Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja:09-12-2015 Uruchomiony przez PHUFOTOSET (2015-12-11 15:38:45) Uruchomiony z C:\Users\PHUFOTOSET\Desktop Microsoft® Windows Vista™ Business Service Pack 2 (X86) (2009-08-12 09:33:32) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2349542156-1443959456-3792940041-500 - Administrator - Disabled) Gość (S-1-5-21-2349542156-1443959456-3792940041-501 - Limited - Enabled) PHUFOTOSET (S-1-5-21-2349542156-1443959456-3792940041-1000 - Administrator - Enabled) => C:\Users\PHUFOTOSET ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation) 32 Bit HP CIO Components Installer (Version: 4.1.1 - Hewlett-Packard) Hidden 7-Zip 4.65 (HKLM\...\7-Zip) (Version: - ) AC3Filter 1.63b (HKLM\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky) Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation) Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated) Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated) Adobe Photoshop CS (HKLM\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.) Adobe Reader 9.5.0 - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-A95000000001}) (Version: 9.5.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Apple Mobile Device Support (HKLM\...\{A75CA58D-DB9C-4D14-9428-E0C7B0F623DC}) (Version: 9.0.0.26 - Apple Inc.) Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Archiwizator WinRAR (HKLM\...\WinRAR archiver) (Version: - ) ASUS Ai Charger (HKLM\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.00.06 - ASUSTeK Computer Inc.) Asystent rejestrowania za pomocą identyfikatora Windows Live (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation) AviTricks Classic version 1.63 (HKLM\...\AviTricks Classic_is1) (Version: - Bobyte.com) Biblioteki Systemowe Lider SP1 (HKLM\...\{909D6E31-CAC4-4F31-B927-C0ADF700CCEF}) (Version: 5.10.0000 - Unikom) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Canon MP Navigator EX 4.0 (HKLM\...\MP Navigator EX 4.0) (Version: - ) Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version: - ) CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version: - ) DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.) DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.41 - DivX, LLC) EncFlac 1.1.2 (HKLM\...\EncFlac) (Version: 1.1.2 - Michael Facquet) Galeria fotografii usługi Windows Live (HKLM\...\{EDB2A321-4151-4624-AE7A-B0ADFEAA492E}) (Version: 12.0.1329.0201 - Microsoft Corporation) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation) IObit Malware Fighter wersja 3.1.0 (HKLM\...\IObit Malware Fighter_is1) (Version: 3.1.0 - ) iTunes (HKLM\...\{868B9974-4F23-494D-B6BC-4FAB92B2755D}) (Version: 12.1.3.6 - Apple Inc.) Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) K-Lite Codec Pack 6.0.4 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 6.0.4 - ) LightScribe System Software 1.12.33.2 (HKLM\...\{582287DA-0806-4AC0-BF19-C15E3A466034}) (Version: 1.12.33.2 - LightScribe) MagicDisc 2.7.106 (HKLM\...\MagicDisc 2.7.106) (Version: - ) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.23.00.03 - Huawei Technologies Co.,Ltd) Mozilla Firefox 42.0 (x86 pl) (HKLM\...\Mozilla Firefox 42.0 (x86 pl)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla) MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NapiProjekt 2.0.0 (build 2151) (HKLM\...\NapiProjekt_is1) (Version: - ) Napisy24 (HKLM\...\{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 0.95 - Napisy24.pl) Nowe Gadu-Gadu (HKLM\...\Nowe Gadu-Gadu) (Version: - GG Network S.A.) Nvu 1.0 (HKLM\...\Nvu_is1) (Version: - Linspire Inc.) Obsługa programów Apple (32-bitowa) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden OpenAL (HKLM\...\OpenAL) (Version: - ) Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia) PC Connectivity Solution (HKLM\...\{55EB7967-5BB1-4EA2-8AFF-B2F9E487E553}) (Version: 11.5.13.0 - Nokia) PDF Architect 4 (HKLM\...\PDF Architect 4) (Version: 4.0.26.25466 - pdfforge GmbH) PDF Architect 4 Create Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden PDF Architect 4 Edit Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden PDF Architect 4 View Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.1 - pdfforge) PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Programer Fama Standard (HKLM\...\{2232C5FA-6FB6-43AB-AE03-52594F1022E7}) (Version: 7.3.0 - Programer) QuickTime 7 (HKLM\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.) Real Alternative 2.0.1 Lite (HKLM\...\RealAlt_is1) (Version: 2.0.1 - ) Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5567 - Realtek Semiconductor Corp.) SpyHunter (HKLM\...\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}) (Version: 4.1.11 - Enigma Software Group USA, LLC) Sterownik wideo firmy Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems) Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer) Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) UPSVCMM (Version: 11.00.0000 - UPS) Hidden VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Winamp (HKLM\...\Winamp) (Version: 5.572 - Nullsoft, Inc) Winamp Detector Plug-in (HKU\S-1-5-21-2349542156-1443959456-3792940041-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Windows Live installer (HKLM\...\{D659C084-24CE-477A-BC76-6BE150355C26}) (Version: 12.0.1471.1025 - Microsoft Corporation) Windows Live Writer (HKLM\...\{173D51C6-869C-4C67-8694-11912F044570}) (Version: 12.0.1370.0325 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinSCP 5.5 (HKLM\...\winscp3_is1) (Version: 5.5 - Martin Prikryl) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2349542156-1443959456-3792940041-1000_Classes\CLSID\{010833F3-751A-402F-9FCC-C365B6A12E41}\localserver32 -> C:\Users\PHUFOTOSET\Desktop\BESTplayer.exe (Karol Winnicki) CustomCLSID: HKU\S-1-5-21-2349542156-1443959456-3792940041-1000_Classes\CLSID\{5B004CDE-0211-469C-B9B5-0552E7E63917}\InprocServer32 -> C:\Program Files\Pinnacle\Shared files\Filter\MarvinAVRenderer.ax (Pinnacle Systems GmbH) CustomCLSID: HKU\S-1-5-21-2349542156-1443959456-3792940041-1000_Classes\CLSID\{77D8C8C7-6B46-4429-B876-DBC006C96EB1}\InprocServer32 -> C:\Program Files\Pinnacle\Shared files\Filter\MarvinAVRenderer.ax (Pinnacle Systems GmbH) CustomCLSID: HKU\S-1-5-21-2349542156-1443959456-3792940041-1000_Classes\CLSID\{CD37ED08-860C-4B86-AD25-5587D8386587}\InprocServer32 -> C:\Program Files\Pinnacle\Shared files\Filter\MarvinAVRenderer.ax (Pinnacle Systems GmbH) ==================== Punkty Przywracania systemu ========================= 09-12-2015 16:44:39 Windows Update ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2006-11-02 11:23 - 2015-12-11 15:19 - 00000796 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 is360.iobit.com ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {141DFEF7-1702-48EB-AA8A-310B48DE9883} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {4F02E149-6197-42CB-BCC1-7318720BD7C5} - System32\Tasks\{52C0F868-2DBB-44C9-A944-10396542A68F} => pcalua.exe -a D:\Gry\097\Resident_Evil\RESDEVIL\setup.exe -d D:\Gry\097\Resident_Evil\RESDEVIL Task: {75F67B7F-E3D9-4F49-96FA-DC5542875964} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation) Task: {7785782C-63F8-436B-9684-D807D6A0A84A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated) Task: {8A12B773-979D-464E-AEE6-962B15CFB951} - System32\Tasks\SeductivenessEmpathyV2 => Rundll32.exe GoodlyCrusades.dll,main 7 1 Task: {99BF3BCE-0C12-484E-B175-A33771127AEA} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-08-21] (Enigma Software Group USA, LLC.) Task: {9AB0214B-9D3C-45F4-B1A1-EE140FFEDF0E} - \Price Fountain -> Brak pliku <==== UWAGA Task: {AB8F7CE5-1B09-42DB-8A9C-B466D68112F7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-08] (Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\User_Feed_Synchronization-{EB7AB736-522D-4A16-83A9-0133985CBDC3}.job => C:\Windows\system32\msfeedssync.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2015-12-10 13:47 - 2015-01-09 18:46 - 00517408 _____ () C:\Program Files\IObit\IObit Malware Fighter\sqlite3.dll 2015-11-30 09:30 - 2015-11-30 09:30 - 00349184 _____ () C:\Users\PHUFOTOSET\AppData\Local\SeductivenessEmpathy\GoodlyCrusades.dll 2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-03-20 17:12 - 2015-03-20 17:12 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-07-29 10:32 - 2014-03-31 09:31 - 00237424 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2015-12-08 22:48 - 2015-12-08 22:48 - 17647296 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2349542156-1443959456-3792940041-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PHUFOTOSET\Desktop\IMG_0453.JPG DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupfolder: C:^Users^PHUFOTOSET^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup MSCONFIG\startupreg: ALLUpdate => "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: ASUS Ai Charger => C:\Program Files\ASUS\ASUS Ai Charger\AiChargerAP.exe MSCONFIG\startupreg: AVG_UI => "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW MSCONFIG\startupreg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden MSCONFIG\startupreg: Napisy24.pl => "C:\Program Files\Napisy24\Napisy24.exe" AutoStart MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Web TuneUp\vprot.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe FirewallRules: [{68DF6DF8-82C1-44FB-803B-0E3EB351896A}] => (Allow) svchost.exe FirewallRules: [TCP Query User{FBB12B06-B622-4547-BC74-1DE5ACE24AE8}C:\program files\nowe gadu-gadu\gg.exe] => (Allow) C:\program files\nowe gadu-gadu\gg.exe FirewallRules: [UDP Query User{6A0F5707-1E4D-42F0-960B-8928705B14CE}C:\program files\nowe gadu-gadu\gg.exe] => (Allow) C:\program files\nowe gadu-gadu\gg.exe FirewallRules: [TCP Query User{93FA0219-DE7A-45F1-9880-06EEADF801AA}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{642C4B5F-3A03-4F0F-9E6D-6F8D32A2D0F5}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{C6C610F4-527E-4C21-B4A8-4025F95EA76A}C:\program files\quicktime\quicktimeplayer.exe] => (Allow) C:\program files\quicktime\quicktimeplayer.exe FirewallRules: [UDP Query User{CC22A60D-7336-48FD-B90F-86C3903E2AF6}C:\program files\quicktime\quicktimeplayer.exe] => (Allow) C:\program files\quicktime\quicktimeplayer.exe FirewallRules: [{B1F284CC-1DE2-480D-AB16-EBD36D9CB980}] => (Allow) LPort=80 FirewallRules: [{3B4834B1-6BE9-4690-A71A-72C4B14B44E6}] => (Allow) LPort=80 FirewallRules: [{2A6D405F-052C-41E2-9214-505161F84EEE}] => (Allow) LPort=80 FirewallRules: [TCP Query User{4121DB74-0005-4C15-9511-25A5F0F031BE}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe FirewallRules: [UDP Query User{B2FCEAA9-B080-48B9-9CB9-3B9A0DBF0CDC}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe FirewallRules: [{E1F26745-8485-49A6-A098-6816DECCAF19}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{7430AF5B-4DE4-4DC1-B36D-C789596EF02B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{E848A600-A65D-48E9-B072-AAD7E539670C}] => (Allow) LPort=35722 FirewallRules: [{BD4D7C53-5FA6-4F5F-9D2F-0BFE12F24DDA}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{0867AFAD-779F-49BD-AAD1-7361C371F98A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{6D23A20C-75D1-4768-95E0-3AEE0AF76E09}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{A8144ACA-46D1-4C20-9DC8-0B1813D84803}] => (Allow) LPort=33300 FirewallRules: [{4F7E6511-7CE6-490D-96EC-065FBDE9317A}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe FirewallRules: [{10310D5C-7432-40F8-B409-5B0C9CE1A42E}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe FirewallRules: [{D6005474-F151-41B1-9842-CF1165F19646}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe FirewallRules: [{4E8C6E5C-5548-4590-B0DC-E9BDF63646FE}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe FirewallRules: [{C2D6A380-2DAF-427F-BE72-AF655D1975E9}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe FirewallRules: [{1BBE26DF-1434-4939-8F30-7538F61AE3B9}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe FirewallRules: [{BDFA728D-32D0-4CE6-8ED7-ED3571D2EA41}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe FirewallRules: [{70942526-EB66-4E4E-A73E-35E1B64176C1}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe FirewallRules: [{AAB3CF89-4D05-4BF6-A5F5-A1C38BC97878}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{AB59F64C-0EE6-4C9A-A6F7-F9463EF9DCCF}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{C923A700-7241-4713-8308-ABA2741E8C77}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{33884324-A504-4D1E-97FB-983A4B264423}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{E02FB5BE-E134-4836-A747-BA3F9D4D2DBC}] => (Allow) C:\Program Files\PDF Architect 2\PDF Architect 2.exe FirewallRules: [{21014E30-3C1E-4A27-9F64-6935B1087478}] => (Allow) C:\Program Files\PDF Architect 2\PDF Architect 2.exe FirewallRules: [{DD9DBFE9-7C1F-41CC-8F40-19C17FA7B68D}] => (Allow) C:\Program Files\PDFCreator2\PDFCreator.exe FirewallRules: [{006FC4E7-5DC8-4ABC-8EE3-CA2C879C538F}] => (Allow) C:\Program Files\PDFCreator2\PDFCreator.exe FirewallRules: [{C5F1007B-ACA1-450A-ADE4-50670C83E7A1}] => (Allow) C:\Users\PHUFOTOSET\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9D11F320-F97B-462A-92C9-3FC508794F79}] => (Allow) C:\Users\PHUFOTOSET\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{91039374-BC2C-401D-8939-19561E38CD82}C:\program files\nowe gadu-gadu\gg.exe] => (Allow) C:\program files\nowe gadu-gadu\gg.exe FirewallRules: [UDP Query User{E3F1EDA8-BBF7-4902-AD77-3C688EC3D874}C:\program files\nowe gadu-gadu\gg.exe] => (Allow) C:\program files\nowe gadu-gadu\gg.exe FirewallRules: [{F2FC5BF6-71D7-4A58-931B-4FFCDA750237}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{AB430314-00A6-4810-90CA-9B9E4DBB3BAE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{6A7004A7-119E-47A5-B0DF-0EC59523E966}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe FirewallRules: [UDP Query User{C5F2784E-89FE-4F0E-B573-FE5629D5DFDB}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/11/2015 03:20:25 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (12/11/2015 03:20:25 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (12/11/2015 03:20:25 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (12/11/2015 03:19:04 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/11/2015 03:15:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Aplikacja powodująca błąd plugin-container.exe, wersja 42.0.0.5780, sygnatura czasowa 0x5632d0a4, moduł powodujący błąd mozglue.dll, wersja 42.0.0.5780, sygnatura czasowa 0x5632ba58, kod wyjątku 0x80000003, przesunięcie błędu 0x0000ed50, identyfikator procesu 0x920, godzina rozpoczęcia aplikacji 0xplugin-container.exe0. Error: (12/10/2015 01:22:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/10/2015 11:57:58 AM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (12/10/2015 11:57:57 AM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (12/10/2015 11:57:57 AM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (12/10/2015 11:57:39 AM) (Source: ESENT) (EventID: 467) (User: ) Description: Windows (2296) Windows: Baza danych C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Indeks System_ItemFolderPathDisplayNarrow415 tabeli SystemIndex_0A jest uszkodzony (0). Dziennik System: ============= Error: (12/11/2015 03:19:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: i8042prt Error: (12/11/2015 03:19:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: SQL Server VSS Writer1 Error: (12/11/2015 01:23:14 PM) (Source: netbt) (EventID: 4307) (User: ) Description: Zainicjowanie nie powiodło się, ponieważ transport odmówił otwarcia adresów początkowych. Error: (12/11/2015 01:23:00 PM) (Source: Dhcp) (EventID: 1002) (User: ) Description: Serwer DHCP 192.168.1.1 odmówił dzierżawy adresu IP 192.168.1.5 dla karty sieciowej o adresie 00241D718646. (Serwer DHCP wysłał komunikat DHCPNACK). Error: (12/10/2015 02:48:55 PM) (Source: netbt) (EventID: 4321) (User: ) Description: Nie można zarejestrować nazwy „WORKGROUP :1d” w interfejsie o adresie IP 192.168.1.5. Komputer o adresie IP 192.168.1.16 nie zezwolił na przejęcie tej nazwy przez ten komputer. Error: (12/10/2015 01:48:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: UrlFilter%%3 Error: (12/10/2015 01:48:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: RegFilter%%3 Error: (12/10/2015 01:28:24 PM) (Source: DCOM) (EventID: 10016) (User: Fotoset-PC) Description: właściwe dla aplikacjiLokalnyAktywacja{8BC3F05E-D86B-11D0-A075-00C04FB68820}Fotoset-PCPHUFOTOSETS-1-5-21-2349542156-1443959456-3792940041-1000LocalHost (użycie LRPC) Error: (12/10/2015 01:28:24 PM) (Source: DCOM) (EventID: 10016) (User: Fotoset-PC) Description: właściwe dla aplikacjiLokalnyAktywacja{8BC3F05E-D86B-11D0-A075-00C04FB68820}Fotoset-PCPHUFOTOSETS-1-5-21-2349542156-1443959456-3792940041-1000LocalHost (użycie LRPC) Error: (12/10/2015 01:28:24 PM) (Source: DCOM) (EventID: 10016) (User: Fotoset-PC) Description: właściwe dla aplikacjiLokalnyAktywacja{8BC3F05E-D86B-11D0-A075-00C04FB68820}Fotoset-PCPHUFOTOSETS-1-5-21-2349542156-1443959456-3792940041-1000LocalHost (użycie LRPC) CodeIntegrity: =================================== Date: 2015-12-10 13:54:29.373 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-10 13:54:28.989 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-10 13:54:28.605 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-10 13:54:28.186 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-10 13:54:27.730 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-10 13:54:27.338 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-10 13:54:26.943 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-10 13:54:26.544 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-10 13:54:26.065 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-10 13:54:25.683 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz Procent pamięci w użyciu: 64% Całkowita pamięć fizyczna: 2036.77 MB Dostępna pamięć fizyczna: 717.18 MB Całkowita pamięć wirtualna: 11980.81 MB Dostępna pamięć wirtualna: 10525.86 MB ==================== Dyski ================================ Drive c: (SYSTEM) (Fixed) (Total:100 GB) (Free:11.74 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: (DANE) (Fixed) (Total:132.88 GB) (Free:61.3 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 52DF16F7) Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=132.9 GB) - (Type=OF Extended) ==================== Koniec Addition.txt ============================