powodującej błąd: 0xService_KMS.exe0 Ścieżka aplikacji powodującej błąd: Service_KMS.exe1 Ścieżka modułu powodującego błąd: Service_KMS.exe2 Identyfikator raportu: Service_KMS.exe3 Pełna nazwa pakietu powodującego błąd: Service_KMS.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: Service_KMS.exe5 Error: (11/29/2015 03:12:33 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: Service_KMS.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.ArgumentOutOfRangeException Stos: w System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].RemoveAt(Int32) w Service_KMS.Logging.FileLogger.ᜀ(System.String ByRef) w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) w System.Threading.ThreadHelper.ThreadStart() Error: (11/29/2015 02:55:04 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Camera.exe w wersji 6.3.9600.17418 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 1530 Godzina rozpoczęcia: 01d12aacad467c54 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Windows\Camera\Camera.exe Identyfikator raportu: f8fe283e-969f-11e5-82d7-6036ddf83e72 Pełna nazwa pakietu powodującego błąd: Microsoft.MoCamera_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy Identyfikator aplikacji względem pakietu powodującego błąd: Microsoft.Camera Error: (11/29/2015 02:49:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUTER) Description: Aktywacja aplikacji Microsoft.MoCamera_cw5n1h2txyewy!Microsoft.Camera nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (11/29/2015 02:49:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: COMPUTER) Description: Aplikacja Microsoft.MoCamera_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy+Microsoft.Camera nie została uruchomiona w wyznaczonym czasie. Error: (11/29/2015 02:35:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUTER) Description: Aktywacja aplikacji Microsoft.MoCamera_cw5n1h2txyewy!Microsoft.Camera nie powiodła się. Błąd: -2144927150. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (11/29/2015 02:35:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (11/29/2015 02:35:31 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury ConvertStringSidToSid(S-1-5-21-492168682-3674762022-4208976723-500.bak). hr = 0x80070539, Struktura identyfikatora zabezpieczenia jest nieprawidłowa. . Operacja: Zdarzenie OnIdentify Zbieranie danych modułu zapisującego Kontekst: Kontekst wykonywania: Shadow Copy Optimization Writer Identyfikator klasy modułu zapisującego: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Nazwa modułu zapisującego: Shadow Copy Optimization Writer Identyfikator wystąpienia modułu zapisującego: {0e0b459e-b82d-4450-8b45-23a8af8531c8} Error: (11/29/2015 02:35:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUTER) Description: Aktywacja aplikacji Microsoft.MoCamera_cw5n1h2txyewy!Microsoft.Camera nie powiodła się. Błąd: -2144927150. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (11/27/2015 00:48:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUTER) Description: Aktywacja aplikacji FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy:Microsoft.Windows.PhotoManager nie powiodła się. Błąd: -2144927150. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Dziennik System: ============= Error: (11/29/2015 04:16:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070002: Aktualizacja zabezpieczeń systemu Windows 8.1 dla systemów opartych na procesorach x64 (KB3069114). Error: (11/29/2015 04:15:01 PM) (Source: DCOM) (EventID: 10010) (User: COMPUTER) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (11/29/2015 04:14:30 PM) (Source: DCOM) (EventID: 10010) (User: COMPUTER) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (11/29/2015 04:14:02 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error: (11/29/2015 03:13:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Service KMSELDI niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (11/29/2015 03:12:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 z powodu następującego błędu: %%1053 Error: (11/29/2015 03:12:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0. Error: (11/29/2015 03:10:00 PM) (Source: BTHUSB) (EventID: 30) (User: ) Description: Lokalny adapter nie obsługuje ważnego stanu kontrolera funkcji Low Energy. Minimalna wymagana obsługiwana maska stanu to 0x1f7fffff, a uzyskano 0x1f3fffff. Funkcja Low Energy zostanie wyłączona. Error: (11/29/2015 03:09:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070002: Aktualizacja zabezpieczeń systemu Windows 8.1 dla systemów opartych na procesorach x64 (KB3069114). Error: (11/29/2015 03:05:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 z powodu następującego błędu: %%1053 CodeIntegrity: =================================== Date: 2015-11-29 16:14:38.550 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-29 15:14:51.866 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-29 14:51:18.292 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-29 14:51:18.281 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-29 14:38:27.360 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-29 14:38:27.360 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-29 14:38:27.360 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-29 14:38:27.360 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-29 14:38:27.141 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-29 14:38:27.141 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz Procent pamięci w użyciu: 40% Całkowita pamięć fizyczna: 3957.6 MB Dostępna pamięć fizyczna: 2344.67 MB Całkowita pamięć wirtualna: 7541.6 MB Dostępna pamięć wirtualna: 5251.2 MB ==================== Dyski ================================ Drive c: (SYSTEM) (Fixed) (Total:194.97 GB) (Free:77.44 GB) NTFS Drive e: (Pliki) (Fixed) (Total:443.21 GB) (Free:433.41 GB) exFAT Drive f: (Programy) (Fixed) (Total:292.96 GB) (Free:187.77 GB) exFAT ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9ED40981) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=293 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=443.2 GB) - (Type=OF Extended) ==================== Koniec Addition.txt ============================

AdwCleaner

Kod: Zaznacz wszystko: # AdwCleaner v5.022 - Utworzono raport 29/11/2015 o 16:28:58 # Ostatnia aktualizacja 22/11/2015 przez Xplode # Baza danych : 2015-11-29.2 [Serwer] # System operacyjny : Windows 8.1 Pro (x64) # Nazwa użytkownika : Martyna - COMPUTER # Lokalizacja programu : C:\Users\Martyna\Downloads\AdwCleaner.exe # Działanie : Usuń # Wsparcie : http://toolslib.net/forum ***** [ Usługi ] ***** [-] Usługa usunięto : iSafeKrnl [-] Usługa usunięto : iSafeKrnlBoot [-] Usługa usunięto : iSafeKrnlKit [-] Usługa usunięto : iSafeKrnlMon [-] Usługa usunięto : iSafeKrnlR3 [-] Usługa usunięto : iSafeNetFilter [-] Usługa usunięto : iSafeService [-] Usługa usunięto : winzipersvc [-] Usługa usunięto : PicexaService [-] Usługa usunięto : IhPul [-] Usługa usunięto : Service KMSELDI ***** [ Foldery ] ***** [-] Folder usunięto : C:\Program Files\kmspico [-] Folder usunięto : C:\Program Files (x86)\WinZipper [#] Folder usunięto : C:\Program Files (x86)\Elex-tech [-] Folder usunięto : C:\Program Files (x86)\Picexa [-] Folder usunięto : C:\Program Files (x86)\SFK [-] Folder usunięto : C:\ProgramData\2WdsManPro2 [-] Folder usunięto : C:\ProgramData\MWMiniProM [-] Folder usunięto : C:\ProgramData\ZWdsManProZ [-] Folder usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper [-] Folder usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picexa [-] Folder usunięto : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\kmspico [-] Folder usunięto : C:\Users\Martyna\AppData\Roaming\WinZipper [#] Folder usunięto : C:\Users\Martyna\AppData\Roaming\Elex-tech [-] Folder usunięto : C:\Users\Martyna\AppData\Roaming\Picexa Viewer [-] Folder usunięto : C:\Users\Martyna\AppData\Roaming\TSv [-] Folder usunięto : C:\Windows\SysWOW64\C2MP ***** [ Pliki ] ***** [-] Plik usunięto : C:\Users\Martyna\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Picexa.lnk [-] Plik usunięto : C:\Windows\SysNative\log\iSafeKrnlCall.log [-] Plik usunięto : C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys [-] Plik usunięto : C:\Windows\SysNative\drivers\iSafeNetFilter.sys ***** [ DLLs ] ***** ***** [ Skróty ] ***** [-] Skrót wyleczono : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk [-] Skrót wyleczono : C:\Users\Martyna\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk ***** [ Zaplanowane zadania ] ***** ***** [ Rejestr ] ***** [-] Klucz usunięto : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper [-] Klucz usunięto : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper [-] Klucz usunięto : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper [-] Klucz usunięto : HKLM\SOFTWARE\Classes\PicexaViewer.bmp [-] Klucz usunięto : HKLM\SOFTWARE\Classes\PicexaViewer.gif [-] Klucz usunięto : HKLM\SOFTWARE\Classes\PicexaViewer.jpeg [-] Klucz usunięto : HKLM\SOFTWARE\Classes\PicexaViewer.jpg [-] Klucz usunięto : HKLM\SOFTWARE\Classes\PicexaViewer.png [-] Klucz usunięto : HKLM\SOFTWARE\Classes\PicexaViewer.tif [-] Klucz usunięto : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper [-] Klucz usunięto : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.001 [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.7z [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.arj [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.bz2 [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.bzip2 [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.cab [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.cpio [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.deb [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.dmg [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.fat [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.gz [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.gzip [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.hfs [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.iso [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.lha [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.lzh [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.lzma [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.ntfs [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.rar [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.rpm [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.squashfs [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.swm [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.tar [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.taz [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.tbz [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.tbz2 [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.tgz [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.tpz [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.txz [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.vhd [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.wim [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.xar [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.xz [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.z [-] Klucz usunięto : HKLM\SOFTWARE\Classes\WinZipper.zip [-] Klucz usunięto : [x64] HKLM\SOFTWARE\Classes\CLSID\{4F622628-7632-4B28-B184-D7BA0CA3273B} [-] Klucz usunięto : HKCU\Software\V9 [-] Klucz usunięto : HKLM\SOFTWARE\delta-homesSoftware [-] Klucz usunięto : HKLM\SOFTWARE\hdcode [-] Klucz usunięto : HKLM\SOFTWARE\V9 [-] Klucz usunięto : HKLM\SOFTWARE\winzipersvc [-] Klucz usunięto : HKLM\SOFTWARE\Elex-tech [-] Klucz usunięto : HKLM\SOFTWARE\PicexaSvc [-] Klucz usunięto : HKLM\SOFTWARE\Picexa [-] Klucz usunięto : HKLM\SOFTWARE\WdsManPro [-] Klucz usunięto : HKLM\SOFTWARE\TSv [-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe [-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper [-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Picexa [-] Klucz usunięto : HKU\.DEFAULT\Software\Elex-tech [-] Dane wartości przywrócono : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Dane wartości przywrócono : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] [-] Dane wartości przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] [-] Dane wartości przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] [-] Dane wartości przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] [-] Dane wartości przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] [-] Dane wartości przywrócono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] [-] Dane wartości przywrócono : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] [-] Dane wartości przywrócono : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Dane wartości przywrócono : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] [!] Dane wartości Nie przywrócono : HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main [Start Page] [!] Dane wartości Nie przywrócono : HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] [-] Klucz usunięto : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} [-] Dane wartości przywrócono : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [-] Klucz usunięto : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} [-] Dane wartości przywrócono : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [-] Klucz usunięto : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} [-] Dane wartości przywrócono : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [-] Klucz usunięto : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} [-] Dane wartości przywrócono : HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [-] Klucz usunięto : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} [-] Dane wartości przywrócono : HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [!] Klucz Nie usunięto : HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} [!] Dane wartości Nie przywrócono : HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [!] Klucz Nie usunięto : HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} ***** [ Przeglądarki internetowe ] ***** [-] [C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] usunięto : delta-homes [-] [C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] usunięto : v9 [-] [C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] usunięto : hxxp://www.v9.com?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z [-] [C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] usunięto : hxxp://search.delta-homes.com/webfavicon.ico [-] [C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] usunięto : hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} [-] [C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] usunięto : hxxp://www.v9.com?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z ************************* :: "Tracing" klucze usunięta :: Zresetowano ustawienia Winsock ########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [10581 bajty] ##########

**Posty:** 4765 · przez **ordynat** 29 Lis 2015, 18:09

Logi FRST są nieaktualne - po ich zrobieniu był użyty Adw-Cleaner.
.

**Posty:** 118 · przez **4_life** 29 Lis 2015, 18:42

Oto aktualne logi

FRST

Kod: Zaznacz wszystko: Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:28-11-2015 Uruchomiony przez Martyna (administrator) COMPUTER (29-11-2015 17:36:25) Uruchomiony z C:\Users\Martyna\Desktop\czyszczenie Załadowane profile: Martyna & UpdatusUser (Dostępne profile: Martyna & UpdatusUser) Platform: Windows 8.1 Pro (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (Elex do Brasil cenzura!ções Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe (Elex do Brasil cenzura!ções Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe (Intel Corporation) C:\Windows\System32\SET7B19.tmp (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Big Muscle) C:\AeroGlass\aerohost.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Elex do Brasil cenzura!ções Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avBugReport.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\drvinst.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [StartIsBackTR] => C:\Program Files (x86)\StartIsBack\SIBTR.exe [319435 2013-03-04] () HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-11] (AVAST Software) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [477064 2013-12-22] (Autodesk Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1 HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKLM\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd) HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\Run: [Spotify Web Helper] => C:\Users\Martyna\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-20] (Spotify Ltd) HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\Run: [Spotify] => C:\Users\Martyna\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-20] (Spotify Ltd) HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\MountPoints2: {92032d7e-bab0-11e4-8263-6036ddf83e6e} - "D:\SETUP.EXE" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\MountPoints2: {bc9d38d4-9372-11e5-82d6-6036ddf83e72} - "H:\start.exe" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\MountPoints2: {bc9d4005-9372-11e5-82d6-6036ddf83e72} - "H:\LGAutoRun.exe" HKU\S-1-5-18\...\Run: [tiny.cmd] => C:\Windows\System32\tiny\tiny.cmd HKU\S-1-5-18\...\Run: [] => 0 AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [326224 2013-08-01] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-27] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2015-11-25] ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG) GroupPolicy: Ograniczenia - Chrome <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 86.63.64.48 86.63.64.49 Tcpip\..\Interfaces\{423147C8-7EFB-466B-B3DE-1609016EF4DC}: [DhcpNameServer] 86.63.64.48 86.63.64.49 Tcpip\..\Interfaces\{8D3BC2DD-DD2A-4A5F-B8B0-53A948C2B3F3}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z URLSearchHook: [S-1-5-21-492168682-3674762022-4208976723-1002] UWAGA => Brak domyślnego URLSearchHook SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = SearchScopes: HKLM-x32 -> DefaultScope - brak wartości SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-20 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1002 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1002 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} BHO: Brak nazwy -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Windows\system32\OldNewExplorer64.dll [2014-07-20] (www.startisback.com) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-27] (AVAST Software) BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-01] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-27] (AVAST Software) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-01] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-01-21] (Microsoft Corporation) FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-01] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-01] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-27] [Brak podpisu cyfrowego] Chrome: ======= CHR HomePage: Default -> hxxp://www.v9.com?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z CHR StartupUrls: Default -> "hxxp://www.v9.com?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z" CHR DefaultSearchURL: Default -> hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} CHR DefaultSearchKeyword: Default -> v9 CHR Profile: C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-02] CHR Extension: (Dokumenty Google) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-02] CHR Extension: (Dysk Google) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23] CHR Extension: (Video AdBlock for Chrome) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-09-02] CHR Extension: (YouTube) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29] CHR Extension: (Adblock Plus) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-28] CHR Extension: (Google Search) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-25] CHR Extension: (Arkusze Google) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-02] CHR Extension: (Dokumenty Google offline) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03] CHR Extension: (Avast Online Security) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-02] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-02] CHR Extension: (Gmail) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-02] CHR HKU\S-1-5-21-492168682-3674762022-4208976723-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-27] Opera: ======= OPR Extension: (Adblock Plus) - C:\Users\Martyna\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-11-25] OPR Extension: (Google Translate) - C:\Users\Martyna\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcfaommkmdjacdkbaoohklbccfmbnnod [2015-09-11] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-27] (AVAST Software) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-08] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-08] (Dropbox, Inc.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-08-19] (Elex do Brasil cenzura!ções Ltda) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [Brak podpisu cyfrowego] R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.) S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-27] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-27] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-27] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-27] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-11] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-11] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-27] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-27] (AVAST Software) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-02-22] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [260856 2015-05-14] (Elex do Brasil cenzura!ções Ltda) R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2015-08-19] (Elex do Brasil cenzura!ções Ltda) R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2015-08-19] (Elex do Brasil cenzura!ções Ltda) R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2015-08-19] (Elex do Brasil cenzura!ções Ltda) R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-06-30] (Elex do Brasil cenzura!ções Ltda) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation) R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) U4 clr_optimization_v2.0.50727_32; Brak ImagePath U4 clr_optimization_v2.0.50727_64; Brak ImagePath U4 clr_optimization_v4.0.30319_32; Brak ImagePath U4 clr_optimization_v4.0.30319_64; Brak ImagePath ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-29 17:31 - 2015-11-29 17:31 - 00000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2015-11-29 17:25 - 2013-10-29 00:38 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-11-29 17:23 - 2015-11-29 17:23 - 00000000 ____D C:\temp 2015-11-29 17:21 - 2015-11-29 17:22 - 00000000 ____D C:\Windows\LastGood 2015-11-29 17:19 - 2015-11-29 17:19 - 00001146 _____ C:\Users\UpdatusUser\Desktop\EVEREST Home Edition.lnk 2015-11-29 17:19 - 2015-11-29 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys 2015-11-29 17:19 - 2015-11-29 17:19 - 00000000 ____D C:\Program Files (x86)\Lavalys 2015-11-29 17:17 - 2015-11-29 17:18 - 04179293 _____ (Lavalys, Inc. ) C:\Users\Martyna\Downloads\everesthome220(dobreprogramy.pl).exe 2015-11-29 17:13 - 2015-11-29 17:13 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf 2015-11-29 17:12 - 2015-11-29 17:12 - 00000000 ____D C:\iBTWU 2015-11-29 16:45 - 2015-11-29 16:46 - 00210019 _____ (UltraDefrag Development Team) C:\Users\Martyna\Downloads\ultradefrag-7.0.0-beta4.bin.amd64.exe 2015-11-29 16:42 - 2015-11-29 16:46 - 00000000 ____D C:\Program Files\UltraDefrag 2015-11-29 16:42 - 2015-11-29 16:42 - 00000886 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraDefrag.lnk 2015-11-29 16:41 - 2015-11-29 16:41 - 00689659 _____ (UltraDefrag Development Team) C:\Users\Martyna\Downloads\ultradefrag-6.1.1.bin.amd64.exe 2015-11-29 16:39 - 2015-11-29 16:40 - 00844670 _____ (UltraDefrag Development Team) C:\Users\Martyna\Downloads\ultradefrag-6.1.1.bin.ia64.exe 2015-11-29 16:34 - 2015-06-30 03:50 - 00052392 _____ (Elex do Brasil cenzura!ções Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys 2015-11-29 16:33 - 2015-11-29 16:33 - 00000000 ____H C:\ProgramData\cm-lock 2015-11-29 16:32 - 2015-11-29 16:32 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Elex-tech 2015-11-29 16:22 - 2015-11-29 16:22 - 01733632 _____ C:\Users\Martyna\Downloads\AdwCleaner.exe 2015-11-29 16:17 - 2015-11-29 17:36 - 00000000 ____D C:\Users\Martyna\Desktop\czyszczenie 2015-11-29 16:17 - 2015-11-29 17:36 - 00000000 ____D C:\FRST 2015-11-29 16:15 - 2015-11-29 16:15 - 02349056 _____ (Farbar) C:\Users\Martyna\Downloads\FRST64.exe 2015-11-29 14:49 - 2015-11-29 14:49 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2015-11-29 14:45 - 2015-11-29 14:45 - 00000000 ____D C:\Users\Martyna\AppData\Local\VirtualStore 2015-11-27 11:06 - 2015-11-27 11:07 - 00000000 ____D C:\Users\Martyna\Desktop\15.11.15 2015-11-25 17:55 - 2015-11-25 17:58 - 00000000 ____D C:\Users\Martyna\Downloads\UMYWALKA CITTERIO.3DS 2015-11-25 17:55 - 2015-11-25 17:55 - 02173042 _____ C:\Users\Martyna\Downloads\UMYWALKA CITTERIO.3DS.zip 2015-11-25 14:15 - 2015-11-25 14:15 - 00401049 _____ C:\Users\Martyna\Downloads\citterio-kibelek.3ds 2015-11-25 14:14 - 2015-11-25 14:14 - 00000000 ____D C:\Users\Martyna\Downloads\citterio kibelekk 2015-11-25 14:13 - 2015-11-25 14:13 - 00446948 _____ C:\Users\Martyna\Downloads\citterio kibelekk.zip 2015-11-25 14:13 - 2015-11-25 14:13 - 00000000 ____D C:\Users\Martyna\Downloads\citterio kibelek 2015-11-25 14:09 - 2015-11-25 14:09 - 00375556 _____ C:\Users\Martyna\Downloads\citterio kibelek.zip 2015-11-25 13:50 - 2015-11-25 13:50 - 00000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-11-25 13:44 - 2015-11-25 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter 2015-11-25 13:44 - 2015-11-25 13:44 - 00000000 ____D C:\ProgramData\CodeMeter 2015-11-25 13:44 - 2015-11-25 13:44 - 00000000 ____D C:\Program Files\WIBU-SYSTEMS 2015-11-25 13:44 - 2015-11-25 13:44 - 00000000 ____D C:\Program Files\CodeMeter 2015-11-25 13:44 - 2015-11-25 13:44 - 00000000 ____D C:\Program Files (x86)\CodeMeter 2015-11-25 13:37 - 2015-11-25 13:37 - 00375556 _____ C:\Users\Martyna\Downloads\7026L43100caddecor.zip 2015-11-24 15:39 - 2015-11-24 15:39 - 00204712 _____ C:\Users\Martyna\Downloads\Baby+Changing+Station.skp 2015-11-24 09:19 - 2015-11-24 09:19 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2015-11-23 19:33 - 2015-11-23 19:33 - 00000000 ____D C:\Users\Martyna\Documents\Adobe 2015-11-23 18:36 - 2015-11-23 18:36 - 00036793 _____ C:\Users\Martyna\Downloads\GRAWER.pdf 2015-11-22 14:12 - 2015-11-22 14:12 - 03374967 _____ C:\Users\Martyna\Downloads\Toalha.skp 2015-11-22 14:10 - 2015-11-22 14:10 - 00235524 _____ C:\Users\Martyna\Downloads\Senza.skp 2015-11-22 14:10 - 2015-11-22 14:10 - 00235524 _____ C:\Users\Martyna\Downloads\Senza (1).skp 2015-11-22 14:05 - 2015-11-22 14:05 - 00164597 _____ C:\Users\Martyna\Downloads\towel+ring.skp 2015-11-22 13:46 - 2015-11-22 13:46 - 01368768 _____ C:\Users\Martyna\Downloads\Towels+by+Own+Design+Rendering.skp 2015-11-22 13:38 - 2015-11-22 13:38 - 00676280 _____ C:\Users\Martyna\Downloads\Untitled.skp 2015-11-22 13:32 - 2015-11-22 13:32 - 00808333 _____ C:\Users\Martyna\Downloads\bathroom_personalcare_set.skp 2015-11-22 11:58 - 2015-11-22 12:20 - 00000090 _____ C:\Users\Martyna\Desktop\SANITARNY.txt 2015-11-22 11:24 - 2015-11-22 11:28 - 42759329 _____ C:\Users\Martyna\Downloads\sh+1+%282%29 (1).skp 2015-11-20 13:04 - 2015-11-20 13:04 - 00003872 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1441966932 2015-11-20 13:04 - 2015-11-20 13:04 - 00001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-11-20 12:58 - 2015-11-03 01:23 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-20 12:58 - 2015-11-03 01:23 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-20 11:42 - 2015-11-20 11:42 - 00089600 _____ (UltraDefrag Development Team) C:\Windows\system32\udefrag.exe 2015-11-20 11:42 - 2015-11-20 11:42 - 00013312 _____ (UltraDefrag Development Team) C:\Windows\system32\hibernate4win.exe 2015-11-20 11:42 - 2015-11-20 11:42 - 00012288 _____ (UltraDefrag Development Team) C:\Windows\system32\bootexctrl.exe 2015-11-20 11:41 - 2015-11-20 11:41 - 00394752 _____ (UltraDefrag Development Team) C:\Windows\system32\defrag_native.exe 2015-11-20 11:41 - 2015-11-20 11:41 - 00132608 _____ C:\Windows\system32\lua5.1a.dll 2015-11-20 11:41 - 2015-11-20 11:41 - 00055808 _____ (UltraDefrag Development Team) C:\Windows\system32\udefrag.dll 2015-11-20 11:41 - 2015-11-20 11:41 - 00033792 _____ (UltraDefrag Development Team) C:\Windows\system32\wgx.dll 2015-11-20 11:40 - 2015-11-20 11:40 - 00337920 _____ (UltraDefrag Development Team) C:\Windows\system32\zenwinx.dll 2015-11-18 21:23 - 2015-11-18 21:23 - 11517544 _____ C:\Users\Martyna\Documents\1.skp 2015-11-18 21:23 - 2015-11-18 14:07 - 11528102 _____ C:\Users\Martyna\Documents\1.skb 2015-11-16 17:09 - 2015-11-16 17:09 - 00319299 _____ C:\Users\Martyna\Desktop\PENSJONAT.pdf 2015-11-15 21:47 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2015-11-15 21:47 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2015-11-12 22:50 - 2015-11-12 22:50 - 00026880 _____ (Western Digital Technologies, Inc.) C:\Windows\system32\Drivers\wdcsam64.sys 2015-11-12 15:26 - 2015-11-12 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-11-11 19:49 - 2015-11-11 19:49 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2015-11-11 19:49 - 2015-11-11 19:49 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2015-11-11 14:48 - 2015-11-11 14:48 - 00000000 ____D C:\Users\Martyna\Downloads\kanapa-bar 2015-11-11 13:03 - 2015-11-11 13:03 - 00000000 ____D C:\Users\Martyna\Downloads\hekry2-club 2015-11-11 13:01 - 2015-11-11 13:09 - 00000000 ____D C:\Users\Martyna\Downloads\hokery-club 2015-11-11 09:29 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys 2015-11-11 09:28 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys 2015-11-11 09:28 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe 2015-11-11 09:28 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-11-11 09:28 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-11-11 09:28 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2015-11-11 09:28 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2015-11-11 08:51 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-11 08:51 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-11-11 08:51 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-11-11 08:51 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-11-11 08:50 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2015-11-11 08:50 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2015-11-11 08:50 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-11-11 08:50 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-11-11 08:50 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2015-11-11 08:50 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2015-11-11 08:50 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-11-11 08:50 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-11-11 08:50 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-11-11 08:50 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-11-11 08:50 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-11-11 08:50 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-11-11 08:50 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-11 08:50 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-11-11 08:50 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-11-11 08:49 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2015-11-11 08:49 - 2015-09-07 17:21 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll 2015-11-11 08:49 - 2015-09-07 17:17 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll 2015-11-11 08:49 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2015-11-11 08:49 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2015-11-11 08:48 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-11 08:48 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-11 08:48 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-11-11 08:48 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-11-11 08:48 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-11-11 08:48 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-11-11 08:48 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml 2015-11-11 08:46 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-11-11 08:46 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-11-11 08:46 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-11-11 08:46 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-11-11 08:46 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-11-11 08:46 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-11-11 08:46 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-11-11 08:46 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-11-11 08:46 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-11-11 08:46 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-11-11 08:46 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-11-11 08:46 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-11-11 08:42 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-11 08:42 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-11 08:42 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-11 08:42 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-11 08:42 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-11 08:42 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-11-11 08:42 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-11-11 08:42 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-11-11 08:42 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-11-11 08:42 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-11-11 08:42 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-11-11 08:42 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-11 08:42 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-11 08:42 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-11 08:42 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-11-11 08:42 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-11-11 08:42 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-11-11 08:42 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-11-11 08:42 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-11 08:42 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-11-11 08:42 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-11-11 08:42 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-11-11 08:42 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-11-11 08:41 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2015-11-11 08:41 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2015-11-11 08:41 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2015-11-11 08:41 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2015-11-11 08:41 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2015-11-11 08:41 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2015-11-11 08:41 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2015-11-05 12:29 - 2015-11-05 12:29 - 00000000 ____D C:\Users\Martyna\Downloads\HG_3D_Axor_Citterio_M 2015-11-05 12:29 - 2015-11-05 12:29 - 00000000 ____D C:\Users\Martyna\Downloads\HG_3D_Axor_Citterio_E 2015-11-05 12:29 - 2015-11-05 12:29 - 00000000 ____D C:\Users\Martyna\Downloads\HG_3D_Axor_Citterio 2015-11-04 11:18 - 2015-11-05 20:31 - 00000189 _____ C:\Users\Martyna\Desktop\prezenty.txt 2015-11-04 08:30 - 2015-11-29 16:29 - 00000000 ____D C:\Windows\system32\log 2015-11-04 08:30 - 2015-11-04 08:30 - 00000000 ____D C:\Program Files (x86)\Elex-tech 2015-10-31 10:35 - 2015-10-31 10:35 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-492168682-3674762022-4208976723-1001 2015-10-30 16:38 - 2015-10-30 16:40 - 00000000 ____D C:\Users\Martyna\Downloads\lampa - stoliki ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-11-29 17:39 - 2015-02-22 16:20 - 00000000 ____D C:\ProgramData\NVIDIA 2015-11-29 17:37 - 2015-02-22 15:02 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-492168682-3674762022-4208976723-1001 2015-11-29 17:36 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2015-11-29 17:32 - 2015-09-18 08:27 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-29 17:32 - 2015-09-18 08:27 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-29 17:31 - 2015-06-08 15:23 - 00001168 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2015-11-29 17:31 - 2015-02-22 16:15 - 00000000 __SHD C:\Users\Martyna\IntelGraphicsProfiles 2015-11-29 17:24 - 2015-06-08 15:23 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2015-11-29 17:21 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2015-11-29 17:20 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2015-11-29 17:07 - 2015-09-29 11:06 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Spotify 2015-11-29 17:06 - 2015-09-29 11:08 - 00000000 ____D C:\Users\Martyna\AppData\Local\Spotify 2015-11-29 17:06 - 2015-09-23 09:37 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-29 16:32 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-29 16:29 - 2015-02-22 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-11-29 16:28 - 2015-06-07 16:59 - 00000000 ____D C:\AdwCleaner 2015-11-29 15:07 - 2015-06-08 15:26 - 00000000 ___RD C:\Users\Martyna\Dropbox 2015-11-29 14:57 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-11-29 14:50 - 2014-03-18 10:56 - 01825074 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-29 14:50 - 2014-03-18 10:28 - 00807160 _____ C:\Windows\system32\perfh015.dat 2015-11-29 14:50 - 2014-03-18 10:28 - 00163478 _____ C:\Windows\system32\perfc015.dat 2015-11-29 14:49 - 2015-08-11 19:49 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-11-29 14:47 - 2015-06-08 15:23 - 00000000 ____D C:\Users\Martyna\AppData\Local\Dropbox 2015-11-28 12:59 - 2015-09-14 07:21 - 00000992 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-11-28 12:37 - 2015-03-04 10:49 - 00000321 _____ C:\Users\Martyna\Documents\BIMx_Export_Log.txt 2015-11-28 12:37 - 2015-03-04 10:48 - 00000000 ____D C:\Users\Martyna\Graphisoft 2015-11-27 12:55 - 2015-04-16 09:45 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\vlc 2015-11-27 09:48 - 2015-03-04 10:49 - 00000000 ____D C:\Users\Martyna\Documents\BIMx 2015-11-26 16:33 - 2015-02-23 18:00 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Abvent_Artlantis5 2015-11-26 16:25 - 2015-02-23 17:16 - 00000000 ____D C:\Program Files\Artlantis Studio 5 2015-11-25 16:07 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\FxsTmp 2015-11-25 13:52 - 2015-03-04 10:48 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Graphisoft 2015-11-25 13:42 - 2015-02-23 18:02 - 00006536 _____ C:\Windows\vpd.properties 2015-11-25 13:40 - 2015-02-23 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRAPHISOFT 2015-11-25 12:44 - 2015-02-23 17:57 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Install.GS 2015-11-24 03:07 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2015-11-23 19:33 - 2015-02-22 14:57 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Adobe 2015-11-20 21:25 - 2014-11-11 22:20 - 00000000 ____D C:\Windows\system32\MRT 2015-11-20 21:20 - 2015-03-16 19:09 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-11-20 13:04 - 2015-09-01 22:08 - 00000000 ____D C:\Program Files (x86)\Opera 2015-11-20 12:54 - 2013-08-22 15:44 - 05029000 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-20 12:49 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData 2015-11-19 17:11 - 2015-02-22 14:56 - 00000000 ____D C:\Users\Martyna\AppData\Local\Packages 2015-11-16 15:07 - 2015-10-09 07:22 - 00000000 ____D C:\Users\Martyna\Desktop\PORTFOLIO 2015-11-12 18:17 - 2015-02-23 17:01 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-11-12 15:24 - 2015-06-08 15:23 - 00000000 ____D C:\Program Files (x86)\Dropbox 2015-11-12 15:09 - 2015-08-22 10:25 - 00000000 ____D C:\Users\Martyna\Desktop\Filmy 2015-11-12 10:37 - 2015-02-23 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-11-10 21:34 - 2015-02-22 14:56 - 00000000 ____D C:\Users\Martyna 2015-11-10 19:06 - 2015-09-23 09:37 - 00003818 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-10 19:06 - 2015-09-14 07:21 - 00003960 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2015-11-04 15:13 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF 2015-11-04 11:06 - 2015-02-22 16:23 - 00000000 ____D C:\Users\UpdatusUser 2015-11-04 08:31 - 2015-02-22 14:57 - 00001492 _____ C:\Users\Martyna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-11-04 08:31 - 2014-11-11 21:33 - 00001462 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-10-31 10:35 - 2015-08-26 08:36 - 00000000 ___RD C:\Users\Martyna\OneDrive 2015-10-30 14:20 - 2015-10-25 11:31 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-10-30 14:20 - 2015-10-25 11:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-03-18 16:47 - 2015-07-13 09:01 - 0000132 _____ () C:\Users\Martyna\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe 2015-08-26 10:37 - 2015-08-26 10:41 - 0000161 _____ () C:\Users\Martyna\AppData\Roaming\settings.xml 2015-08-27 07:57 - 2015-09-02 20:30 - 0029184 _____ () C:\Users\Martyna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-11-29 16:33 - 2015-11-29 16:33 - 0000000 ____H () C:\ProgramData\cm-lock 2015-11-24 09:19 - 2015-11-24 09:19 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Pliki do przeniesienia lub usunięcia: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Niektóre pliki w TEMP: ==================== C:\Users\Martyna\AppData\Local\Temp\AcDeltree.exe C:\Users\Martyna\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsbmlsd.dll C:\Users\Martyna\AppData\Local\Temp\FNP_ACT_InstallerCA.dll C:\Users\Martyna\AppData\Local\Temp\ICSW1.14_0R0S1E1T1C1J1.14.exe C:\Users\Martyna\AppData\Local\Temp\ose00000.exe C:\Users\Martyna\AppData\Local\Temp\Quarantine.exe C:\Users\Martyna\AppData\Local\Temp\sqlite3.dll C:\Users\Martyna\AppData\Local\Temp\StartIsBack_update.exe ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-11-27 08:59 ==================== Koniec FRST.txt ============================

Addition

Kod: Zaznacz wszystko: Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:28-11-2015 Uruchomiony przez Martyna (2015-11-29 17:39:35) Uruchomiony z C:\Users\Martyna\Desktop\czyszczenie Windows 8.1 Pro (X64) (2015-02-22 13:55:23) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-492168682-3674762022-4208976723-500 - Administrator - Disabled) Gość (S-1-5-21-492168682-3674762022-4208976723-501 - Limited - Disabled) Martyna (S-1-5-21-492168682-3674762022-4208976723-1001 - Administrator - Enabled) => C:\Users\Martyna UpdatusUser (S-1-5-21-492168682-3674762022-4208976723-1002 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 3DS Export for SketchUp (HKLM-x32\...\3DS Export for SketchUp_is1) (Version: - SYCODE) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Aero Glass for Win8.1 (HKLM\...\Aero Glass for Win8.1_is1) (Version: 1.2.5 - Big Muscle) ArchiCAD 18 POL (HKLM\...\001FFF2FFF18FF00FF1801F01F02F000-R1) (Version: 18.0 - GRAPHISOFT) Artlantis 5 Exporter for SketchUp 8 (HKLM-x32\...\Abvent_Skp8toATL5) (Version: - ) Artlantis 5 Exporter for SketchUp Pro 2015 32-Bit (HKLM-x32\...\Abvent_SkpPro2015_32BittoATL5) (Version: - Abvent R&D) Artlantis Studio 5.1.2.4 (64 bit) (HKLM\...\Artlantis Studio 5 (64 bit)) (Version: 5.1.2.4 - Abvent R&D) Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk) Autodesk 3ds Max Design 2015 (HKLM\...\Autodesk 3ds Max Design 2015) (Version: 17.3.374.0 - Autodesk) Autodesk 3ds Max Design 2015 (Version: 17.3.374.0 - Autodesk) Hidden Autodesk 3ds Max Design 2015 SP3 (HKLM\...\Autodesk 3ds Max Design 2015 SP3) (Version: 17.3.374.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk) Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk) Autodesk Civil View for 3ds Max Design 2015 64-bit (HKLM\...\{1C4FFAF0-5DBB-4F7A-A386-46747D060826}) (Version: 17.0.0.0 - Autodesk) Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk) Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden Autodesk Inventor Server Engine for 3ds Max Design 2015 (HKLM\...\{D7DEFF4A-BB64-48CC-81AB-845BA62D6032}) (Version: 17.0 - Autodesk) Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk) Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk) Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.107.0 - Autodesk) Hidden Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software) CodeMeter Runtime Kit v5.10a (HKLM\...\{CADFF08A-A157-474F-B6A8-8F26F81F7ABE}) (Version: 5.10.1224.501 - WIBU-SYSTEMS AG) CWK (Czasowy Wyłącznik Komputera) (HKLM-x32\...\CWK) (Version: 2.52.3.43 - Damian Pasternak) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd) Driver (HKLM-x32\...\{C9A7E6A6-110D-4DBC-A8E2-F634613B5A8C}_is1) (Version: - TCL Commumication Technology Holdings Limited) Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.143.923 - Foxit Software Inc.) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.3.320 - Foxit Software Inc.) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.) Google SketchUp Pro 8 (HKLM-x32\...\{E0A160F1-127B-43AC-AF96-EBB6319B01C7}) (Version: 3.0.4811 - Google, Inc.) Google SketchUp Pro 8 PL (x32 Version: 8.0.4811.3 - Progrupa sp. z o.o.) Hidden Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu) HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) KeyShot 5 64 bit (HKLM-x32\...\KeyShot 5_64) (Version: 5.0 64 bit - Luxion ApS) K-Lite Codec Pack 11.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - ) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.0.3 - LG Electronics) LG One Click Root (HKLM-x32\...\{5085AFF1-777B-4052-85D1-59140D26DB28}) (Version: 1.3.0.0 - avicohh software) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker 6.0 for Windows 7 (64-bit) (HKLM\...\{A7395F20-2B22-4CB8-8510-B452C0F47E02}) (Version: 6.0.0 - Microsoft Corporation) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden NVIDIA Oprogramowanie systemu PhysX 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA Sterownik graficzny 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation) Opera Stable 33.0.1990.115 (HKLM-x32\...\Opera 33.0.1990.115) (Version: 33.0.1990.115 - Opera Software) Panel sterowania NVIDIA 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Polski pakiet językowy dla programu Google SketchUp Pro 8 (HKLM-x32\...\Google SketchUp Pro 8 PL) (Version: 8.0.4811.3 - Progrupa sp. z o.o.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SketchUp 2015 (HKLM-x32\...\{D0A0BE3D-8D66-4BE9-87C4-D30CA5AA93A3}) (Version: 15.3.330 - Trimble Navigation Limited) Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB) StartIsBack+ (HKLM-x32\...\StartIsBack) (Version: 1.6.2 - startisback.com) TakeOwnershipEx (HKLM-x32\...\TakeOwnershipEx) (Version: 1.2.0.1 - hxxp://winaero.com) Total Video Converter 3.71 100812 (HKLM-x32\...\Total Video Converter 3.71_is1) (Version: - EffectMatrix Inc.) Ultra Defragmenter (HKLM-x32\...\UltraDefrag) (Version: 6.1.1 - UltraDefrag Development Team) Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{CF394926-359E-48E1-AA25-E56B32FCB335}) (Version: - Microsoft) VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation) YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL cenzura!ÇÕES LTDA) <==== UWAGA ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max Design 2015\Inventor Server\Bin\TestServer.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Martyna\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Martyna\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max Design 2015\Inventor Server\Bin\TestServer.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max Design 2015\Inventor Server\Bin\TestServer.dll => Brak pliku ==================== Punkty Przywracania systemu ========================= 15-11-2015 21:45:12 Windows Update 18-11-2015 22:10:28 Windows Update 22-11-2015 13:51:15 Windows Update 26-11-2015 10:29:44 Windows Update 29-11-2015 14:35:15 Windows Update ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {187D6D59-297A-4BAD-9CA9-DE86D211D3AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10] (Adobe Systems Incorporated) Task: {3180FCB5-9736-43AE-A78B-D2928717262D} - System32\Tasks\Opera scheduled Autoupdate 1441966932 => C:\Program Files (x86)\Opera\launcher.exe [2015-11-16] (Opera Software) Task: {39C7CFC0-398A-4F57-A801-7CD4CFEDFF5E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-27] (AVAST Software) Task: {4635C4D9-6DBE-43A9-AA69-BBB5DFD00EC8} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-08] (Dropbox, Inc.) Task: {47BFE674-5DFA-4395-B88C-47D28D6E5597} - \Microsoft\Windows\Maintenance\WinSAT -> Brak pliku <==== UWAGA Task: {4D651F49-A17C-4925-9949-B2C72B985990} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-492168682-3674762022-4208976723-1001 => C:\Users\Martyna\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-10-31] (Microsoft Corporation) Task: {5668346C-2418-4C31-8945-52A38019D917} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-11-20] (Microsoft Corporation) Task: {653BF400-8182-4E2A-AB7F-8E5468DB0577} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {7049A30B-1FBF-49D9-8A39-061A7313B931} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-22] (Google Inc.) Task: {74E39FCB-92A6-4093-946F-AC888F846677} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-08] (Dropbox, Inc.) Task: {802265C3-D48E-43B2-ADCC-212BFC322CCC} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe [2015-11-10] (Adobe Systems Incorporated) Task: {82061315-9B7C-4C08-8C0F-E1CB0A245F82} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-22] (Google Inc.) Task: {86FF49C7-C00D-4272-8EC2-554BE91360CE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {93BC20C8-F222-435D-986F-207A54F27E64} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {B0D2B174-4C0E-4482-9B5F-0804629C52D3} - System32\Tasks\Aero Glass => C:\AeroGlass\aerohost.exe [2014-05-04] (Big Muscle) Task: {B3A13EDC-B908-479E-9E2E-F37FBC7A758A} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe Task: {F8E67123-EA00-49AF-A258-4561F6ACA4EF} - System32\Tasks\{4E78E308-9159-478A-B389-081DA17BD841} => pcalua.exe -a "C:\Program Files (x86)\Damian Pasternak\CWK\CWK.exe" -d "C:\Program Files (x86)\Damian Pasternak\CWK\" Task: {FA7C4196-4556-4AC6-80D7-300D65831178} - System32\Tasks\{5F91188F-6EFC-4A27-B30F-36CC8B8F376D} => Chrome.exe hxxp://ui.skype.com/ui/0/7.6.0.105/pl/go/help.faq.installer?LastError=1618 (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2015-02-22 16:20 - 2013-10-29 00:38 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-11-04 08:30 - 2015-08-19 07:59 - 00065696 ____N () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll 2015-11-04 08:30 - 2015-06-30 03:50 - 00176976 ____N () C:\Program Files (x86)\Elex-tech\YAC\tws\unrar.dll 2015-11-04 08:30 - 2015-06-30 03:50 - 00087744 ____N () C:\Program Files (x86)\Elex-tech\YAC\tws\unacev2.dll 2015-07-27 16:08 - 2015-07-27 16:08 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-07-27 16:08 - 2015-07-27 16:08 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-11-29 14:47 - 2015-11-29 14:47 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\15112900\algo.dll 2015-02-22 16:44 - 2013-12-22 07:22 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2015-02-22 16:44 - 2013-12-22 07:22 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2015-02-22 16:15 - 2013-08-08 13:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-11-04 08:30 - 2015-08-19 07:59 - 00179200 ____N () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll 2015-07-27 16:09 - 2015-07-27 16:09 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-11-20 13:04 - 2015-11-20 13:03 - 60736120 _____ () C:\Program Files (x86)\Opera\33.0.1990.115\opera.dll 2015-11-20 13:04 - 2015-11-20 13:03 - 01919608 _____ () C:\Program Files (x86)\Opera\33.0.1990.115\libglesv2.dll 2015-11-20 13:04 - 2015-11-20 13:03 - 00081528 _____ () C:\Program Files (x86)\Opera\33.0.1990.115\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Martyna\Desktop\45246e50fa741595566bf215831ac45d.jpg DNS Servers: 86.63.64.48 - 86.63.64.49 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "ADSKAppManager" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "SwitchBoard" HKLM\...\StartupApproved\Run32: => "Dropbox" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{FDFCB25C-5E1C-4E2A-8B47-AF88EE8117F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{30F9550F-4593-4E3C-8903-086F5EE98A29}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{3D28E5A8-13CC-4868-A11E-940D75852611}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe FirewallRules: [{10056017-4A31-4901-8A0D-393360D16559}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe FirewallRules: [{249371FA-059D-4DF8-A6D1-C348D1CCB614}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe FirewallRules: [{6BE76E89-A332-4CB4-890C-FD069F5E1665}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe FirewallRules: [TCP Query User{F020B984-0B3E-465A-BEDC-0F1785FE5C57}C:\program files\artlantis studio 5\artlantis license manager.exe] => (Allow) C:\program files\artlantis studio 5\artlantis license manager.exe FirewallRules: [UDP Query User{C5C6835F-49EE-41A8-BE70-88E8957699F9}C:\program files\artlantis studio 5\artlantis license manager.exe] => (Allow) C:\program files\artlantis studio 5\artlantis license manager.exe FirewallRules: [{BA4C14C2-AC96-441D-B7D5-BE02C91661A1}] => (Allow) C:\Program Files\KeyShot5\bin\keyshot5.exe FirewallRules: [{CAAF8E99-14B3-4785-A9FF-ADC2267BC3A2}] => (Allow) C:\Program Files\KeyShot5\bin\keyshot_daemon.exe FirewallRules: [{CC0BAB16-3B1F-4B53-97A3-EB722CCEF857}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe FirewallRules: [{AAB7F5C5-FEAB-460A-BF65-0266D89E6444}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe FirewallRules: [{CED1A1DB-79DE-4316-9CEE-BACB7034F013}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe FirewallRules: [{FCB5FB1A-B98A-44DF-9BF5-CDF4203E6787}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe FirewallRules: [TCP Query User{EE882780-743E-4FD1-AB0C-E78539E337A6}C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe] => (Allow) C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe FirewallRules: [UDP Query User{8D06962D-7F82-4A1F-9F07-0A77054557C9}C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe] => (Allow) C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe FirewallRules: [TCP Query User{6847D2FE-56DE-4187-9074-47311B025754}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{016D1DFC-76BB-47CC-A308-CFC602282FAF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{9938255E-FAD5-4AB0-8342-3A6FA1AB5A49}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{76BCA8A1-8EE3-467F-987E-93EA0E380ABA}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{FDB31D49-2D1A-4780-B46F-DE4E115FFE8F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{816BC97F-549C-4A6A-933E-AF17EDCB82AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{72222DDA-E68D-48A2-8335-A3353EDD2B06}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{3E786064-C37F-4884-97CB-19EA731B6C76}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{E556D021-3083-43BA-B712-4DA4F8208178}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{913AE92C-A416-442B-A24B-7FCF9DB98C5D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{74F5111C-0F69-4539-9CA8-E4DEF2E8B797}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{3A79235E-FF84-4757-8A23-47F8FA13B156}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{FCC8C1F4-E8FF-467B-B6C4-E9291E9050FF}C:\program files\artlantis studio 5\artlantis license manager.exe] => (Allow) C:\program files\artlantis studio 5\artlantis license manager.exe FirewallRules: [UDP Query User{4054FC6D-04DF-430A-B308-2ADD162228E0}C:\program files\artlantis studio 5\artlantis license manager.exe] => (Allow) C:\program files\artlantis studio 5\artlantis license manager.exe FirewallRules: [{FE756ED8-7010-4F84-9ED9-A25DB465125C}] => (Allow) LPort=1688 FirewallRules: [{8089400C-350A-4F59-B75F-E9107A50F3B5}] => (Allow) C:\Users\Martyna\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{8B4E278D-FE0C-4F19-9E90-8F53151C334A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{97C962F8-61FA-4FDE-8D61-5AC32D076C43}] => (Allow) LPort=2869 FirewallRules: [{A633F620-FB6E-44B6-AE20-F9735B491D79}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{CFE425C9-81BB-4A81-8369-BEB05E2EAF23}C:\users\martyna\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\martyna\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{2ED56141-3092-4031-918C-6016DDD731AE}C:\users\martyna\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\martyna\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{04B6B5F1-68C5-457F-9A94-230CEEA271F2}C:\users\martyna\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\martyna\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{E7629360-3A46-4361-88FA-165D8AD59FAF}C:\users\martyna\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\martyna\appdata\roaming\spotify\spotify.exe FirewallRules: [{4809F7BE-23A0-495F-BF14-A31F5C0A8212}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{50D31DAC-74C3-4531-B1AC-B536D498989D}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [TCP Query User{E02A05B2-F2A7-4E95-B50B-00565B1C3D67}C:\program files\graphisoft\archicad 18\licensefilegenerator.exe] => (Allow) C:\program files\graphisoft\archicad 18\licensefilegenerator.exe FirewallRules: [UDP Query User{A2D78FF8-FC64-41CD-B221-C27252D2DDF7}C:\program files\graphisoft\archicad 18\licensefilegenerator.exe] => (Allow) C:\program files\graphisoft\archicad 18\licensefilegenerator.exe FirewallRules: [{F1F08F6B-0084-45B8-8EF5-4C398FBAD87B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{94C13886-C27F-4ED3-8A34-7518DC99A9DC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{15993311-154A-4358-9F3F-2827B0576EDF}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe FirewallRules: [{74129EBC-3F12-43E2-ABE1-D0D5AB621FCC}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe FirewallRules: [{2B6691A1-3674-430B-B8B2-97D97676530B}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{58D28B8E-D294-4CFD-9EAD-1404D39A88B2}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{E9BBCF83-88F7-4415-B093-E7C698CFE0BD}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{527D7F6B-DABF-4FEC-8B0E-7BA4E8196F87}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{D067A096-4D20-4884-94A2-665D4322EDE6}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{199BCCAF-B79D-42BE-8284-CFB1F07A0296}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{7B003739-1C27-475B-84F6-5FE2519030BC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: USB2.0-CRW Description: USB2.0-CRW Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (11/29/2015 05:17:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.3.9600.17667, sygnatura czasowa: 0x54c6f7c2 Nazwa modułu powodującego błąd: Windows.UI.Xaml.dll, wersja: 6.3.9600.17904, sygnatura czasowa: 0x557b0ffa Kod wyjątku: 0xc000027b Przesunięcie błędu: 0x000000000082cfbe Identyfikator procesu powodującego błąd: 0x620 Godzina uruchomienia aplikacji powodującej błąd: 0xExplorer.EXE0 Ścieżka aplikacji powodującej błąd: Explorer.EXE1 Ścieżka modułu powodującego błąd: Explorer.EXE2 Identyfikator raportu: Explorer.EXE3 Pełna nazwa pakietu powodującego błąd: Explorer.EXE4 Identyfikator aplikacji względem pakietu powodującego błąd: Explorer.EXE5 Error: (11/29/2015 05:17:30 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: ) Description: Menedżer okien pulpitu napotkał błąd krytyczny (0x8898008d). Error: (11/29/2015 03:12:48 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Service_KMS.exe, wersja: 14.0.0.5, sygnatura czasowa: 0x544c78bf Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.3.9600.18007, sygnatura czasowa: 0x55c4c341 Kod wyjątku: 0xe0434352 Przesunięcie błędu: 0x000000000000871c Identyfikator procesu powodującego błąd: 0xccc Godzina uruchomienia aplikacji powodującej błąd: 0xService_KMS.exe0 Ścieżka aplikacji powodującej błąd: Service_KMS.exe1 Ścieżka modułu powodującego błąd: Service_KMS.exe2 Identyfikator raportu: Service_KMS.exe3 Pełna nazwa pakietu powodującego błąd: Service_KMS.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: Service_KMS.exe5 Error: (11/29/2015 03:12:33 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplikacja: Service_KMS.exe Wersja architektury: v4.0.30319 Opis: proces został przerwany z powodu nieobsłużonego wyjątku. Informacje o wyjątku: System.ArgumentOutOfRangeException Stos: w System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].RemoveAt(Int32) w Service_KMS.Logging.FileLogger.ᜀ(System.String ByRef) w System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) w System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) w System.Threading.ThreadHelper.ThreadStart() Error: (11/29/2015 02:55:04 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Camera.exe w wersji 6.3.9600.17418 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 1530 Godzina rozpoczęcia: 01d12aacad467c54 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Windows\Camera\Camera.exe Identyfikator raportu: f8fe283e-969f-11e5-82d7-6036ddf83e72 Pełna nazwa pakietu powodującego błąd: Microsoft.MoCamera_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy Identyfikator aplikacji względem pakietu powodującego błąd: Microsoft.Camera Error: (11/29/2015 02:49:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUTER) Description: Aktywacja aplikacji Microsoft.MoCamera_cw5n1h2txyewy!Microsoft.Camera nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (11/29/2015 02:49:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: COMPUTER) Description: Aplikacja Microsoft.MoCamera_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy+Microsoft.Camera nie została uruchomiona w wyznaczonym czasie. Error: (11/29/2015 02:35:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: COMPUTER) Description: Aktywacja aplikacji Microsoft.MoCamera_cw5n1h2txyewy!Microsoft.Camera nie powiodła się. Błąd: -2144927150. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (11/29/2015 02:35:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (11/29/2015 02:35:31 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury ConvertStringSidToSid(S-1-5-21-492168682-3674762022-4208976723-500.bak). hr = 0x80070539, Struktura identyfikatora zabezpieczenia jest nieprawidłowa. . Operacja: Zdarzenie OnIdentify Zbieranie danych modułu zapisującego Kontekst: Kontekst wykonywania: Shadow Copy Optimization Writer Identyfikator klasy modułu zapisującego: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Nazwa modułu zapisującego: Shadow Copy Optimization Writer Identyfikator wystąpienia modułu zapisującego: {0e0b459e-b82d-4450-8b45-23a8af8531c8} Dziennik System: ============= Error: (11/29/2015 05:30:16 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Error: (11/29/2015 05:27:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070002: nVidia - Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3, Other hardware - NVIDIA GeForce GT 645M. Error: (11/29/2015 05:20:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070002: Aktualizacja zabezpieczeń systemu Windows 8.1 dla systemów opartych na procesorach x64 (KB3069114). Error: (11/29/2015 05:20:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Lavalys EVEREST Kernel Driver z powodu następującego błędu: %%577 Error: (11/29/2015 05:20:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Lavalys EVEREST Kernel Driver z powodu następującego błędu: %%577 Error: (11/29/2015 04:34:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi YAC NDIS Driver z powodu następującego błędu: %%2 Error: (11/29/2015 04:31:18 PM) (Source: BTHUSB) (EventID: 30) (User: ) Description: Lokalny adapter nie obsługuje ważnego stanu kontrolera funkcji Low Energy. Minimalna wymagana obsługiwana maska stanu to 0x1f7fffff, a uzyskano 0x1f3fffff. Funkcja Low Energy zostanie wyłączona. Error: (11/29/2015 04:29:27 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Error: (11/29/2015 04:28:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (11/29/2015 04:28:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. CodeIntegrity: =================================== Date: 2015-11-29 17:20:07.566 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Martyna\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-11-29 17:20:06.753 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-11-29 16:14:38.550 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-29 15:14:51.866 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-29 14:51:18.292 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-29 14:51:18.281 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-29 14:38:27.360 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-29 14:38:27.360 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-29 14:38:27.360 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-11-29 14:38:27.360 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz Procent pamięci w użyciu: 46% Całkowita pamięć fizyczna: 3957.6 MB Dostępna pamięć fizyczna: 2108.83 MB Całkowita pamięć wirtualna: 7541.6 MB Dostępna pamięć wirtualna: 3621.95 MB ==================== Dyski ================================ Drive c: (SYSTEM) (Fixed) (Total:194.97 GB) (Free:75.49 GB) NTFS Drive e: (Pliki) (Fixed) (Total:443.21 GB) (Free:433.41 GB) exFAT Drive f: (Programy) (Fixed) (Total:292.96 GB) (Free:187.77 GB) exFAT ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9ED40981) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=293 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=443.2 GB) - (Type=OF Extended) ==================== Koniec Addition.txt ============================

Pozdrawiam

**Posty:** 4765 · przez **ordynat** 29 Lis 2015, 19:37

Otwórz Notatnik i wklej w nim:

C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Program Files (x86)\Elex-tech
C:\Windows\system32\Drivers\iSafeNetFilter.sys
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [260856 2015-05-14] (Elex do Brasil cenzura!ções Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2015-08-19] (Elex do Brasil cenzura!ções Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2015-08-19] (Elex do Brasil cenzura!ções Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2015-08-19] (Elex do Brasil cenzura!ções Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-06-30] (Elex do Brasil cenzura!ções Ltda)
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-08-19] (Elex do Brasil cenzura!ções Ltda)
CHR HomePage: Default -> hxxp://www.v9.com?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
CHR StartupUrls: Default -> "hxxp://www.v9.com?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z"
CHR DefaultSearchURL: Default -> hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms}
CHR DefaultSearchKeyword: Default -> v9
HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms}
HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms}
HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms}
HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms}
HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms}
HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms}
HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
URLSearchHook: [S-1-5-21-492168682-3674762022-4208976723-1002] UWAGA => Brak domyślnego URLSearchHook
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms}
SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms}
SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1002 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms}
SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1002 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms}
SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
GroupPolicy: Ograniczenia - Chrome <======= UWAGA
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\avgua32.exe" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\globalUpdatem" /f
HKU\S-1-5-18\...\Run: [tiny.cmd] => C:\Windows\System32\tiny\tiny.cmd
HKU\S-1-5-18\...\Run: [] => 0
HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\Run: [AdobeBridge] => [X]
Task: {F8E67123-EA00-49AF-A258-4561F6ACA4EF} - System32\Tasks\{4E78E308-9159-478A-B389-081DA17BD841} => pcalua.exe -a "C:\Program Files (x86)\Damian Pasternak\CWK\CWK.exe" -d "C:\Program Files (x86)\Damian Pasternak\CWK\"
Task: {47BFE674-5DFA-4395-B88C-47D28D6E5597} - \Microsoft\Windows\Maintenance\WinSAT -> Brak pliku <==== UWAGA
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe" /f
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix (NAPRAW).
Powstanie plik fixlog.txt.
Daj ten log.

Zrób nowe logi FRST.

Napisz, jak oceniasz sytuację?
.

Autor postu otrzymał pochwałę

**Posty:** 118 · przez **4_life** 06 Gru 2015, 17:26

Witam, dziękuję za pomoc. Teraz wszystko chodzi znacznie szybciej

załączam logi:

fixlog

Kod: Zaznacz wszystko: Rezultat naprawy Farbar Recovery Scan Tool (x64) Wersja:05-12-2015 Uruchomiony przez Martyna (2015-12-06 16:10:12) Run:1 Uruchomiony z C:\Users\Martyna\Desktop\czyszczenie Załadowane profile: Martyna & UpdatusUser (Dostępne profile: Martyna & UpdatusUser) Tryb startu: Normal ============================================== fixlist - zawartość: ***************** C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat C:\Program Files (x86)\Elex-tech C:\Windows\system32\Drivers\iSafeNetFilter.sys R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [260856 2015-05-14] (Elex do Brasil cenzura!çoes Ltda) R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2015-08-19] (Elex do Brasil cenzura!çoes Ltda) R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2015-08-19] (Elex do Brasil cenzura!çoes Ltda) R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2015-08-19] (Elex do Brasil cenzura!çoes Ltda) R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-06-30] (Elex do Brasil cenzura!çoes Ltda) R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-08-19] (Elex do Brasil cenzura!çoes Ltda) CHR HomePage: Default -> hxxp://www.v9.com?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z CHR StartupUrls: Default -> "hxxp://www.v9.com?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z" CHR DefaultSearchURL: Default -> hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} CHR DefaultSearchKeyword: Default -> v9 HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z URLSearchHook: [S-1-5-21-492168682-3674762022-4208976723-1002] UWAGA => Brak domyślnego URLSearchHook SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = SearchScopes: HKLM-x32 -> DefaultScope - brak wartości SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-19 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-20 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1002 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1002 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z GroupPolicy: Ograniczenia - Chrome <======= UWAGA CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\avgua32.exe" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /f Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\globalUpdatem" /f HKU\S-1-5-18\...\Run: [tiny.cmd] => C:\Windows\System32\tiny\tiny.cmd HKU\S-1-5-18\...\Run: [] => 0 HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\Run: [AdobeBridge] => [X] Task: {F8E67123-EA00-49AF-A258-4561F6ACA4EF} - System32\Tasks\{4E78E308-9159-478A-B389-081DA17BD841} => pcalua.exe -a "C:\Program Files (x86)\Damian Pasternak\CWK\CWK.exe" -d "C:\Program Files (x86)\Damian Pasternak\CWK\" Task: {47BFE674-5DFA-4395-B88C-47D28D6E5597} - \Microsoft\Windows\Maintenance\WinSAT -> Brak pliku <==== UWAGA Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe" /f EmptyTemp: ***************** C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => pomyślnie przeniesiono "C:\Program Files (x86)\Elex-tech" folder - przenoszenie: Nie można przenieść "C:\Program Files (x86)\Elex-tech" => Zaplanowany do przeniesienia przy restarcie. C:\Windows\system32\Drivers\iSafeNetFilter.sys => pomyślnie przeniesiono iSafeKrnl => Nie można zatrzymać usługi. iSafeKrnl => serwis niepowodzenie przy usuwaniu iSafeKrnlKit => Nie można zatrzymać usługi. iSafeKrnlKit => serwis niepowodzenie przy usuwaniu iSafeKrnlMon => Nie można zatrzymać usługi. iSafeKrnlMon => serwis pomyślnie usunięto iSafeKrnlR3 => Nie można zatrzymać usługi. iSafeKrnlR3 => serwis niepowodzenie przy usuwaniu iSafeNetFilter => Nie można zatrzymać usługi. iSafeNetFilter => serwis niepowodzenie przy usuwaniu iSafeService => Nie można zatrzymać usługi. iSafeService => serwis niepowodzenie przy usuwaniu Chrome HomePage => pomyślnie usunięto Chrome StartupUrls => pomyślnie usunięto Chrome DefaultSearchURL => pomyślnie usunięto Chrome DefaultSearchKeyword => pomyślnie usunięto HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Błąd przy ustawianiu wartości. HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => Wartość pomyślnie usunięto HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => Wartość pomyślnie usunięto HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Błąd przy ustawianiu wartości. HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => Błąd przy ustawianiu wartości. HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main\\Search Bar => Wartość pomyślnie usunięto HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main\\Search Page => Wartość pomyślnie przywrócono HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => Wartość pomyślnie usunięto HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Błąd przy ustawianiu wartości. Nie można przywrócić Domyślne URLSearchHook. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Błąd przy ustawianiu wartości. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Błąd przy ustawianiu wartości. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => klucz niepowodzenie przy usuwaniu. HKCR\Wow6432Node\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => klucz nie znaleziono. HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => klucz niepowodzenie przy usuwaniu. HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => klucz nie znaleziono. HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => klucz niepowodzenie przy usuwaniu. HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => klucz nie znaleziono. HKU\S-1-5-21-492168682-3674762022-4208976723-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => klucz niepowodzenie przy usuwaniu. HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => klucz nie znaleziono. HKU\S-1-5-21-492168682-3674762022-4208976723-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wartość pomyślnie usunięto HKU\S-1-5-21-492168682-3674762022-4208976723-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => klucz niepowodzenie przy usuwaniu. HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => klucz nie znaleziono. HKU\S-1-5-21-492168682-3674762022-4208976723-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} => klucz niepowodzenie przy usuwaniu. HKCR\CLSID\{ielnksrch} => klucz nie znaleziono. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Błąd przy ustawianiu wartości. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Błąd przy ustawianiu wartości. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Błąd przy ustawianiu wartości. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Błąd przy ustawianiu wartości. C:\Windows\system32\GroupPolicy\Machine => pomyślnie przeniesiono C:\Windows\system32\GroupPolicy\GPT.ini => pomyślnie przeniesiono "HKLM\SOFTWARE\Policies\Google" => klucz pomyślnie usunięto ========= reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= Operacja ukoäczona pomylnie. ========= Koniec Reg: ========= ========= reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= ERROR: Odmowa dost©pu. ========= Koniec Reg: ========= ========= reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f ========= ERROR: Odmowa dost©pu. ========= Koniec Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= Koniec Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\avgua32.exe" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= Koniec Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= Koniec Reg: ========= ========= reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\globalUpdatem" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= Koniec Reg: ========= HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\tiny.cmd => Wartość pomyślnie usunięto HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ => Wartość pomyślnie usunięto HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Wartość pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8E67123-EA00-49AF-A258-4561F6ACA4EF}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8E67123-EA00-49AF-A258-4561F6ACA4EF}" => klucz pomyślnie usunięto C:\Windows\System32\Tasks\{4E78E308-9159-478A-B389-081DA17BD841} => pomyślnie przeniesiono "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4E78E308-9159-478A-B389-081DA17BD841}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47BFE674-5DFA-4395-B88C-47D28D6E5597}" => klucz pomyślnie usunięto "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47BFE674-5DFA-4395-B88C-47D28D6E5597}" => klucz pomyślnie usunięto HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\WinSAT => klucz nie znaleziono. ========= reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe" /f ========= ERROR: The system was unable to find the specified registry key or value. ========= Koniec Reg: ========= EmptyTemp: => 24.6 GB danych tymczasowych Usunięto. Rezultat przenoszenia plików przy restarcie (Tryb startu: Normal) (Data i godzina: 2015-12-06 16:18:51) C:\Program Files (x86)\Elex-tech => został pomyślnie przeniesiony ==== Koniec Fixlog 16:18:52 ====

FRST

Kod: Zaznacz wszystko: Rezultaty skanowania Farbar Recovery Scan Tool (FRST) (x64) Wersja:05-12-2015 Uruchomiony przez Martyna (administrator) COMPUTER (06-12-2015 16:23:20) Uruchomiony z C:\Users\Martyna\Desktop\czyszczenie Załadowane profile: Martyna & UpdatusUser (Dostępne profile: Martyna & UpdatusUser) Platform: Windows 8.1 Pro (X64) Język: Polski (Polska) Internet Explorer Wersja 11 (Domyślna przeglądarka: Opera) Tryb startu: Normal Instrukcja obsługi Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesy (filtrowane) ================= (Załączenie wejścia w fixlist spowoduje zamknięcie procesu. Powiązany plik nie zostanie przeniesiony.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Big Muscle) C:\AeroGlass\aerohost.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe (WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Opera Software) C:\Program Files (x86)\Opera\33.0.1990.115\opera.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Rejestr (filtrowane) =========================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Run: [StartIsBackTR] => C:\Program Files (x86)\StartIsBack\SIBTR.exe [319435 2013-03-04] () HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-11] (AVAST Software) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [477064 2013-12-22] (Autodesk Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1 HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKLM\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd) HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\Run: [Spotify Web Helper] => C:\Users\Martyna\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2015-12-02] (Spotify Ltd) HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\Run: [Spotify] => C:\Users\Martyna\AppData\Roaming\Spotify\Spotify.exe [8270448 2015-12-02] (Spotify Ltd) HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\MountPoints2: {92032d7e-bab0-11e4-8263-6036ddf83e6e} - "D:\SETUP.EXE" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\MountPoints2: {bc9d38d4-9372-11e5-82d6-6036ddf83e72} - "H:\start.exe" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\MountPoints2: {bc9d4005-9372-11e5-82d6-6036ddf83e72} - "H:\LGAutoRun.exe" AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156256 2013-12-26] (NVIDIA Corporation) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-27] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2015-11-25] ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG) ==================== Internet (filtrowane) ==================== (Załączenie wejścia w fixlist, w przypadku gdy jest to obiekt rejestru, spowoduje usunięcie go z rejestru lub przywrócenie jego domyślnej postaci.) Tcpip\Parameters: [DhcpNameServer] 86.63.64.48 86.63.64.49 Tcpip\..\Interfaces\{423147C8-7EFB-466B-B3DE-1609016EF4DC}: [DhcpNameServer] 86.63.64.48 86.63.64.49 Tcpip\..\Interfaces\{8D3BC2DD-DD2A-4A5F-B8B0-53A948C2B3F3}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z URLSearchHook: [S-1-5-21-492168682-3674762022-4208976723-1002] UWAGA => Brak domyślnego URLSearchHook SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = SearchScopes: HKLM-x32 -> DefaultScope - brak wartości SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-19 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-20 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1002 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms} BHO: Brak nazwy -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Windows\system32\OldNewExplorer64.dll [2014-07-20] (www.startisback.com) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-27] (AVAST Software) BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-01] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-27] (AVAST Software) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-01] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-01-21] (Microsoft Corporation) FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-01] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-01] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-28] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-28] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-27] [Brak podpisu cyfrowego] Chrome: ======= CHR HomePage: Default -> hxxp://www.v9.com?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z CHR StartupUrls: Default -> "hxxp://www.v9.com?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z" CHR DefaultSearchURL: Default -> hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms} CHR DefaultSearchKeyword: Default -> v9 CHR Profile: C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Prezentacje Google) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-02] CHR Extension: (Dokumenty Google) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-02] CHR Extension: (Dysk Google) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23] CHR Extension: (Video AdBlock for Chrome) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-12-02] CHR Extension: (YouTube) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29] CHR Extension: (Adblock Plus) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-12-02] CHR Extension: (Google Search) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-02] CHR Extension: (Arkusze Google) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-02] CHR Extension: (Dokumenty Google offline) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-02] CHR Extension: (Avast Online Security) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-02] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-02] CHR Extension: (Gmail) - C:\Users\Martyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-02] CHR HKU\S-1-5-21-492168682-3674762022-4208976723-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-27] Opera: ======= OPR Extension: (Adblock Plus) - C:\Users\Martyna\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-11-25] OPR Extension: (Google Translate) - C:\Users\Martyna\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcfaommkmdjacdkbaoohklbccfmbnnod [2015-09-11] ==================== Usługi (filtrowane) ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-27] (AVAST Software) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-08] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-08] (Dropbox, Inc.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Brak podpisu cyfrowego] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) S3 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [Brak podpisu cyfrowego] R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Brak podpisu cyfrowego] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [X] ===================== Sterowniki (filtrowane) ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [29184 2015-05-12] (LG Electronics Inc.) S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-27] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-27] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-27] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-27] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-11] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-11] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-27] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-27] (AVAST Software) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-02-22] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation) R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) U4 clr_optimization_v2.0.50727_32; Brak ImagePath U4 clr_optimization_v2.0.50727_64; Brak ImagePath U4 clr_optimization_v4.0.30319_32; Brak ImagePath U4 clr_optimization_v4.0.30319_64; Brak ImagePath R1 iSafeKrnl; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [X] R1 iSafeKrnlKit; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [X] R1 iSafeKrnlR3; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [X] S1 iSafeNetFilter; system32\DRIVERS\iSafeNetFilter.sys [X] ==================== NetSvcs (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Jeden miesiąc - utworzone pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-12-06 16:18 - 2015-12-06 16:18 - 00000008 __RSH C:\ProgramData\ntuser.pol 2015-12-06 16:17 - 2015-12-06 16:17 - 00000000 ____H C:\ProgramData\cm-lock 2015-12-04 21:05 - 2015-12-04 21:05 - 00142897 _____ C:\Users\Martyna\Downloads\Metal+Glass+Dining+Table.skp 2015-12-04 20:17 - 2015-12-04 20:18 - 06954650 _____ C:\Users\Martyna\Downloads\VITRA_EamesPlasticArmchairDAW.skp 2015-12-04 19:52 - 2015-12-04 19:52 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software 2015-12-04 19:52 - 2015-12-04 19:52 - 00000000 ____D C:\Program Files\Common Files\AV 2015-12-04 17:18 - 2015-12-04 17:19 - 11423201 _____ C:\Users\Martyna\Downloads\White+closet.skp 2015-12-04 17:16 - 2015-12-04 17:16 - 02262655 _____ C:\Users\Martyna\Downloads\Sewing+Machine.skp 2015-12-03 20:27 - 2015-12-03 20:27 - 00200458 _____ C:\Users\Martyna\Downloads\Group_4.skp 2015-12-03 17:27 - 2015-12-03 17:27 - 01798092 _____ C:\Users\Martyna\Documents\AutoSave_Untitled_5.skp 2015-12-02 21:22 - 2015-12-02 21:22 - 06214440 _____ C:\Users\Martyna\Downloads\abc.atl 2015-12-02 21:00 - 2015-12-02 21:00 - 23420827 _____ C:\Users\Martyna\Documents\AutoSave_Untitled_4.skp 2015-12-02 20:37 - 2015-12-02 20:37 - 15442500 _____ C:\Users\Martyna\Documents\AutoSave_Untitled_3.skp 2015-12-02 20:15 - 2015-12-02 20:15 - 04147348 _____ C:\Users\Martyna\Documents\AutoSave_Untitled_2.skp 2015-12-02 19:51 - 2015-12-02 19:51 - 00079251 _____ C:\Users\Martyna\Documents\AutoSave_Untitled_1.skp 2015-12-02 19:15 - 2015-12-02 19:15 - 13161184 _____ (Microsoft Corporation) C:\Users\Martyna\Downloads\Silverlight_x64.exe 2015-12-02 11:02 - 2015-12-02 11:02 - 00709772 _____ C:\Users\Martyna\Downloads\6634K33100caddecor.zip 2015-12-02 10:48 - 2015-12-02 10:55 - 00064423 _____ C:\Users\Martyna\Downloads\pobrany plik (5) 2015-12-02 10:48 - 2015-12-02 10:55 - 00064423 _____ C:\Users\Martyna\Downloads\pobrany plik (4) 2015-12-02 10:47 - 2015-12-02 10:55 - 00063697 _____ C:\Users\Martyna\Downloads\pobrany plik (3) 2015-12-02 09:46 - 2015-12-02 09:53 - 00000000 ____D C:\Users\Martyna\Downloads\abisko mudell 2015-12-02 09:46 - 2015-12-02 09:46 - 01763687 _____ C:\Users\Martyna\Downloads\abisko mudell.rar 2015-12-02 09:33 - 2015-12-06 16:18 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-02 09:33 - 2015-12-06 15:38 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-01 15:29 - 2015-12-01 15:29 - 00453441 _____ C:\Users\Martyna\Downloads\dhl_factura_01122015_1398004.z 2015-12-01 15:25 - 2015-12-01 15:25 - 02498044 _____ C:\Users\Martyna\Documents\AutoSave_Untitled.skp 2015-12-01 15:15 - 2015-12-01 15:21 - 00000000 ____D C:\Users\Martyna\Downloads\abisko-washbasin-by-johan-kauppi-eumar 2015-12-01 15:15 - 2015-12-01 15:15 - 01698270 _____ C:\Users\Martyna\Downloads\abisko-washbasin-by-johan-kauppi-eumar.zip 2015-11-30 14:09 - 2015-11-30 14:09 - 00035494 _____ C:\Users\Martyna\Downloads\pobrany plik (2) 2015-11-30 14:09 - 2015-11-30 14:09 - 00035494 _____ C:\Users\Martyna\Downloads\pobrany plik (1) 2015-11-30 13:56 - 2015-11-30 13:56 - 00027538 _____ C:\Users\Martyna\Downloads\pobrany plik 2015-11-29 22:47 - 2015-11-29 22:48 - 07378533 _____ C:\Users\Martyna\Downloads\Component_48.skp 2015-11-29 22:44 - 2015-11-29 22:44 - 00662064 _____ C:\Users\Martyna\Downloads\Cushion_02.skp 2015-11-29 22:14 - 2015-11-29 22:14 - 01649298 _____ C:\Users\Martyna\Downloads\Sans_titre_1.skp 2015-11-29 22:05 - 2015-11-29 22:07 - 15923132 _____ C:\Users\Martyna\Downloads\Minotti+-+Prince+Armchair.skp 2015-11-29 21:28 - 2015-11-29 21:28 - 00094000 _____ C:\Users\Martyna\Downloads\CB2+-+Twine.skp 2015-11-29 20:59 - 2015-11-29 20:59 - 00130849 _____ C:\Users\Martyna\Downloads\Lamp_Table_016_drc3D-2.skp 2015-11-29 19:57 - 2015-11-29 20:01 - 00000000 ____D C:\Users\Martyna\Downloads\bedroom 2015-11-29 19:57 - 2015-11-29 19:57 - 00000000 ____D C:\Users\Martyna\Downloads\fotel-sypialnia 2015-11-29 19:20 - 2015-11-29 19:41 - 44601025 _____ C:\Users\Martyna\Downloads\fotel-sypialnia.rar 2015-11-29 19:02 - 2015-11-29 19:41 - 64281715 _____ C:\Users\Martyna\Downloads\bedroom.zip 2015-11-29 17:39 - 2015-12-06 16:17 - 00000000 ____D C:\Windows\SysWOW64\NV 2015-11-29 17:39 - 2015-12-06 16:17 - 00000000 ____D C:\Windows\system32\NV 2015-11-29 17:31 - 2015-11-29 17:31 - 00000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2015-11-29 17:25 - 2013-10-29 00:38 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-11-29 17:23 - 2015-11-29 17:23 - 00000000 ____D C:\temp 2015-11-29 17:21 - 2015-11-29 17:22 - 00000000 ____D C:\Windows\LastGood.Tmp 2015-11-29 17:19 - 2015-11-29 17:19 - 00001146 _____ C:\Users\UpdatusUser\Desktop\EVEREST Home Edition.lnk 2015-11-29 17:19 - 2015-11-29 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys 2015-11-29 17:19 - 2015-11-29 17:19 - 00000000 ____D C:\Program Files (x86)\Lavalys 2015-11-29 17:17 - 2015-11-29 17:18 - 04179293 _____ (Lavalys, Inc. ) C:\Users\Martyna\Downloads\everesthome220(dobreprogramy.pl).exe 2015-11-29 17:13 - 2015-11-29 17:13 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf 2015-11-29 17:12 - 2015-11-29 17:12 - 00000000 ____D C:\iBTWU 2015-11-29 16:45 - 2015-11-29 16:46 - 00210019 _____ (UltraDefrag Development Team) C:\Users\Martyna\Downloads\ultradefrag-7.0.0-beta4.bin.amd64.exe 2015-11-29 16:42 - 2015-11-29 16:46 - 00000000 ____D C:\Program Files\UltraDefrag 2015-11-29 16:42 - 2015-11-29 16:42 - 00000886 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraDefrag.lnk 2015-11-29 16:41 - 2015-11-29 16:41 - 00689659 _____ (UltraDefrag Development Team) C:\Users\Martyna\Downloads\ultradefrag-6.1.1.bin.amd64.exe 2015-11-29 16:39 - 2015-11-29 16:40 - 00844670 _____ (UltraDefrag Development Team) C:\Users\Martyna\Downloads\ultradefrag-6.1.1.bin.ia64.exe 2015-11-29 16:32 - 2015-11-29 16:32 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Elex-tech 2015-11-29 16:22 - 2015-11-29 16:22 - 01733632 _____ C:\Users\Martyna\Downloads\AdwCleaner.exe 2015-11-29 16:17 - 2015-12-06 16:23 - 00000000 ____D C:\Users\Martyna\Desktop\czyszczenie 2015-11-29 16:17 - 2015-12-06 16:23 - 00000000 ____D C:\FRST 2015-11-29 16:15 - 2015-11-29 16:15 - 02349056 _____ (Farbar) C:\Users\Martyna\Downloads\FRST64.exe 2015-11-29 14:49 - 2015-11-29 14:49 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf 2015-11-29 14:45 - 2015-11-29 14:45 - 00000000 ____D C:\Users\Martyna\AppData\Local\VirtualStore 2015-11-25 17:55 - 2015-11-25 17:58 - 00000000 ____D C:\Users\Martyna\Downloads\UMYWALKA CITTERIO.3DS 2015-11-25 17:55 - 2015-11-25 17:55 - 02173042 _____ C:\Users\Martyna\Downloads\UMYWALKA CITTERIO.3DS.zip 2015-11-25 14:15 - 2015-11-25 14:15 - 00401049 _____ C:\Users\Martyna\Downloads\citterio-kibelek.3ds 2015-11-25 14:14 - 2015-11-25 14:14 - 00000000 ____D C:\Users\Martyna\Downloads\citterio kibelekk 2015-11-25 14:13 - 2015-11-25 14:13 - 00446948 _____ C:\Users\Martyna\Downloads\citterio kibelekk.zip 2015-11-25 14:13 - 2015-11-25 14:13 - 00000000 ____D C:\Users\Martyna\Downloads\citterio kibelek 2015-11-25 14:09 - 2015-11-25 14:09 - 00375556 _____ C:\Users\Martyna\Downloads\citterio kibelek.zip 2015-11-25 13:50 - 2015-11-25 13:50 - 00000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-11-25 13:44 - 2015-11-25 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter 2015-11-25 13:44 - 2015-11-25 13:44 - 00000000 ____D C:\ProgramData\CodeMeter 2015-11-25 13:44 - 2015-11-25 13:44 - 00000000 ____D C:\Program Files\WIBU-SYSTEMS 2015-11-25 13:44 - 2015-11-25 13:44 - 00000000 ____D C:\Program Files\CodeMeter 2015-11-25 13:44 - 2015-11-25 13:44 - 00000000 ____D C:\Program Files (x86)\CodeMeter 2015-11-25 13:37 - 2015-11-25 13:37 - 00375556 _____ C:\Users\Martyna\Downloads\7026L43100caddecor.zip 2015-11-24 15:39 - 2015-11-24 15:39 - 00204712 _____ C:\Users\Martyna\Downloads\Baby+Changing+Station.skp 2015-11-23 19:33 - 2015-11-23 19:33 - 00000000 ____D C:\Users\Martyna\Documents\Adobe 2015-11-23 18:36 - 2015-11-23 18:36 - 00036793 _____ C:\Users\Martyna\Downloads\GRAWER.pdf 2015-11-22 14:12 - 2015-11-22 14:12 - 03374967 _____ C:\Users\Martyna\Downloads\Toalha.skp 2015-11-22 14:10 - 2015-11-22 14:10 - 00235524 _____ C:\Users\Martyna\Downloads\Senza.skp 2015-11-22 14:10 - 2015-11-22 14:10 - 00235524 _____ C:\Users\Martyna\Downloads\Senza (1).skp 2015-11-22 14:05 - 2015-11-22 14:05 - 00164597 _____ C:\Users\Martyna\Downloads\towel+ring.skp 2015-11-22 13:46 - 2015-11-22 13:46 - 01368768 _____ C:\Users\Martyna\Downloads\Towels+by+Own+Design+Rendering.skp 2015-11-22 13:38 - 2015-11-22 13:38 - 00676280 _____ C:\Users\Martyna\Downloads\Untitled.skp 2015-11-22 13:32 - 2015-11-22 13:32 - 00808333 _____ C:\Users\Martyna\Downloads\bathroom_personalcare_set.skp 2015-11-22 11:58 - 2015-11-22 12:20 - 00000090 _____ C:\Users\Martyna\Desktop\SANITARNY.txt 2015-11-22 11:24 - 2015-11-22 11:28 - 42759329 _____ C:\Users\Martyna\Downloads\sh+1+%282%29 (1).skp 2015-11-20 13:04 - 2015-11-20 13:04 - 00003872 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1441966932 2015-11-20 13:04 - 2015-11-20 13:04 - 00001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2015-11-20 12:58 - 2015-11-03 01:23 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-20 12:58 - 2015-11-03 01:23 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-20 11:42 - 2015-11-20 11:42 - 00089600 _____ (UltraDefrag Development Team) C:\Windows\system32\udefrag.exe 2015-11-20 11:42 - 2015-11-20 11:42 - 00013312 _____ (UltraDefrag Development Team) C:\Windows\system32\hibernate4win.exe 2015-11-20 11:42 - 2015-11-20 11:42 - 00012288 _____ (UltraDefrag Development Team) C:\Windows\system32\bootexctrl.exe 2015-11-20 11:41 - 2015-11-20 11:41 - 00394752 _____ (UltraDefrag Development Team) C:\Windows\system32\defrag_native.exe 2015-11-20 11:41 - 2015-11-20 11:41 - 00132608 _____ C:\Windows\system32\lua5.1a.dll 2015-11-20 11:41 - 2015-11-20 11:41 - 00055808 _____ (UltraDefrag Development Team) C:\Windows\system32\udefrag.dll 2015-11-20 11:41 - 2015-11-20 11:41 - 00033792 _____ (UltraDefrag Development Team) C:\Windows\system32\wgx.dll 2015-11-20 11:40 - 2015-11-20 11:40 - 00337920 _____ (UltraDefrag Development Team) C:\Windows\system32\zenwinx.dll 2015-11-18 21:23 - 2015-11-18 21:23 - 11517544 _____ C:\Users\Martyna\Documents\1.skp 2015-11-18 21:23 - 2015-11-18 14:07 - 11528102 _____ C:\Users\Martyna\Documents\1.skb 2015-11-16 17:09 - 2015-11-16 17:09 - 00319299 _____ C:\Users\Martyna\Desktop\PENSJONAT.pdf 2015-11-15 21:47 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2015-11-15 21:47 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2015-11-12 22:50 - 2015-11-12 22:50 - 00026880 _____ (Western Digital Technologies, Inc.) C:\Windows\system32\Drivers\wdcsam64.sys 2015-11-12 15:26 - 2015-11-12 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-11-11 19:49 - 2015-11-11 19:49 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2015-11-11 19:49 - 2015-11-11 19:49 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2015-11-11 14:48 - 2015-11-11 14:48 - 00000000 ____D C:\Users\Martyna\Downloads\kanapa-bar 2015-11-11 13:03 - 2015-11-11 13:03 - 00000000 ____D C:\Users\Martyna\Downloads\hekry2-club 2015-11-11 13:01 - 2015-11-11 13:09 - 00000000 ____D C:\Users\Martyna\Downloads\hokery-club 2015-11-11 09:29 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys 2015-11-11 09:28 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys 2015-11-11 09:28 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe 2015-11-11 09:28 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-11-11 09:28 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-11-11 09:28 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2015-11-11 09:28 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2015-11-11 08:51 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-11 08:51 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-11-11 08:51 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-11-11 08:51 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-11-11 08:50 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2015-11-11 08:50 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2015-11-11 08:50 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-11-11 08:50 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-11-11 08:50 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2015-11-11 08:50 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2015-11-11 08:50 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-11-11 08:50 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-11-11 08:50 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-11-11 08:50 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-11-11 08:50 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-11-11 08:50 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-11-11 08:50 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-11 08:50 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-11-11 08:50 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-11-11 08:49 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2015-11-11 08:49 - 2015-09-07 17:21 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll 2015-11-11 08:49 - 2015-09-07 17:17 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll 2015-11-11 08:49 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2015-11-11 08:49 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2015-11-11 08:48 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-11 08:48 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-11 08:48 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-11-11 08:48 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-11-11 08:48 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-11-11 08:48 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-11-11 08:48 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml 2015-11-11 08:46 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-11-11 08:46 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-11-11 08:46 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-11-11 08:46 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-11-11 08:46 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-11-11 08:46 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-11-11 08:46 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-11-11 08:46 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-11-11 08:46 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-11-11 08:46 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-11-11 08:46 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-11-11 08:46 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-11-11 08:42 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-11 08:42 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-11 08:42 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-11 08:42 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-11 08:42 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-11 08:42 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-11-11 08:42 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-11-11 08:42 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-11-11 08:42 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-11-11 08:42 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-11-11 08:42 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-11-11 08:42 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-11 08:42 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-11 08:42 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-11 08:42 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-11-11 08:42 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-11-11 08:42 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-11-11 08:42 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-11-11 08:42 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-11 08:42 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-11-11 08:42 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-11-11 08:42 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-11-11 08:42 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-11-11 08:41 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2015-11-11 08:41 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2015-11-11 08:41 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2015-11-11 08:41 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2015-11-11 08:41 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2015-11-11 08:41 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2015-11-11 08:41 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys ==================== Jeden miesiąc - zmodyfikowane pliki i foldery ======== (Załączenie wejścia w fixlist spowoduje przeniesienie pliku/folderu.) 2015-12-06 16:24 - 2015-06-08 15:23 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2015-12-06 16:20 - 2015-08-11 19:49 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-12-06 16:18 - 2015-02-22 16:15 - 00000000 __SHD C:\Users\Martyna\IntelGraphicsProfiles 2015-12-06 16:17 - 2015-06-08 15:23 - 00001168 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2015-12-06 16:17 - 2015-02-22 16:20 - 00000000 ____D C:\ProgramData\NVIDIA 2015-12-06 16:17 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-06 16:11 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\GroupPolicy 2015-12-06 16:06 - 2015-09-23 09:37 - 00000930 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-12-06 14:15 - 2014-03-18 10:56 - 01825074 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-06 14:15 - 2014-03-18 10:28 - 00807160 _____ C:\Windows\system32\perfh015.dat 2015-12-06 14:15 - 2014-03-18 10:28 - 00163478 _____ C:\Windows\system32\perfc015.dat 2015-12-06 14:15 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2015-12-04 21:50 - 2015-03-04 10:49 - 00000363 _____ C:\Users\Martyna\Documents\BIMx_Export_Log.txt 2015-12-04 21:50 - 2015-02-23 18:00 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Abvent_Artlantis5 2015-12-04 21:49 - 2015-03-04 10:48 - 00000000 ____D C:\Users\Martyna\Graphisoft 2015-12-04 17:11 - 2015-03-04 10:49 - 00000000 ____D C:\Users\Martyna\Documents\BIMx 2015-12-03 20:32 - 2015-02-22 15:02 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-492168682-3674762022-4208976723-1001 2015-12-03 17:43 - 2015-02-22 14:56 - 00000000 ____D C:\Users\Martyna 2015-12-03 09:42 - 2015-09-29 11:08 - 00000000 ____D C:\Users\Martyna\AppData\Local\Spotify 2015-12-03 09:38 - 2015-09-29 11:06 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Spotify 2015-12-02 09:33 - 2015-08-29 19:21 - 00003810 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-02 09:33 - 2015-02-22 15:51 - 00004046 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-01 20:03 - 2015-04-16 09:45 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\vlc 2015-12-01 15:50 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2015-11-30 17:36 - 2015-02-22 14:56 - 00000000 ____D C:\Users\Martyna\AppData\Local\Packages 2015-11-30 15:56 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2015-11-30 15:17 - 2015-02-22 14:57 - 00001468 _____ C:\Users\Martyna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-11-29 17:39 - 2015-02-22 15:51 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-11-29 17:39 - 2015-02-22 15:51 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2015-11-29 17:20 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2015-11-29 16:29 - 2015-11-04 08:30 - 00000000 ____D C:\Windows\system32\log 2015-11-29 16:29 - 2015-02-22 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-11-29 16:28 - 2015-06-07 16:59 - 00000000 ____D C:\AdwCleaner 2015-11-29 15:07 - 2015-06-08 15:26 - 00000000 ___RD C:\Users\Martyna\Dropbox 2015-11-29 14:57 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-11-29 14:47 - 2015-06-08 15:23 - 00000000 ____D C:\Users\Martyna\AppData\Local\Dropbox 2015-11-28 12:59 - 2015-09-14 07:21 - 00000992 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-11-26 16:25 - 2015-02-23 17:16 - 00000000 ____D C:\Program Files\Artlantis Studio 5 2015-11-25 16:07 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\FxsTmp 2015-11-25 13:52 - 2015-03-04 10:48 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Graphisoft 2015-11-25 13:42 - 2015-02-23 18:02 - 00006536 _____ C:\Windows\vpd.properties 2015-11-25 13:40 - 2015-02-23 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRAPHISOFT 2015-11-25 12:44 - 2015-02-23 17:57 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Install.GS 2015-11-23 19:33 - 2015-02-22 14:57 - 00000000 ____D C:\Users\Martyna\AppData\Roaming\Adobe 2015-11-20 21:25 - 2014-11-11 22:20 - 00000000 ____D C:\Windows\system32\MRT 2015-11-20 21:20 - 2015-03-16 19:09 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-11-20 13:04 - 2015-09-01 22:08 - 00000000 ____D C:\Program Files (x86)\Opera 2015-11-20 12:54 - 2013-08-22 15:44 - 05029000 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-20 12:49 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData 2015-11-16 15:07 - 2015-10-09 07:22 - 00000000 ____D C:\Users\Martyna\Desktop\PORTFOLIO 2015-11-12 18:17 - 2015-02-23 17:01 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-11-12 15:24 - 2015-06-08 15:23 - 00000000 ____D C:\Program Files (x86)\Dropbox 2015-11-12 10:37 - 2015-02-23 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-11-10 19:06 - 2015-09-23 09:37 - 00003818 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-10 19:06 - 2015-09-14 07:21 - 00003960 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier ==================== Pliki w katalogu głównym wybranych folderów ======= 2015-03-18 16:47 - 2015-07-13 09:01 - 0000132 _____ () C:\Users\Martyna\AppData\Roaming\Preferencje formatu PNG CS6 firmy Adobe 2015-08-26 10:37 - 2015-08-26 10:41 - 0000161 _____ () C:\Users\Martyna\AppData\Roaming\settings.xml 2015-08-27 07:57 - 2015-09-02 20:30 - 0029184 _____ () C:\Users\Martyna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-12-06 16:17 - 2015-12-06 16:17 - 0000000 ____H () C:\ProgramData\cm-lock ==================== Bamital & volsnap ================= (Brak automatycznej naprawy dla plików które nie przeszły weryfikacji.) C:\Windows\system32\winlogon.exe => Plik podpisany cyfrowo C:\Windows\system32\wininit.exe => Plik podpisany cyfrowo C:\Windows\explorer.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\explorer.exe => Plik podpisany cyfrowo C:\Windows\system32\svchost.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\svchost.exe => Plik podpisany cyfrowo C:\Windows\system32\services.exe => Plik podpisany cyfrowo C:\Windows\system32\User32.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\User32.dll => Plik podpisany cyfrowo C:\Windows\system32\userinit.exe => Plik podpisany cyfrowo C:\Windows\SysWOW64\userinit.exe => Plik podpisany cyfrowo C:\Windows\system32\rpcss.dll => Plik podpisany cyfrowo C:\Windows\system32\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\SysWOW64\dnsapi.dll => Plik podpisany cyfrowo C:\Windows\system32\Drivers\volsnap.sys => Plik podpisany cyfrowo LastRegBack: 2015-11-27 08:59 ==================== Koniec FRST.txt ============================

Addition

Kod: Zaznacz wszystko: Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:05-12-2015 Uruchomiony przez Martyna (2015-12-06 16:24:26) Uruchomiony z C:\Users\Martyna\Desktop\czyszczenie Windows 8.1 Pro (X64) (2015-02-22 13:55:23) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-492168682-3674762022-4208976723-500 - Administrator - Disabled) Gość (S-1-5-21-492168682-3674762022-4208976723-501 - Limited - Disabled) Martyna (S-1-5-21-492168682-3674762022-4208976723-1001 - Administrator - Enabled) => C:\Users\Martyna UpdatusUser (S-1-5-21-492168682-3674762022-4208976723-1002 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 3DS Export for SketchUp (HKLM-x32\...\3DS Export for SketchUp_is1) (Version: - SYCODE) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Aero Glass for Win8.1 (HKLM\...\Aero Glass for Win8.1_is1) (Version: 1.2.5 - Big Muscle) Aktualizacje NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation) ArchiCAD 18 POL (HKLM\...\001FFF2FFF18FF00FF1801F01F02F000-R1) (Version: 18.0 - GRAPHISOFT) Artlantis 5 Exporter for SketchUp 8 (HKLM-x32\...\Abvent_Skp8toATL5) (Version: - ) Artlantis 5 Exporter for SketchUp Pro 2015 32-Bit (HKLM-x32\...\Abvent_SkpPro2015_32BittoATL5) (Version: - Abvent R&D) Artlantis Studio 5.1.2.4 (64 bit) (HKLM\...\Artlantis Studio 5 (64 bit)) (Version: 5.1.2.4 - Abvent R&D) Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk) Autodesk 3ds Max Design 2015 (HKLM\...\Autodesk 3ds Max Design 2015) (Version: 17.3.374.0 - Autodesk) Autodesk 3ds Max Design 2015 (Version: 17.3.374.0 - Autodesk) Hidden Autodesk 3ds Max Design 2015 SP3 (HKLM\...\Autodesk 3ds Max Design 2015 SP3) (Version: 17.3.374.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk) Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk) Autodesk Civil View for 3ds Max Design 2015 64-bit (HKLM\...\{1C4FFAF0-5DBB-4F7A-A386-46747D060826}) (Version: 17.0.0.0 - Autodesk) Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk) Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden Autodesk Inventor Server Engine for 3ds Max Design 2015 (HKLM\...\{D7DEFF4A-BB64-48CC-81AB-845BA62D6032}) (Version: 17.0 - Autodesk) Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk) Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk) Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.107.0 - Autodesk) Hidden Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software) CodeMeter Runtime Kit v5.10a (HKLM\...\{CADFF08A-A157-474F-B6A8-8F26F81F7ABE}) (Version: 5.10.1224.501 - WIBU-SYSTEMS AG) CWK (Czasowy Wyłącznik Komputera) (HKLM-x32\...\CWK) (Version: 2.52.3.43 - Damian Pasternak) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd) Driver (HKLM-x32\...\{C9A7E6A6-110D-4DBC-A8E2-F634613B5A8C}_is1) (Version: - TCL Commumication Technology Holdings Limited) Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.143.923 - Foxit Software Inc.) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.3.320 - Foxit Software Inc.) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.73 - Google Inc.) Google SketchUp Pro 8 (HKLM-x32\...\{E0A160F1-127B-43AC-AF96-EBB6319B01C7}) (Version: 3.0.4811 - Google, Inc.) Google SketchUp Pro 8 PL (x32 Version: 8.0.4811.3 - Progrupa sp. z o.o.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu) HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) KeyShot 5 64 bit (HKLM-x32\...\KeyShot 5_64) (Version: 5.0 64 bit - Luxion ApS) K-Lite Codec Pack 11.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - ) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.0.3 - LG Electronics) LG One Click Root (HKLM-x32\...\{5085AFF1-777B-4052-85D1-59140D26DB28}) (Version: 1.3.0.0 - avicohh software) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker 6.0 for Windows 7 (64-bit) (HKLM\...\{A7395F20-2B22-4CB8-8510-B452C0F47E02}) (Version: 6.0.0 - Microsoft Corporation) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden NVIDIA Oprogramowanie systemu PhysX 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.62 - NVIDIA Corporation) NVIDIA Sterownik graficzny 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation) Opera Stable 33.0.1990.115 (HKLM-x32\...\Opera 33.0.1990.115) (Version: 33.0.1990.115 - Opera Software) Panel sterowania NVIDIA 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Polski pakiet językowy dla programu Google SketchUp Pro 8 (HKLM-x32\...\Google SketchUp Pro 8 PL) (Version: 8.0.4811.3 - Progrupa sp. z o.o.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SketchUp 2015 (HKLM-x32\...\{D0A0BE3D-8D66-4BE9-87C4-D30CA5AA93A3}) (Version: 15.3.330 - Trimble Navigation Limited) Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\Spotify) (Version: 1.0.19.106.gb8a7150f - Spotify AB) StartIsBack+ (HKLM-x32\...\StartIsBack) (Version: 1.6.2 - startisback.com) TakeOwnershipEx (HKLM-x32\...\TakeOwnershipEx) (Version: 1.2.0.1 - hxxp://winaero.com) Total Video Converter 3.71 100812 (HKLM-x32\...\Total Video Converter 3.71_is1) (Version: - EffectMatrix Inc.) Ultra Defragmenter (HKLM-x32\...\UltraDefrag) (Version: 6.1.1 - UltraDefrag Development Team) Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{CF394926-359E-48E1-AA25-E56B32FCB335}) (Version: - Microsoft) VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation) YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL cenzura!ÇÕES LTDA) <==== UWAGA ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max Design 2015\Inventor Server\Bin\TestServer.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Martyna\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Martyna\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max Design 2015\Inventor Server\Bin\TestServer.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-492168682-3674762022-4208976723-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max Design 2015\Inventor Server\Bin\TestServer.dll => Brak pliku ==================== Punkty Przywracania systemu ========================= 22-11-2015 13:51:15 Windows Update 26-11-2015 10:29:44 Windows Update 29-11-2015 14:35:15 Windows Update ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {187D6D59-297A-4BAD-9CA9-DE86D211D3AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10] (Adobe Systems Incorporated) Task: {3180FCB5-9736-43AE-A78B-D2928717262D} - System32\Tasks\Opera scheduled Autoupdate 1441966932 => C:\Program Files (x86)\Opera\launcher.exe [2015-11-16] (Opera Software) Task: {32876EFE-DF65-4AA3-ACFD-8C7B05009622} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-04] (AVAST Software) Task: {39C7CFC0-398A-4F57-A801-7CD4CFEDFF5E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-27] (AVAST Software) Task: {4635C4D9-6DBE-43A9-AA69-BBB5DFD00EC8} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-08] (Dropbox, Inc.) Task: {4D651F49-A17C-4925-9949-B2C72B985990} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-492168682-3674762022-4208976723-1001 => C:\Users\Martyna\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-10-31] (Microsoft Corporation) Task: {653BF400-8182-4E2A-AB7F-8E5468DB0577} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {7049A30B-1FBF-49D9-8A39-061A7313B931} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-22] (Google Inc.) Task: {74E39FCB-92A6-4093-946F-AC888F846677} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-08] (Dropbox, Inc.) Task: {802265C3-D48E-43B2-ADCC-212BFC322CCC} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe [2015-11-10] (Adobe Systems Incorporated) Task: {82061315-9B7C-4C08-8C0F-E1CB0A245F82} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-22] (Google Inc.) Task: {86FF49C7-C00D-4272-8EC2-554BE91360CE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {93BC20C8-F222-435D-986F-207A54F27E64} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {B0D2B174-4C0E-4482-9B5F-0804629C52D3} - System32\Tasks\Aero Glass => C:\AeroGlass\aerohost.exe [2014-05-04] (Big Muscle) Task: {B3A13EDC-B908-479E-9E2E-F37FBC7A758A} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe Task: {FA7C4196-4556-4AC6-80D7-300D65831178} - System32\Tasks\{5F91188F-6EFC-4A27-B30F-36CC8B8F376D} => Chrome.exe hxxp://ui.skype.com/ui/0/7.6.0.105/pl/go/help.faq.installer?LastError=1618 (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2013-12-26 19:42 - 2013-12-26 19:42 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2015-07-27 16:08 - 2015-07-27 16:08 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-07-27 16:08 - 2015-07-27 16:08 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-12-04 20:52 - 2015-12-04 20:52 - 02802176 _____ () C:\Program Files\AVAST Software\Avast\defs\15120403\algo.dll 2015-12-06 16:20 - 2015-12-06 16:20 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15120600\algo.dll 2015-02-22 16:44 - 2013-12-22 07:22 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2015-02-22 16:44 - 2013-12-22 07:22 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2015-07-27 16:09 - 2015-07-27 16:09 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-02-22 16:15 - 2013-08-08 13:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-11-20 13:04 - 2015-11-20 13:03 - 60736120 _____ () C:\Program Files (x86)\Opera\33.0.1990.115\opera.dll 2015-11-20 13:04 - 2015-11-20 13:03 - 01919608 _____ () C:\Program Files (x86)\Opera\33.0.1990.115\libglesv2.dll 2015-11-20 13:04 - 2015-11-20 13:03 - 00081528 _____ () C:\Program Files (x86)\Opera\33.0.1990.115\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Martyna\Desktop\45246e50fa741595566bf215831ac45d.jpg DNS Servers: 86.63.64.48 - 86.63.64.49 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "ADSKAppManager" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "SwitchBoard" HKLM\...\StartupApproved\Run32: => "Dropbox" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-492168682-3674762022-4208976723-1001\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{FDFCB25C-5E1C-4E2A-8B47-AF88EE8117F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{30F9550F-4593-4E3C-8903-086F5EE98A29}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{3D28E5A8-13CC-4868-A11E-940D75852611}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe FirewallRules: [{10056017-4A31-4901-8A0D-393360D16559}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe FirewallRules: [{249371FA-059D-4DF8-A6D1-C348D1CCB614}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe FirewallRules: [{6BE76E89-A332-4CB4-890C-FD069F5E1665}] => (Allow) C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe FirewallRules: [TCP Query User{F020B984-0B3E-465A-BEDC-0F1785FE5C57}C:\program files\artlantis studio 5\artlantis license manager.exe] => (Allow) C:\program files\artlantis studio 5\artlantis license manager.exe FirewallRules: [UDP Query User{C5C6835F-49EE-41A8-BE70-88E8957699F9}C:\program files\artlantis studio 5\artlantis license manager.exe] => (Allow) C:\program files\artlantis studio 5\artlantis license manager.exe FirewallRules: [{BA4C14C2-AC96-441D-B7D5-BE02C91661A1}] => (Allow) C:\Program Files\KeyShot5\bin\keyshot5.exe FirewallRules: [{CAAF8E99-14B3-4785-A9FF-ADC2267BC3A2}] => (Allow) C:\Program Files\KeyShot5\bin\keyshot_daemon.exe FirewallRules: [{CC0BAB16-3B1F-4B53-97A3-EB722CCEF857}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe FirewallRules: [{AAB7F5C5-FEAB-460A-BF65-0266D89E6444}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe FirewallRules: [{CED1A1DB-79DE-4316-9CEE-BACB7034F013}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe FirewallRules: [{FCB5FB1A-B98A-44DF-9BF5-CDF4203E6787}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\CineRender\CineRender 64bit.exe FirewallRules: [TCP Query User{EE882780-743E-4FD1-AB0C-E78539E337A6}C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe] => (Allow) C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe FirewallRules: [UDP Query User{8D06962D-7F82-4A1F-9F07-0A77054557C9}C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe] => (Allow) C:\program files\graphisoft\archicad 18\cinerender\cinerender 64bit.exe FirewallRules: [TCP Query User{6847D2FE-56DE-4187-9074-47311B025754}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{016D1DFC-76BB-47CC-A308-CFC602282FAF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{9938255E-FAD5-4AB0-8342-3A6FA1AB5A49}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{76BCA8A1-8EE3-467F-987E-93EA0E380ABA}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{FDB31D49-2D1A-4780-B46F-DE4E115FFE8F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{816BC97F-549C-4A6A-933E-AF17EDCB82AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{72222DDA-E68D-48A2-8335-A3353EDD2B06}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{3E786064-C37F-4884-97CB-19EA731B6C76}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{E556D021-3083-43BA-B712-4DA4F8208178}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{913AE92C-A416-442B-A24B-7FCF9DB98C5D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{74F5111C-0F69-4539-9CA8-E4DEF2E8B797}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{3A79235E-FF84-4757-8A23-47F8FA13B156}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{FCC8C1F4-E8FF-467B-B6C4-E9291E9050FF}C:\program files\artlantis studio 5\artlantis license manager.exe] => (Allow) C:\program files\artlantis studio 5\artlantis license manager.exe FirewallRules: [UDP Query User{4054FC6D-04DF-430A-B308-2ADD162228E0}C:\program files\artlantis studio 5\artlantis license manager.exe] => (Allow) C:\program files\artlantis studio 5\artlantis license manager.exe FirewallRules: [{FE756ED8-7010-4F84-9ED9-A25DB465125C}] => (Allow) LPort=1688 FirewallRules: [{8089400C-350A-4F59-B75F-E9107A50F3B5}] => (Allow) C:\Users\Martyna\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{8B4E278D-FE0C-4F19-9E90-8F53151C334A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{97C962F8-61FA-4FDE-8D61-5AC32D076C43}] => (Allow) LPort=2869 FirewallRules: [{A633F620-FB6E-44B6-AE20-F9735B491D79}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{CFE425C9-81BB-4A81-8369-BEB05E2EAF23}C:\users\martyna\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\martyna\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{2ED56141-3092-4031-918C-6016DDD731AE}C:\users\martyna\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\martyna\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{04B6B5F1-68C5-457F-9A94-230CEEA271F2}C:\users\martyna\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\martyna\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{E7629360-3A46-4361-88FA-165D8AD59FAF}C:\users\martyna\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\martyna\appdata\roaming\spotify\spotify.exe FirewallRules: [{4809F7BE-23A0-495F-BF14-A31F5C0A8212}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{50D31DAC-74C3-4531-B1AC-B536D498989D}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [TCP Query User{E02A05B2-F2A7-4E95-B50B-00565B1C3D67}C:\program files\graphisoft\archicad 18\licensefilegenerator.exe] => (Allow) C:\program files\graphisoft\archicad 18\licensefilegenerator.exe FirewallRules: [UDP Query User{A2D78FF8-FC64-41CD-B221-C27252D2DDF7}C:\program files\graphisoft\archicad 18\licensefilegenerator.exe] => (Allow) C:\program files\graphisoft\archicad 18\licensefilegenerator.exe FirewallRules: [{94C13886-C27F-4ED3-8A34-7518DC99A9DC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{15993311-154A-4358-9F3F-2827B0576EDF}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe FirewallRules: [{74129EBC-3F12-43E2-ABE1-D0D5AB621FCC}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 18\ArchiCAD.exe FirewallRules: [{2B6691A1-3674-430B-B8B2-97D97676530B}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{58D28B8E-D294-4CFD-9EAD-1404D39A88B2}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{E9BBCF83-88F7-4415-B093-E7C698CFE0BD}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{527D7F6B-DABF-4FEC-8B0E-7BA4E8196F87}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{D067A096-4D20-4884-94A2-665D4322EDE6}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{199BCCAF-B79D-42BE-8284-CFB1F07A0296}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{7B003739-1C27-475B-84F6-5FE2519030BC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{4B2995DC-DDF1-4B69-BF46-3A85A32F995A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: USB2.0-CRW Description: USB2.0-CRW Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/03/2015 10:32:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 47.0.2526.73, sygnatura czasowa: 0x5653f7b4 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000008 Przesunięcie błędu: 0x860e311a Identyfikator procesu powodującego błąd: 0x1390 Godzina uruchomienia aplikacji powodującej błąd: 0xchrome.exe0 Ścieżka aplikacji powodującej błąd: chrome.exe1 Ścieżka modułu powodującego błąd: chrome.exe2 Identyfikator raportu: chrome.exe3 Pełna nazwa pakietu powodującego błąd: chrome.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: chrome.exe5 Error: (12/03/2015 07:48:07 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: ) Description: Menedżer okien pulpitu napotkał błąd krytyczny (0x8898008d). Error: (12/02/2015 09:03:01 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program SketchUp.exe w wersji 15.0.9351.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 1004 Godzina rozpoczęcia: 01d12d3a81c3d945 Godzina zakończenia: 14 Ścieżka aplikacji: C:\Program Files (x86)\SketchUp\SketchUp 2015\SketchUp.exe Identyfikator raportu: af4a36cb-992f-11e5-82df-208984434fed Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (12/02/2015 08:49:07 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program SketchUp.exe w wersji 15.0.9351.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 12a4 Godzina rozpoczęcia: 01d12d37764c60c1 Godzina zakończenia: 16 Ścieżka aplikacji: C:\Program Files (x86)\SketchUp\SketchUp 2015\SketchUp.exe Identyfikator raportu: bd104626-992d-11e5-82df-208984434fed Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (12/02/2015 03:19:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 46.0.2490.86, sygnatura czasowa: 0x563d61a1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000008 Przesunięcie błędu: 0x6b3f311a Identyfikator procesu powodującego błąd: 0x1790 Godzina uruchomienia aplikacji powodującej błąd: 0xchrome.exe0 Ścieżka aplikacji powodującej błąd: chrome.exe1 Ścieżka modułu powodującego błąd: chrome.exe2 Identyfikator raportu: chrome.exe3 Pełna nazwa pakietu powodującego błąd: chrome.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: chrome.exe5 Error: (12/02/2015 02:55:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 46.0.2490.86, sygnatura czasowa: 0x563d61a1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000008 Przesunięcie błędu: 0x6b3f311a Identyfikator procesu powodującego błąd: 0x1338 Godzina uruchomienia aplikacji powodującej błąd: 0xchrome.exe0 Ścieżka aplikacji powodującej błąd: chrome.exe1 Ścieżka modułu powodującego błąd: chrome.exe2 Identyfikator raportu: chrome.exe3 Pełna nazwa pakietu powodującego błąd: chrome.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: chrome.exe5 Error: (12/02/2015 02:55:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 46.0.2490.86, sygnatura czasowa: 0x563d61a1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000008 Przesunięcie błędu: 0x6b3f311a Identyfikator procesu powodującego błąd: 0xf0c Godzina uruchomienia aplikacji powodującej błąd: 0xchrome.exe0 Ścieżka aplikacji powodującej błąd: chrome.exe1 Ścieżka modułu powodującego błąd: chrome.exe2 Identyfikator raportu: chrome.exe3 Pełna nazwa pakietu powodującego błąd: chrome.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: chrome.exe5 Error: (12/02/2015 02:50:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 46.0.2490.86, sygnatura czasowa: 0x563d61a1 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000008 Przesunięcie błędu: 0x6b3f311a Identyfikator procesu powodującego błąd: 0x10b8 Godzina uruchomienia aplikacji powodującej błąd: 0xchrome.exe0 Ścieżka aplikacji powodującej błąd: chrome.exe1 Ścieżka modułu powodującego błąd: chrome.exe2 Identyfikator raportu: chrome.exe3 Pełna nazwa pakietu powodującego błąd: chrome.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: chrome.exe5 Error: (12/02/2015 09:55:02 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: 3dsmax.exe, wersja: 17.3.374.0, sygnatura czasowa: 0x5486dd0c Nazwa modułu powodującego błąd: MSVCR110.dll, wersja: 11.0.51106.1, sygnatura czasowa: 0x5098826e Kod wyjątku: 0xc0000409 Przesunięcie błędu: 0x00000000000740c4 Identyfikator procesu powodującego błąd: 0xf3c Godzina uruchomienia aplikacji powodującej błąd: 0x3dsmax.exe0 Ścieżka aplikacji powodującej błąd: 3dsmax.exe1 Ścieżka modułu powodującego błąd: 3dsmax.exe2 Identyfikator raportu: 3dsmax.exe3 Pełna nazwa pakietu powodującego błąd: 3dsmax.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: 3dsmax.exe5 Error: (12/02/2015 09:50:23 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: WSCommCntr4.exe, wersja: 4.0.3.0, sygnatura czasowa: 0x52e23951 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.3.9600.18007, sygnatura czasowa: 0x55c4c16b Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000003d86e Identyfikator procesu powodującego błąd: 0x202c Godzina uruchomienia aplikacji powodującej błąd: 0xWSCommCntr4.exe0 Ścieżka aplikacji powodującej błąd: WSCommCntr4.exe1 Ścieżka modułu powodującego błąd: WSCommCntr4.exe2 Identyfikator raportu: WSCommCntr4.exe3 Pełna nazwa pakietu powodującego błąd: WSCommCntr4.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: WSCommCntr4.exe5 Dziennik System: ============= Error: (12/06/2015 04:23:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa NVIDIA Update Service Daemon zawiesiła się podczas uruchamiania. Error: (12/06/2015 04:17:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi iSafeService z powodu następującego błędu: %%2 Error: (12/06/2015 02:14:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Sklep Windows (WSService) z powodu następującego błędu: %%1053 Error: (12/06/2015 02:14:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Sklep Windows (WSService). Error: (12/05/2015 11:52:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Sklep Windows (WSService) z powodu następującego błędu: %%1053 Error: (12/05/2015 11:52:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Sklep Windows (WSService). Error: (12/05/2015 11:52:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Sklep Windows (WSService) z powodu następującego błędu: %%1053 Error: (12/05/2015 11:52:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Sklep Windows (WSService). Error: (12/04/2015 06:40:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Sklep Windows (WSService) z powodu następującego błędu: %%1053 Error: (12/04/2015 06:40:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa Sklep Windows (WSService). CodeIntegrity: =================================== Date: 2015-12-06 14:14:31.591 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-12-06 14:14:31.435 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-12-05 13:16:53.467 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\OldNewExplorer64.dll that did not meet the Windows signing level requirements. Date: 2015-12-05 13:16:52.858 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-12-05 11:53:10.204 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-12-05 11:53:10.036 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-12-05 11:53:10.036 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-12-04 18:40:58.987 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-12-04 18:40:58.839 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-12-04 18:40:58.834 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz Procent pamięci w użyciu: 41% Całkowita pamięć fizyczna: 3957.6 MB Dostępna pamięć fizyczna: 2334.29 MB Całkowita pamięć wirtualna: 7925.6 MB Dostępna pamięć wirtualna: 6224.38 MB ==================== Dyski ================================ Drive c: (SYSTEM) (Fixed) (Total:194.97 GB) (Free:101.06 GB) NTFS Drive e: (Pliki) (Fixed) (Total:443.21 GB) (Free:433.41 GB) exFAT Drive f: (Programy) (Fixed) (Total:292.96 GB) (Free:181.66 GB) exFAT ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9ED40981) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=293 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=443.2 GB) - (Type=OF Extended) ==================== Koniec Addition.txt ============================

**Posty:** 4765 · przez **ordynat** 06 Gru 2015, 18:31

1) Odinstaluj
YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL cenzura!ÇÕES LTDA) <==== UWAGA

2) Otwórz Notatnik i wklej w nim:

R1 iSafeKrnl; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [X]
R1 iSafeKrnlKit; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [X]
R1 iSafeKrnlR3; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [X]
S1 iSafeNetFilter; system32\DRIVERS\iSafeNetFilter.sys [X]
S2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [X]
CHR HomePage: Default -> hxxp://www.v9.com?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
CHR StartupUrls: Default -> "hxxp://www.v9.com?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z"
CHR DefaultSearchURL: Default -> hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms}
CHR DefaultSearchKeyword: Default -> v9
HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
HKU\S-1-5-21-492168682-3674762022-4208976723-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
HKU\S-1-5-21-492168682-3674762022-4208976723-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
URLSearchHook: [S-1-5-21-492168682-3674762022-4208976723-1002] UWAGA => Brak domyślnego URLSearchHook
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM-x32 -> DefaultScope - brak wartości
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms}
SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1001 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms}
SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1002 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1447057737&from=zzgbkk123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z&q={searchTerms}
SearchScopes: HKU\S-1-5-21-492168682-3674762022-4208976723-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ6e1krQXBFZY3cpHyPHx4OFv5bsejzZi1ELpnV-Ke_ul6IqEzvm0K2rUUAgrvHB1Kg-O_kd2vV0yaGCtdeE4B9fNBScvA_5ZxN-qRnMA0Kdv5ICEOmMsdNrk2Ts5zo50cRt0BEP-QQuknbFTOw9Tg8yFjzQ,,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?type=hp&ts=1447057737&from=mych123&uid=st1000lm024xhn-m101mbb_s2u5j9cd145092&z=2a3a7ecd90d89a6e0146122g0zdz0m6e7wambm8z5z
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix (NAPRAW).
Powstanie plik fixlog.txt.
Daj ten log.

3) Zrób nowe logi FRST.
.