Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja: 04.03.2018 Uruchomiony przez Agnieszka2 (05-03-2018 14:16:03) Uruchomiony z C:\Users\Agnieszka2\Desktop\Download Microsoft Windows 7 Professional Service Pack 1 (X86) (2011-04-12 11:41:29) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= admin (S-1-5-21-2950158651-1325095086-3268382461-1001 - Administrator - Enabled) => C:\Users\admin Administrator (S-1-5-21-2950158651-1325095086-3268382461-500 - Administrator - Disabled) agnieszka (S-1-5-21-2950158651-1325095086-3268382461-1002 - Administrator - Enabled) => C:\Users\agnieszka Agnieszka2 (S-1-5-21-2950158651-1325095086-3268382461-1003 - Administrator - Enabled) => C:\Users\Agnieszka2 Gość (S-1-5-21-2950158651-1325095086-3268382461-501 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Panda Endpoint Protection (Enabled - Up to date) {86971480-9989-6750-B122-681A86518D59} AS: Panda Endpoint Protection (Enabled - Up to date) {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Panda Endpoint Protection Firewall (Enabled) {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) "Opłaty" (HKU\S-1-5-21-2950158651-1325095086-3268382461-1003\...\"Opłaty") (Version: - ) Adobe Acrobat Reader DC - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated) Adobe Flash Player 26 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 26.0.0.131 - Adobe Systems Incorporated) Adobe Flash Player 26 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated) Autodesk DWG TrueView 2017 - English (HKLM\...\DWG TrueView 2017 - English) (Version: 21.0.301.0 - Autodesk) Bonjour (HKLM\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.) Brother MFL-Pro Suite MFC-8860DN (HKLM\...\{9211CCBB-BEFE-4A0C-9199-D7A535DBFE5F}) (Version: 1.0.0.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform) cFosSpeed v10.24 (HKLM\...\cFosSpeed) (Version: 10.24 - cFos Software GmbH, Bonn) DWG TrueView 2017 - English (HKLM\...\{28B89EEF-0028-0409-0000-CF3F3A09B77D}) (Version: 21.0.301.0 - Autodesk) Hidden ESET Endpoint Antivirus (HKLM\...\{A2DC4E36-9FA8-4958-8235-D561A69BABBB}) (Version: 5.0.2225.1 - ESET, spol. s r.o.) EwiMax 3.1 (HKLM\...\{2495D257-FF54-4CC8-96AA-9BBECD0C75B8}) (Version: 2.0.0 - SIMPLE) f.lux (HKU\S-1-5-21-2950158651-1325095086-3268382461-1003\...\Flux) (Version: - f.lux Software LLC) FastStone Photo Resizer 3.6 (HKLM\...\FastStone Photo Resizer) (Version: 3.6 - FastStone Soft.) Firebird 2.1.3.18185 (Win32) (HKLM\...\FBDBServer_2_1_is1) (Version: 2.1.3.18185 - Firebird Project) Firebird 2.5.7.27050 (Win32) (HKLM\...\FBDBServer_2_5_is1) (Version: 2.5.7.27050 - Firebird Project) GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team) GOMiG - Odpady 4.5.5.378 (HKLM\...\GOMiG - Odpady_is1) (Version: - ) Google Chrome (HKLM\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation) IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.42 - Irfan Skiljan) Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Jeti, Jabber in Java (JNLP) (HKU\S-1-5-21-2950158651-1325095086-3268382461-1003\...\Jeti, Jabber in Java (JNLP)) (Version: - Rodan Systems S.A.) Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.) KYOCERA Status Monitor 4 (HKLM\...\{24EE7F6D-C648-463f-9E71-DC5FD2258D16}) (Version: 4.1.3407 - KYOCERA Document Solutions Inc.) KYOCERA Status Monitor 5 (HKLM\...\{24EE7F6D-C648-463f-9E71-DC5FD2258D17}) (Version: 5.0.3802 - KYOCERA Document Solutions Inc.) Kyocera TWAIN Driver (HKLM\...\{9EBE60B5-E6D5-4D30-A719-489CAB37782F}) (Version: 2.0.3404 - KYOCERA Document Solutions Inc.) Hidden Kyocera TWAIN Driver (HKLM\...\InstallShield_{9EBE60B5-E6D5-4D30-A719-489CAB37782F}) (Version: 2.0.3404 - KYOCERA Document Solutions Inc.) Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation) Microsoft .NET Framework 4.7.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.7.02558 - Microsoft Corporation) Microsoft Office 2010 dla Użytkowników Domowych i Małych Firm (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 57.0 (x86 pl) (HKLM\...\Mozilla Firefox 57.0 (x86 pl)) (Version: 57.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla) MSI to redistribute MS VS2005 CRT libraries (HKLM\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Pakiet sterowników systemu Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.4.0 - pdfforge GmbH) PDFill FREE PDF Tools (HKLM\...\{735A3951-E139-4E4A-AFAE-BA25E9FF5E6A}) (Version: 11.0 - PlotSoft LLC) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5874 - Realtek Semiconductor Corp.) Sandboxie 5.16 (32-bit) (HKLM\...\Sandboxie) (Version: 5.16 - Sandboxie Holdings, LLC) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Sony Digital Voice Editor 2 (HKLM\...\Sony Digital Voice Editor 2) (Version: - ) SoundWire Server version 1.9 (HKLM\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 1.9 - GeorgieLabs) TeamViewer 13 (HKLM\...\TeamViewer) (Version: 13.0.6447 - TeamViewer) Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 9.0 - Ghisler Software GmbH) UE4 Prerequisites (x86) (HKLM\...\{6EAAE1C0-6000-45FA-B46D-D206144925BF}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x86) (HKLM\...\{f1203e43-4ddb-4280-974e-73f14d793dbd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden Universal Adb Driver (HKLM\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) WinRAR 4.01 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2950158651-1325095086-3268382461-1003_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2950158651-1325095086-3268382461-1003_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - English\dwgviewr.exe (Autodesk, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-10-27] (Autodesk, Inc.) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> [CC]{2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => -> Brak pliku ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> [CC]{B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> Brak pliku ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Brak pliku ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2013-10-07] (ESET) ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-04] () ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] (Alexander Roshal) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-02-11] (Intel Corporation) ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> [CC]{B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> Brak pliku ContextMenuHandlers6: [UnlockerShellExtension] -> [CC]{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => -> Brak pliku ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Brak pliku ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {2E8EA332-BD80-48F2-9228-1F088AF5EB65} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-19] (Adobe Systems Incorporated) Task: {30B9785D-A9CA-43BB-A2BD-8D9CEBC45BD9} - System32\Tasks\GoogleUpdateTaskMachineUA1d04069a7e992db => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {3EB41BD1-AF15-4B7F-857E-CF029F4CC765} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ab41e24cfe4f => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {3EF5E923-930C-4296-9559-C263F0AFEC97} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bfae25a425a7 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {4BFDAF70-3BB3-4E58-804A-35BC227F444F} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e956e2f22487 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {5556171A-42AA-4D7E-A217-D9974FE2116C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {5ABB14ED-D41C-451D-BE94-86BBC7924610} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated) Task: {7313605C-0495-47C7-B5C5-9E1257B1D437} - System32\Tasks\GoogleUpdateTaskMachineUA1cf48e7fcc0379 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {778C0099-9702-4EC9-98A8-C93C7C86F8E4} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e47b51c28848 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {801E403D-71CA-4B31-9813-69FFDF092D43} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ab41e18047f7 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {811FB877-8504-40B2-9244-3E0DDD7A10FA} - System32\Tasks\GoogleUpdateTaskMachineUA1d0025d27e5a386 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {81467EC4-1201-4353-8B82-6C623B7442ED} - \DealPly -> Brak pliku <==== UWAGA Task: {8CF74B8A-900F-474C-B73D-FF33B2AA0F0D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-07-13] (Piriform Ltd) Task: {9275EA7D-4FDD-44E9-A5DC-8562C5B373B7} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e47b51126274 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {A7F4EDB7-3A66-490A-AB99-1A22FA2874D8} - System32\Tasks\GoogleUpdateTaskMachineUA1d08ecbf93283ba => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {AAFA943D-361F-4EE5-9046-1C0C9901BDED} - System32\Tasks\{9032FE84-D57F-4F2E-9921-CAB709142AF0} => C:\Windows\system32\pcalua.exe -a "E:\aaaaaaaaaaaaaaaaaaaaaaaaa\deinstalator brother.EXE" -d E:\aaaaaaaaaaaaaaaaaaaaaaaaa Task: {B0F4DD0B-A539-4632-83E0-35F3E07A0375} - System32\Tasks\obrapquru => C:\Windows\system32\rundll32.exe "C:\Windows\system32\riched32Q.dll",Virps Task: {BF69654F-DD24-4DF4-9C53-AF8D0AC9A6CF} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f1cee1557e2c => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {FAFE1678-CE61-4664-803A-3048A8C0D75B} - System32\Tasks\GoogleUpdateTaskMachineCore1d15db1290fc4db => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e47b51126274.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d15db1290fc4db.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf48e7fcc0379.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0025d27e5a386.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04069a7e992db.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08ecbf93283ba.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bfae25a425a7.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e47b51c28848.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f1cee1557e2c.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d1ab41e24cfe4f.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\obrapquru.job => rundll32.exe C:\Windows\system32\riched32Q.dll ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Agnieszka2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Załadowane moduły (filtrowane) ============== 2009-10-01 15:07 - 2009-10-01 15:07 - 000011264 _____ () C:\Windows\System32\KOAZ8A_L.DLL 2013-06-06 08:50 - 2009-02-27 15:38 - 000139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll 2013-06-06 08:50 - 2002-11-26 12:43 - 000106496 ____N () C:\Windows\system32\BrMuSNMP.dll 2010-07-04 22:32 - 2010-07-04 22:32 - 000004608 _____ () C:\Program Files\Unlocker\UnlockerHook.dll 2010-07-04 20:51 - 2010-07-04 20:51 - 000017408 _____ () C:\Program Files\Unlocker\UnlockerAssistant.exe 2016-07-13 20:42 - 2016-07-13 20:42 - 000065536 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2018-03-01 12:17 - 2018-02-22 05:12 - 003730264 _____ () C:\Program Files\Google\Chrome\Application\64.0.3282.186\libglesv2.dll 2018-03-01 12:17 - 2018-02-22 05:12 - 000085848 _____ () C:\Program Files\Google\Chrome\Application\64.0.3282.186\libegl.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf 2015-11-11 02:42 - 2015-11-11 02:42 - 001045672 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) HKU\S-1-5-21-2950158651-1325095086-3268382461-1003\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2016-09-09 10:28 - 2016-09-09 10:29 - 000000045 _____ C:\Windows\system32\Drivers\etc\hosts 192.168.0.202 esod 192.168.0.202 esod-test ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2950158651-1325095086-3268382461-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Agnieszka2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) mpsdrv => Usługa "Zapora systemu Windows" nie jest uruchomiona. MpsSvc => Usługa "Zapora systemu Windows" nie jest uruchomiona. ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupfolder: C:^Users^Agnieszka2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Twitch.lnk => C:\Windows\pss\Twitch.lnk.Startup MSCONFIG\startupfolder: C:^Users^Agnieszka2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk => C:\Windows\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk.Startup MSCONFIG\startupreg: BrMfcWnd => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR MSCONFIG\startupreg: ControlCenter3 => C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe" MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: TIDAL => C:\Users\Agnieszka2\AppData\Local\TIDAL\update.exe --processStart TIDAL.exe --process-start-args " -autostart -minimized" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [TCP Query User{2F24376E-51D2-48A6-97A8-5E802F139B67}\\actina\lex\ppp\ppp.exe] => (Block) \\actina\lex\ppp\ppp.exe FirewallRules: [UDP Query User{3EFCED62-12A5-4247-8700-96681068715B}\\actina\lex\ppp\ppp.exe] => (Block) \\actina\lex\ppp\ppp.exe FirewallRules: [{68060808-CC11-4850-AB51-367215E1D604}] => (Allow) LPort=2869 FirewallRules: [{59E0A92D-C0DB-4F82-BC4C-305B4A8D9CE6}] => (Allow) LPort=1900 FirewallRules: [{836B4927-C0A9-4B38-94F5-E37459CE15C9}] => (Allow) C:\Program Files\Brother\Brmfl05c\FAXRX.exe FirewallRules: [{7223697D-027E-4B19-8604-A7CDFC5A4930}] => (Allow) C:\Program Files\Brother\Brmfl05c\FAXRX.exe FirewallRules: [{39153CEF-38CC-4C2C-A8AD-D24FE113C8CB}] => (Allow) LPort=54925 ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (03/05/2018 02:16:27 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: STI BrtSTI: [2018/03/05 14:16:27.778]: [00001884]: GetDeviceIpAddress: GetAddressByName [BRN_97DF08] Error Error: (03/05/2018 02:16:27 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: STI BrtSTI: [2018/03/05 14:16:27.750]: [00001884]: GetDeviceIpAddress: GetAddressByName [BRN_97DF08] Error Error: (03/05/2018 02:16:27 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: STI BrtSTI: [2018/03/05 14:16:27.406]: [00001884]: GetDeviceIpAddress: GetAddressByName [BRN_97DF08] Error Error: (03/05/2018 02:16:27 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: STI BrtSTI: [2018/03/05 14:16:27.266]: [00001884]: GetDeviceIpAddress: GetAddressByName [BRN_97DF08] Error Error: (03/05/2018 02:16:27 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: STI BrtSTI: [2018/03/05 14:16:27.196]: [00001884]: GetDeviceIpAddress: GetAddressByName [BRN_97DF08] Error Error: (03/05/2018 02:16:26 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: STI BrtSTI: [2018/03/05 14:16:26.795]: [00001884]: GetDeviceIpAddress: GetAddressByName [BRN_97DF08] Error Error: (03/05/2018 02:16:26 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: STI BrtSTI: [2018/03/05 14:16:26.792]: [00001884]: GetDeviceIpAddress: GetAddressByName [BRN_97DF08] Error Error: (03/05/2018 02:15:52 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: STI BrtSTI: [2018/03/05 14:15:52.674]: [00001884]: GetDeviceIpAddress: GetAddressByName [BRN_97DF08] Error Dziennik System: ============= Error: (03/01/2018 07:06:32 AM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Usługa TeamViewer 13 zaraportowała nieprawidłowy stan bieżący 0. Error: (02/13/2018 09:11:12 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 09:09:40 na ‎2018-‎02-‎13 było nieoczekiwane. Error: (02/07/2018 02:55:48 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {ABC01078-F197-4B0B-ADBC-CFE684B39C82} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (02/06/2018 10:44:50 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 10:40:55 na ‎2018-‎02-‎06 było nieoczekiwane. Error: (01/17/2018 02:59:18 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (01/17/2018 02:59:14 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (01/12/2018 01:00:38 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 12:57:13 na ‎2018-‎01-‎12 było nieoczekiwane. Error: (01/12/2018 12:19:22 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 12:12:13 na ‎2018-‎01-‎12 było nieoczekiwane. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Celeron(R) CPU E3300 @ 2.50GHz Procent pamięci w użyciu: 70% Całkowita pamięć fizyczna: 2012.49 MB Dostępna pamięć fizyczna: 599.32 MB Całkowita pamięć wirtualna: 6110.49 MB Dostępna pamięć wirtualna: 4237.1 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:300.35 GB) (Free:179.95 GB) NTFS Drive e: (Backup) (Fixed) (Total:165.31 GB) (Free:115.27 GB) NTFS Drive z: () (Network) (Total:465.66 GB) (Free:377.83 GB) NTFS \\?\Volume{d2df46da-64f5-11e0-afdf-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 35105162) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=300.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=165.3 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================