Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 12.02.2018 Uruchomiony przez AMDK (16-02-2018 14:26:23) Uruchomiony z C:\Users\AMDK\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2017-10-18 13:24:46) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1667539775-1210465141-673175957-500 - Administrator - Disabled) AMDK (S-1-5-21-1667539775-1210465141-673175957-1000 - Administrator - Enabled) => C:\Users\AMDK Gość (S-1-5-21-1667539775-1210465141-673175957-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1667539775-1210465141-673175957-1003 - Limited - Enabled) UpdatusUser (S-1-5-21-1667539775-1210465141-673175957-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET NOD32 Antivirus 9.0.407.0 (Enabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET NOD32 Antivirus 9.0.407.0 (Enabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 18.01 (HKLM-x32\...\7-Zip) (Version: 18.01 - Igor Pavlov) ACDSee Video Studio 2 (HKLM\...\ACDSee_acdVStudio2) (Version: 2.0.0.588 - ACD Systems International Inc.) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated) Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.7 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.50.2037 RC 2, 17.10.2017 - AIMP DevTeam) Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.) Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.) Archiwizator WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0030 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS) Avidemux 2.7 - 64 bits (HKLM-x32\...\Avidemux 2.7 - 64 bits (64-bit)) (Version: 2.7.0.170814 - ) AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.) Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications) Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.6.1.117 - MAGIX Software GmbH) CyTaT 5.1 (HKLM-x32\...\CyTaT_is1) (Version: - AMIGO Software) Efficient Diary Pro wersja 5.10 (HKLM-x32\...\Efficient Diary Pro_is1) (Version: 5.10 - ) ESET NOD32 Antivirus (HKLM\...\{854E8B33-874F-48FC-815B-006D4AB5A077}) (Version: 9.0.385.1 - ESET, spol. s r.o.) ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - ) GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team) GoldenDict (HKLM-x32\...\GoldenDict) (Version: - ) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation) Java 9.0.4 (64-bit) (HKLM\...\{885A3911-0760-5252-92C2-001B92997DEA}) (Version: 9.0.4.0 - Oracle Corporation) Java(TM) SE Development Kit 9.0.4 (64-bit) (HKLM\...\{1EF87463-0B0F-5B2A-B167-22B5CD371ACD}) (Version: 9.0.4.0 - Oracle Corporation) KeePass Password Safe 2.37 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.37 - Dominik Reichl) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) LibreOffice 5.4.4.2 (HKLM\...\{36E72E7B-9992-4C69-88B1-5E466E4A1386}) (Version: 5.4.4.2 - The Document Foundation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Mozilla Firefox 58.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 58.0.2 (x64 pl)) (Version: 58.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 58.0.2.6611 - Mozilla) Mozilla Thunderbird 52.6.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 52.6.0 (x86 pl)) (Version: 52.6.0 - Mozilla) MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) NVIDIA Sterownik graficzny 268.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.56 - NVIDIA Corporation) OLYMPUS Viewer 3 (HKLM-x32\...\{CC2205DE-4C99-4FAD-A0AE-A1B5267E60B7}) (Version: 2.3.0 - Olympus Corporation) Pakiet sterowników systemu Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.) Panel sterowania NVIDIA 268.56 (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 268.56 - NVIDIA Corporation) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 6.5 - Power Software Ltd) qBittorrent 3.3.16 (HKLM-x32\...\qBittorrent) (Version: 3.3.16 - The qBittorrent project) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6373 - Realtek Semiconductor Corp.) Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.) Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.) SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk) Sunrise Seven 1.2.61 (HKLM-x32\...\{AB0DBC9A-422A-4888-A8E5-A32EC1779E68}_is1) (Version: - Sunrise Software) VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.21 - IDRIX) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1667539775-1210465141-673175957-1000_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll () ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) ContextMenuHandlers1-x32: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2011-03-13] (Atheros Commnucations) ContextMenuHandlers1-x32: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-10-20] (ESET) ContextMenuHandlers1-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers1-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-19] () ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] (Alexander Roshal) ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-10-20] (ESET) ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2011-03-13] (Atheros Commnucations) ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-19] () ContextMenuHandlers4-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] (Alexander Roshal) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-01-27] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2011-05-11] (NVIDIA Corporation) ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) ContextMenuHandlers6-x32: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-10-20] (ESET) ContextMenuHandlers6-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers6-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.) ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-19] () ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0259F58F-45D2-4E7F-913B-8C1D9575C4B6} - System32\Tasks\Connect => C:\Program Files (x86)\MAGIX\Connect\connect.exe [2017-08-02] (MAGIX Software GmbH) Task: {0A7163EE-0DAA-4B7D-AA6A-AF93E8828E43} - System32\Tasks\AdobeAAMUpdater-1.0-AMDK-Komputer-AMDK => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated) Task: {45FC8A56-E0E2-411C-AF53-9B3287C1123B} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS) Task: {66EC9D5C-482A-400F-A548-2D45C57E8AAD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.) Task: {A43217A3-0919-45C9-A5FE-D45A87E1FAFF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.) Task: {B0DFFE5A-1180-43C1-B390-EDD40CD3D7EB} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS) Task: {D322E7FB-BE15-4B68-9C25-D4308A722B23} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.) Task: {FCB771DA-7959-48C8-9E30-4EB096CBDF0F} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-01] (ASUS) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Connect.job => C:\Program Files (x86)\MAGIX\Connect\connect.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2017-10-18 14:38 - 2008-06-19 23:41 - 000062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2010-04-02 18:21 - 2008-09-30 22:08 - 000011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2010-07-14 15:11 - 2010-07-14 15:11 - 000031360 _____ () C:\Program Files\P4G\DevMng.dll 2013-04-28 09:24 - 2013-03-09 03:06 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2017-10-20 18:50 - 2016-09-13 13:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2017-10-20 18:50 - 2016-09-13 13:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2017-10-20 18:50 - 2016-09-13 13:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2017-10-20 18:50 - 2017-05-12 10:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com Wykryto więcej niż wyliczono: 7936 witryn. IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1000\...\123simsen.com -> www.123simsen.com Wykryto więcej niż wyliczono: 7936 witryn. IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-1667539775-1210465141-673175957-1001\...\123simsen.com -> www.123simsen.com Wykryto więcej niż wyliczono: 7936 witryn. ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2018-01-20 17:00 - 000454512 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com Wykryto więcej niż wyliczono: 15600 linii. ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1667539775-1210465141-673175957-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\AMDK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{92EB636E-A7F1-44E8-A84C-4B9C35FE3049}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{AC22EF21-1E16-4A81-8D13-1CCC76C6FC7B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe FirewallRules: [{70ADC809-E94E-46D9-A78C-6EA5158CE28A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{BCC03901-0AFF-4EEE-A230-3444C64709E0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{2BE24809-908A-46F5-93D6-6659AD38E29F}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe FirewallRules: [{4D3B4180-547E-4868-B8A9-53346171B511}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe FirewallRules: [{E9B98070-53A3-47F9-A821-74903939429C}] => (Block) %ProgramFiles%\Adobe\Adobe Lightroom\lightroom.exe FirewallRules: [{C2FB1770-3523-416E-B104-CE329A23A790}] => (Block) %ProgramFiles%\Adobe\Adobe Lightroom\lightroom.exe FirewallRules: [{EFE69B54-0E98-4191-847C-5E722874ED22}] => (Block) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe FirewallRules: [{0971C81C-A97D-410C-8B50-9420C75E382F}] => (Block) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe FirewallRules: [{56DD4A9A-DAEA-4531-A44A-4D0C011BF52B}] => (Block) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe FirewallRules: [{A9B1179F-CFAC-4382-A465-665BD5228E42}] => (Block) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Punkty Przywracania systemu ========================= 27-01-2018 14:10:23 Zaplanowany punkt kontrolny 27-01-2018 15:26:09 Installed LibreOffice 5.4.4.2 07-02-2018 13:13:54 Zaplanowany punkt kontrolny 09-02-2018 09:32:17 Windows Update 09-02-2018 17:45:21 Installed Java(TM) SE Development Kit 9.0.4 (64-bit) 16-02-2018 13:56:42 Revo Uninstaller Pro's restore point - RarmaRadio 2.71.7 16-02-2018 13:57:20 Revo Uninstaller Pro's restore point - TapinRadio 2.09.3 (x64) ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Mysz zgodna z PS/2 Description: Mysz zgodna z PS/2 Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/16/2018 02:08:22 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/16/2018 02:06:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/16/2018 01:58:48 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/16/2018 01:56:41 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {5866dd78-7e54-4202-a7ca-71ecf46b4f9c} Error: (02/16/2018 01:54:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/16/2018 01:48:11 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/15/2018 08:05:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/14/2018 09:08:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (02/16/2018 02:15:15 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (02/16/2018 02:15:15 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (02/16/2018 02:08:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Spybot-S&D 2 Security Center Service z powodu następującego błędu: System Windows nie może zweryfikować podpisu cyfrowego tego pliku. Ostatnia zmiana sprzętu lub oprogramowania mogła spowodować zainstalowanie pliku, który jest niepoprawnie podpisany lub uszkodzony. Możliwe także, że jest to złośliwe oprogramowanie pochodzące z nieznanego źródła. Error: (02/16/2018 02:06:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Spybot-S&D 2 Security Center Service z powodu następującego błędu: System Windows nie może zweryfikować podpisu cyfrowego tego pliku. Ostatnia zmiana sprzętu lub oprogramowania mogła spowodować zainstalowanie pliku, który jest niepoprawnie podpisany lub uszkodzony. Możliwe także, że jest to złośliwe oprogramowanie pochodzące z nieznanego źródła. Error: (02/16/2018 02:05:57 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (02/16/2018 02:05:57 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (02/16/2018 02:05:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Update Service Daemon niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/16/2018 02:05:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. CodeIntegrity: =================================== Date: 2018-02-16 14:26:03.884 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. Date: 2018-02-16 14:26:03.790 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. Date: 2018-02-16 14:26:03.666 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. Date: 2018-02-16 14:26:03.556 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. Date: 2018-02-16 14:08:22.636 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. Date: 2018-02-16 14:06:30.543 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. Date: 2018-02-16 13:58:49.512 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. Date: 2018-02-16 13:54:05.465 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz Procent pamięci w użyciu: 31% Całkowita pamięć fizyczna: 8102.7 MB Dostępna pamięć fizyczna: 5573.14 MB Całkowita pamięć wirtualna: 10148.88 MB Dostępna pamięć wirtualna: 7523.91 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:119.14 GB) (Free:75 GB) NTFS Drive d: () (Fixed) (Total:465.76 GB) (Free:215.23 GB) NTFS Drive f: () (Removable) (Total:14.83 GB) (Free:14.72 GB) FAT32 \\?\Volume{319d1b9d-b407-11e7-81a1-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: FAF61B89) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 465.8 GB) (Disk ID: 00011731) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 14.8 GB) (Disk ID: 69D5F64B) Partition 1: (Active) - (Size=14.8 GB) - (Type=0C) ==================== Koniec Addition.txt ============================