Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja:09-12-2015 Uruchomiony przez Joe (2015-12-10 10:40:34) Uruchomiony z C:\Users\Joe\Desktop Microsoft Windows 8.1 Pro (X86) (2015-02-14 20:02:45) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3630990288-2120868229-998028013-500 - Administrator - Disabled) Gość (S-1-5-21-3630990288-2120868229-998028013-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3630990288-2120868229-998028013-1003 - Limited - Enabled) Joe (S-1-5-21-3630990288-2120868229-998028013-1001 - Administrator - Enabled) => C:\Users\Joe ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe AIR (HKLM\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated) Adobe Photoshop CC 2014 (32 Bit) (HKLM\...\{7C25E7A0-A0A1-4B87-BB30-BF0FBDC37878}) (Version: 15.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.13) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated) AquaSoft PhotoKalender 3 (HKLM\...\AquaSoft PhotoKalender 3) (Version: 3.9.02 - AquaSoft) AquaSoft PhotoKalender 3 (Version: 3.9.02 - AquaSoft) Hidden Auslogics Duplicate File Finder (HKLM\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 5.1.0.0 - Auslogics Labs Pty Ltd) Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2225 - AVAST Software) Bandizip (HKLM\...\Bandizip) (Version: 5.05 - Bandisoft.com) Canon iP3600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series) (Version: - Canon Inc.) CorelDRAW Graphics Suite X3 (HKLM\...\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}) (Version: 13.0 - Corel Corporation) CryptBox (HKLM\...\CryptBox_is1) (Version: 2014 - Abelssoft GmbH) CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.2609 - CyberLink Corp.) e-Deklaracje Desktop (HKLM\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 7.0.3 - Ministerstwo Finansow) e-Deklaracje Desktop (Version: 7.0.3 - Ministerstwo Finansow) Hidden FontNav (Version: 5.0 - Corel Corporation) Hidden Format Converter 5 (HKLM\...\{CC5A25E6-7564-48FF-0001-D4DD055B2886}) (Version: 5.0.12.1015 - S.A.D.) Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.73 - Google Inc.) Google Update Helper (Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden ipla 2.8.6 (HKLM\...\ipla) (Version: 2.8.6 - Redefine Sp z o.o.) istartsurf uninstall (HKLM\...\istartsurf uninstall) (Version: - istartsurf) <==== UWAGA K-Lite Codec Pack 10.4.5 Basic (HKLM\...\KLiteCodecPack_is1) (Version: 10.4.5 - ) MAGIX Video easy SE (HKLM\...\MAGIX_{4D5F68E5-FB4B-49E2-A744-998C76556738}) (Version: 4.0.1.89 - MAGIX AG) MAGIX Video easy SE (Version: 4.0.1.89 - MAGIX AG) Hidden Metric Collection SDK (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MyTube 6 (HKLM\...\{02C15B8C-26BE-479C-0001-7E31094C1376}) (Version: 6.0.14.115 - S.A.D.) NapiProjekt (2.2.0.2399) (HKLM\...\NapiProjekt_is1) (Version: - ) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Nero BackItUp 11 Essentials CDPack (HKLM\...\{BD0516DD-705C-441F-A30D-1CC289895309}) (Version: 11.0.00200 - Nero AG) Nero Backup Drivers (HKLM\...\{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}) (Version: 1.0.11100.8.0 - Nero AG) Pajączek 5 NxG PRO - Deinstalacja (HKLM\...\Pajączek 5 NxG PRO_is1) (Version: v5.9.9 - Cream Software) Picexa (HKLM\...\Picexa) (Version: - Taiwan Shui Mu Chih Ching Technology Limited) <==== UWAGA PL (Version: 13.0 - Corel Corporation) Hidden PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) TP-LINK TL-WN721N_TL-WN722N Driver (HKLM\...\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM\...\{90150000-012B-0415-0000-0000000FF1CE}_Office15.PROPLUS_{905D709F-3A3E-46BB-B1D5-A7AA11430819}) (Version: - Microsoft) Update Manager (Version: 4.60 - Corel Corporation) Hidden VBA (Version: 6.2 - Corel Corporation) Hidden Verbatim GREEN BUTTON 1.68 (HKLM\...\Verbatim GREEN BUTTON_is1) (Version: - Verbatim) Verbatim Hard Drive Formatter 1.41 (HKLM\...\Verbatim Hard Drive Formatter_is1) (Version: - Verbatim) Verbatim Product Update 1.06 (HKLM\...\Verbatim Product Update_is1) (Version: - Verbatim) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) Wtyczka e-Deklaracje (HKLM\...\{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1) (Version: 4.1.0 - Ministerstwo Finansów) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{037FB476-15E0-4ED1-B11A-E420B750B1A8}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{2837E0FE-686B-4CB0-BE53-0EA097EAF71B}\InprocServer32 -> C:\WINDOWS\Downloaded Program Files\isusweb.dll (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{5AFAFE48-7107-4FE5-B21A-86A4254541DD}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl32.dll (Bandisoft.com) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{5B7524C8-2446-40E9-9474-94A779DBA224}\InprocServer32 -> C:\WINDOWS\Downloaded Program Files\isusweb.dll (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{621D3650-F1D3-414C-97F9-03A02B211261}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{623E415A-22EF-4DAA-A2FF-E68E77A673C9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\Downloaded Program Files\dwusplay.dll (InstallShield Software Corporation) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{915C2CEB-216B-4B7C-89E4-9ED3512D58D9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{92C5E738-7372-4CD6-BE57-15833624EBF3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{9CAAD2EA-177B-4D07-871F-47255B5D30F3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{B391A1DB-28C8-4506-A43C-5BD6051F16BA}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{E42CE23D-69F9-480A-A15F-BFF5E4D170C3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{E9880553-B8A7-4960-A668-95C68BED571E}\InprocServer32 -> C:\WINDOWS\Downloaded Program Files\isusweb.dll (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{E9A93328-79D4-4AED-A778-146E7191F8BC}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation) CustomCLSID: HKU\S-1-5-21-3630990288-2120868229-998028013-1001_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation) ==================== Punkty Przywracania systemu ========================= 26-11-2015 10:03:01 Zaplanowany punkt kontrolny 05-12-2015 21:35:11 Installed TP-LINK Wireless Configuration Utility and Driver 09-12-2015 16:15:08 Installed TP-LINK Wireless Configuration Utility and Driver ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 07:13 - 2015-02-15 21:41 - 00001056 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 activate.adobe.com ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {14AE2345-5910-4A10-A2B0-0ADF2B5A8669} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {1FF32306-2FCD-404B-9964-299C66FB2464} - System32\Tasks\{26F5027A-8277-4A2F-B749-8013233453E2} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.0.0.102/pl/abandoninstall?page=tsMain Task: {30369045-0FFA-4DDB-BB01-8B59E816E3FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {3C617D72-AD22-44D3-A56A-8D3BC51DA5C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {40CD8483-92EA-4DCD-81B8-B12729229119} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {41C6634F-C5BC-4A7C-9015-E2B178018E5B} - System32\Tasks\Verbatim Product Update => C:\Program Files\Verbatim\Product Update\ProductUpdate.exe [2012-07-03] (Verbatim) Task: {518328FE-5305-4989-ABF8-999A01217DF5} - System32\Tasks\AdobeAAMUpdater-1.0-Blaszak-Joe => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated) Task: {63425CCB-756E-4A12-ACA8-6F238D457C0C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {6A263741-3DFE-4FFF-9628-736E933729C5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation) Task: {95445B4E-7C1F-4CD8-94FD-6FEDBBE92C1A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {A86786D0-93F2-427E-8CE5-4F21404DE551} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-12] (AVAST Software) Task: {B84E99A2-62EA-4EB9-B28A-F14544D8EF77} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo) Task: {F762DD0B-A25F-4D21-A43B-BBD6B7AD7FD2} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-03] (AVAST Software) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449713158&z=efe1ae5d91b4f9d9a693bf6g6zcz8tcm5gfcdgam5o&from=ient07021&uid=ST3500418AS_5VM28QEWXXXX5VM28QEW <==== UWAGA ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449713158&z=efe1ae5d91b4f9d9a693bf6g6zcz8tcm5gfcdgam5o&from=ient07021&uid=ST3500418AS_5VM28QEWXXXX5VM28QEW <==== UWAGA ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449713158&z=efe1ae5d91b4f9d9a693bf6g6zcz8tcm5gfcdgam5o&from=ient07021&uid=ST3500418AS_5VM28QEWXXXX5VM28QEW <==== UWAGA ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449713158&z=efe1ae5d91b4f9d9a693bf6g6zcz8tcm5gfcdgam5o&from=ient07021&uid=ST3500418AS_5VM28QEWXXXX5VM28QEW <==== UWAGA ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449713158&z=efe1ae5d91b4f9d9a693bf6g6zcz8tcm5gfcdgam5o&from=ient07021&uid=ST3500418AS_5VM28QEWXXXX5VM28QEW <==== UWAGA ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449713158&z=efe1ae5d91b4f9d9a693bf6g6zcz8tcm5gfcdgam5o&from=ient07021&uid=ST3500418AS_5VM28QEWXXXX5VM28QEW <==== UWAGA ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449713158&z=efe1ae5d91b4f9d9a693bf6g6zcz8tcm5gfcdgam5o&from=ient07021&uid=ST3500418AS_5VM28QEWXXXX5VM28QEW <==== UWAGA ==================== Załadowane moduły (filtrowane) ============== 2015-08-12 21:09 - 2015-08-12 21:09 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-08-12 21:09 - 2015-08-12 21:09 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-12-09 17:16 - 2015-12-09 17:16 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15120900\algo.dll 2015-12-09 21:03 - 2015-12-09 21:03 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15120901\algo.dll 2015-07-11 12:08 - 2010-08-19 16:43 - 00247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe 2015-08-12 21:09 - 2015-08-12 21:09 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-02-24 18:10 - 2014-09-09 14:26 - 00009216 _____ () C:\Program Files\CryptBox\AbProcessManager.dll 2015-02-24 18:10 - 2014-07-06 18:28 - 00557056 _____ () C:\Program Files\CryptBox\SkinProject8.dll 2015-02-24 18:10 - 2014-07-06 18:28 - 00548864 _____ () C:\Program Files\CryptBox\SkinProject4.dll 2015-02-24 18:10 - 2014-09-09 14:26 - 00004608 _____ () C:\Program Files\CryptBox\Abelssoft.Info.dll 2015-02-24 18:10 - 2014-09-09 14:26 - 00009728 _____ () C:\Program Files\CryptBox\AbMessages.dll 2015-12-03 15:32 - 2015-12-03 15:32 - 00299712 _____ () C:\Program Files\ipla\MediaFileScanner.dll 2015-12-03 15:32 - 2015-12-03 15:32 - 00392384 _____ () C:\Program Files\ipla\jabberoo.dll 2015-12-03 15:32 - 2015-12-03 15:32 - 00068288 _____ () C:\Program Files\ipla\ziplib.dll 2015-11-06 13:03 - 2015-11-06 13:03 - 41293432 _____ () C:\Program Files\ipla\libcef.dll 2015-12-05 21:36 - 2013-10-21 11:00 - 00847360 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe 2015-12-05 21:36 - 2013-06-28 14:50 - 01411072 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll 2015-12-05 21:36 - 2013-06-28 14:48 - 00193024 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll 2015-12-05 21:36 - 2013-06-28 14:48 - 00138752 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll 2015-12-05 21:36 - 2013-06-28 14:48 - 00115712 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL 2015-11-06 13:03 - 2015-11-06 13:03 - 01486456 _____ () C:\Program Files\ipla\libglesv2.dll 2015-11-06 13:03 - 2015-11-06 13:03 - 00079480 _____ () C:\Program Files\ipla\libegl.dll 2015-12-10 03:07 - 2015-08-06 04:47 - 00582144 _____ () C:\Program Files\Picexa\curlpp.dll 2015-12-10 03:07 - 2015-07-15 06:58 - 00065688 _____ () C:\Program Files\Picexa\zlib1.dll 2015-12-02 19:03 - 2015-11-24 09:00 - 01583432 _____ () C:\Program Files\Google\Chrome\Application\47.0.2526.73\libglesv2.dll 2015-12-02 19:03 - 2015-11-24 09:00 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\47.0.2526.73\libegl.dll 2015-12-02 19:03 - 2015-11-24 09:00 - 16496456 _____ () C:\Program Files\Google\Chrome\Application\47.0.2526.73\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3630990288-2120868229-998028013-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Joe\OneDrive\Wyznacznik_sukcesu.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{C4FCB450-B014-434E-9DBE-D3ED3C249391}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE FirewallRules: [{D6BD2249-4EDE-4689-944D-152E92534352}] => (Allow) C:\Program Files\NapiProjekt\napisy.exe FirewallRules: [{7F2907CB-FAF0-4026-93B6-3787241AE359}] => (Allow) C:\Program Files\NapiProjekt\napisy.exe FirewallRules: [{086F7C32-96F9-4BA2-898D-E06710788329}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{D082F514-E2C8-4281-9C67-020E71C58043}C:\program files\nero\nero 11\nero backitup\backitup.exe] => (Allow) C:\program files\nero\nero 11\nero backitup\backitup.exe FirewallRules: [UDP Query User{D371835B-D9DF-40DD-9A7D-273B4D0EEFF1}C:\program files\nero\nero 11\nero backitup\backitup.exe] => (Allow) C:\program files\nero\nero 11\nero backitup\backitup.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/10/2015 10:40:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLASZAK) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/10/2015 10:40:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLASZAK) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/10/2015 10:38:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLASZAK) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/10/2015 10:38:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLASZAK) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/10/2015 10:37:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLASZAK) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/10/2015 10:37:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLASZAK) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/10/2015 10:36:11 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLASZAK) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/10/2015 10:36:11 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLASZAK) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/10/2015 10:34:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLASZAK) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/10/2015 10:34:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLASZAK) Description: Aktywacja aplikacji microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Dziennik System: ============= Error: (12/10/2015 10:40:01 AM) (Source: DCOM) (EventID: 10010) (User: BLASZAK) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (12/10/2015 10:40:01 AM) (Source: DCOM) (EventID: 10010) (User: BLASZAK) Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4 Error: (12/10/2015 10:38:36 AM) (Source: DCOM) (EventID: 10010) (User: BLASZAK) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (12/10/2015 10:38:35 AM) (Source: DCOM) (EventID: 10010) (User: BLASZAK) Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4 Error: (12/10/2015 10:37:18 AM) (Source: DCOM) (EventID: 10010) (User: BLASZAK) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (12/10/2015 10:37:17 AM) (Source: DCOM) (EventID: 10010) (User: BLASZAK) Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4 Error: (12/10/2015 10:36:06 AM) (Source: DCOM) (EventID: 10010) (User: BLASZAK) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (12/10/2015 10:36:06 AM) (Source: DCOM) (EventID: 10010) (User: BLASZAK) Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4 Error: (12/10/2015 10:34:36 AM) (Source: DCOM) (EventID: 10010) (User: BLASZAK) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (12/10/2015 10:34:36 AM) (Source: DCOM) (EventID: 10010) (User: BLASZAK) Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4 CodeIntegrity: =================================== Date: 2015-08-12 22:11:39.423 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 22:11:39.330 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 22:11:26.580 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 22:11:26.548 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 22:11:22.611 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 22:11:22.611 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 22:11:22.595 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 22:11:18.095 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 22:11:11.548 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 22:11:10.783 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz Procent pamięci w użyciu: 51% Całkowita pamięć fizyczna: 3036.49 MB Dostępna pamięć fizyczna: 1476.13 MB Całkowita pamięć wirtualna: 3612.49 MB Dostępna pamięć wirtualna: 1560 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:75.13 GB) (Free:13.41 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: (Programy) (Fixed) (Total:97.65 GB) (Free:35.84 GB) NTFS Drive e: (Dokument) (Fixed) (Total:97.66 GB) (Free:14.93 GB) NTFS Drive f: (Filmusic) (Fixed) (Total:195.31 GB) (Free:86.92 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 629B629B) Partition 1: (Active) - (Size=75.1 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=390.6 GB) - (Type=OF Extended) ==================== Koniec Addition.txt ============================