Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:07-01-2015 Uruchomiony przez pc (2016-01-07 20:05:54) Uruchomiony z C:\Users\pc\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2013-10-11 09:47:20) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3823913081-2609085584-2459951151-500 - Administrator - Disabled) Gość (S-1-5-21-3823913081-2609085584-2459951151-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3823913081-2609085584-2459951151-1002 - Limited - Enabled) pc (S-1-5-21-3823913081-2609085584-2459951151-1000 - Administrator - Enabled) => C:\Users\pc ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated) Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.) Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software) Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation) Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.04.000.70 - Atheros Communications) Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Compaq Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13476.3753 - Hewlett-Packard Company) Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.4119 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden EA SPORTS FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 9.5.0.61021 - Electronic Arts, Inc.) ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard) Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.) Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden FIFA 14 wersja 1.3.0.0 (HKLM-x32\...\FIFA 14_is1) (Version: 1.3.0.0 - EA Games) Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation) Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Documentation (HKLM-x32\...\{68A55875-B6DD-41E8-8CF6-F193D9C47051}) (Version: 1.1.0.0 - Hewlett-Packard) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent) HP Launch Box (HKLM\...\{9CAB2212-0732-4827-8EC4-61D8EF0AA65B}) (Version: 1.0.11 - Hewlett-Packard Company) HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company) HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company) HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company) HP QuickWeb (HKLM-x32\...\{8B52057C-15DB-433E-957C-E279BC7D07E3}) (Version: 3.1.0.9742 - Hewlett-Packard Company) HP Setup (HKLM-x32\...\{5036764A-435D-40C9-869C-31085A3D741D}) (Version: 8.7.4751.3798 - Hewlett-Packard Company) HP Software Framework (HKLM-x32\...\{0F458B1E-459F-43CF-BC0A-3E94F97A1CD3}) (Version: 4.1.13.1 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{B11B6E26-63A4-4BB6-AA39-0AF758B26092}) (Version: 12.0.30.219 - Hewlett-Packard Company) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation) Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Codec Pack 6.2.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.2.0 - ) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.24.20150327 - LG Electronics) LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.11.3.0 - LG Electronics) Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS) Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Polski (HKLM-x32\...\{90140011-0066-0415-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60830 (HKLM\...\{122B909F-9DCF-360E-91E7-0679E033FBE1}) (Version: 11.0.60830 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60830 (HKLM\...\{083808D6-6235-37A8-82C1-98D226EB681F}) (Version: 11.0.60830 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60830 (HKLM-x32\...\{F68B404C-0E04-337F-A132-796508EE337A}) (Version: 11.0.60830 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60830 (HKLM-x32\...\{50AF8559-F490-381F-A6E7-06A07DE227DC}) (Version: 11.0.60830 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation) Moduł Szybka instalacja pakietu Microsoft Office 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Moduł Szybka instalacja pakietu Microsoft Office 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden Nero 8 Lite 8.2.8.0 (HKLM-x32\...\Nero8Lite_is1) (Version: 8.2.8.0 - Updatepack.nl) Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden Pro Evolution Soccer 2016 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - ) Ravia.eu (HKLM-x32\...\Ravia.eu) (Version: - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6287 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.) Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden Slingo Supreme (x32 Version: 2.2.0.97 - WildTangent) Hidden Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.2.16.10 - Electronic Arts Inc.) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden Vegas Pro 13.0 (64-bit) (HKLM\...\{77CEFB5E-CCC3-11E4-8043-F04DA23A5C58}) (Version: 13.0.444 - Sony) Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) WinRAR 5.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.132 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== UWAGA YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== UWAGA Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {20CB8EBC-A768-4317-A8F3-89617A671F7A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {29E875EE-C45D-4620-9BF4-CF598B0176DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard) Task: {40CE99A0-B0C3-4090-8E0B-00E07C29BAEB} - System32\Tasks\{F27985C7-9C32-4FA6-A9FB-E1F0CBAA07C1} => pcalua.exe -a C:\Users\pc\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=smt Task: {46F44D34-9E7C-47DA-AE0E-32013BAC7489} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-06-15] (CyberLink) Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {5CB368D3-BA6B-40DD-9BAB-8EE034856918} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard) Task: {64BCDD30-B3FA-4A14-A4D6-2EF3A5F05377} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company) Task: {67025F02-2F5E-45AA-B339-201CA968DF95} - System32\Tasks\crxbroBrowserUpdateCore => C:\Program Files (x86)\crxbro Browser\crxbro\bin\browserServer.exe [2015-12-22] () Task: {74378A19-DD63-4E5A-A9C7-FFE16AF9FC5F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {76B970BF-AF06-46F6-AFFD-7EF44618D46B} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-06-27] () Task: {84B6FA2D-A626-4101-BE0B-6CC425361151} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard) Task: {8614D513-352D-4316-9F82-6939E63CF7CD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-15] (AVAST Software) Task: {862198F0-3BB0-4420-8682-5CFED766C8A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {AE00F325-A4EC-4B0E-9759-2CCD24921A19} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-06-27] () Task: {AE07A5D6-6B2F-4619-B901-4BD5849165BA} - System32\Tasks\HPCeeScheduleForpc => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard) Task: {C05E289C-AE43-4B18-826A-09667F852F7B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company) Task: {D05DE3D0-DD28-407A-8FE6-3E74913671BA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-01] (Avast Software s.r.o.) Task: {DC856B8D-7516-4EDC-B48B-F1E2BB6E8F4F} - System32\Tasks\crxbroBrowserUpdateUA => C:\Program Files (x86)\crxbro Browser\crxbro\bin\browserServer.exe [2015-12-22] () Task: {DC95C7C4-C686-4D08-AD64-D7045791979B} - System32\Tasks\crxbroCheckTask => C:\Program Files (x86)\crxbro Browser\crxbro\bin\browserServer.exe [2015-12-22] () Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc Task: {F3833B75-9B00-4FC9-9BF2-66AA4A51CCC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForpc.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.delta-homes.com/?type=sc&ts=1418808459&from=wpm12173&uid=SAMSUNGXHM321HI_S25WJ9BBA28536 ShortcutWithArgument: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.delta-homes.com/?type=sc&ts=1418808459&from=wpm12173&uid=SAMSUNGXHM321HI_S25WJ9BBA28536 ==================== Załadowane moduły (filtrowane) ============== 2011-04-05 04:18 - 2011-04-05 04:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-05-05 21:47 - 2015-05-04 10:15 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll 2015-05-05 21:47 - 2015-04-17 03:43 - 00176976 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unrar.dll 2015-05-05 21:47 - 2015-04-17 03:43 - 00087744 _____ () C:\Program Files (x86)\Elex-tech\YAC\tws\unacev2.dll 2015-07-01 19:31 - 2015-07-01 19:31 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-07-01 19:31 - 2015-07-01 19:31 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-01-06 13:09 - 2016-01-06 13:09 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\16010600\algo.dll 2016-01-07 19:34 - 2016-01-07 19:34 - 02809344 _____ () C:\Program Files\AVAST Software\Avast\defs\16010700\algo.dll 2015-08-26 13:13 - 2015-12-19 05:17 - 00582144 _____ () C:\Program Files (x86)\WinZipper\curlpp.dll 2015-08-26 13:13 - 2015-12-19 05:17 - 00065688 _____ () C:\Program Files (x86)\WinZipper\zlib1.dll 2015-05-05 21:47 - 2015-05-04 10:16 - 00185672 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll 2015-07-01 19:31 - 2015-07-01 19:32 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-10-16 18:55 - 2014-10-16 18:55 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll 2011-11-14 19:20 - 2010-09-13 18:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2015-12-22 15:11 - 2015-12-22 07:57 - 01581952 _____ () C:\Program Files (x86)\crxbro Browser\crxbro\libglesv2.dll 2015-12-22 15:11 - 2015-12-22 07:57 - 00079744 _____ () C:\Program Files (x86)\crxbro Browser\crxbro\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3823913081-2609085584-2459951151-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{B33F3341-8A20-47A8-B0D3-4112D53DCDBA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{EA23EEB1-72AC-492E-9932-06611CA4E578}] => (Allow) LPort=2869 FirewallRules: [{A8074520-7412-4750-9C6E-CFDDFA758956}] => (Allow) LPort=1900 FirewallRules: [{FA94C5EE-231F-4B38-AC6C-0BA7313B277B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{E2C8F23C-9646-430E-8697-1498F781B6EE}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{36EA4C33-8398-4FD8-A3A3-DEB809458BDA}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe FirewallRules: [{9CEB7F71-4DEB-4C31-8288-B7BA6FC676AA}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe FirewallRules: [TCP Query User{A5E278B7-EFE1-4571-AD13-B933B6D9F311}C:\program files (x86)\metin2 ravia.eu\game] => (Allow) C:\program files (x86)\metin2 ravia.eu\game FirewallRules: [UDP Query User{EB323CB2-EC85-45A5-A033-DEF06B8DBAFE}C:\program files (x86)\metin2 ravia.eu\game] => (Allow) C:\program files (x86)\metin2 ravia.eu\game FirewallRules: [TCP Query User{849ACCAE-40B6-4AEB-99BE-4B0888B0C8BD}C:\program files (x86)\fifa 14\game\fifa14.exe] => (Block) C:\program files (x86)\fifa 14\game\fifa14.exe FirewallRules: [UDP Query User{0BE508DE-83D6-47E3-8246-251062368865}C:\program files (x86)\fifa 14\game\fifa14.exe] => (Block) C:\program files (x86)\fifa 14\game\fifa14.exe FirewallRules: [TCP Query User{53F4065C-CDD3-4D3C-A67A-1DEBC5752BF0}C:\program files (x86)\origin games\fifa world\fifaworld.exe] => (Allow) C:\program files (x86)\origin games\fifa world\fifaworld.exe FirewallRules: [UDP Query User{0299F07A-C1E6-4A4C-858F-0CF61EEE654E}C:\program files (x86)\origin games\fifa world\fifaworld.exe] => (Allow) C:\program files (x86)\origin games\fifa world\fifaworld.exe FirewallRules: [{E6F37643-5E56-4DF9-ACCF-F0ACCEA6BEC3}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA World\fifaworld.exe FirewallRules: [{A45C8A8B-A8BD-4C3B-96B8-2EDCB855E096}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA World\fifaworld.exe FirewallRules: [TCP Query User{D9E191C6-E915-425D-98B6-75981E56429B}C:\program files (x86)\metin2 ravia.eu\game.exe] => (Allow) C:\program files (x86)\metin2 ravia.eu\game.exe FirewallRules: [UDP Query User{4445CE66-21F5-4BBF-82CB-F1B67162406E}C:\program files (x86)\metin2 ravia.eu\game.exe] => (Allow) C:\program files (x86)\metin2 ravia.eu\game.exe FirewallRules: [{1503B447-C11A-4C82-930E-59EE26C934EE}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{23867365-B607-40AE-9875-109DDCB57845}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [TCP Query User{CA9D7912-6B38-4531-BB91-EB3BA1D8ABBB}C:\program files (x86)\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2016\pes2016.exe FirewallRules: [UDP Query User{460B3B1B-A285-4E92-862C-E3921F663C5A}C:\program files (x86)\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2016\pes2016.exe FirewallRules: [{0006F247-0795-472A-8059-F75F070D452F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe FirewallRules: [{94840A43-167F-484E-BAA1-E47203826D4B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{D2FA655C-350F-43CA-A346-75D3D7592674}] => (Allow) C:\Program Files (x86)\crxbro Browser\crxbro\chrome.exe FirewallRules: [{36AF8F4B-9B51-4857-BFB0-F00091C49E1C}] => (Allow) C:\Program Files (x86)\crxbro Browser\crxbro\bin\browserServer.exe ==================== Punkty Przywracania systemu ========================= 11-12-2015 02:04:17 Windows Update 15-12-2015 19:37:24 Windows Update 18-12-2015 02:17:36 Windows Update 22-12-2015 15:16:38 Windows Update 29-12-2015 12:56:01 Windows Update 01-01-2016 17:03:10 Windows Update 05-01-2016 18:03:11 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (01/07/2016 08:03:59 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program FRST64.exe w wersji 26.11.2014.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 10dc Godzina rozpoczęcia: 01d1497e11b8c829 Godzina zakończenia: 0 Ścieżka aplikacji: C:\Users\pc\Downloads\FRST-OlderVersion\FRST-OlderVersion\FRST64.exe Identyfikator raportu: 62032202-b571-11e5-9731-74de2b62e9c6 Error: (01/07/2016 08:03:00 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program FRST64.exe w wersji 26.11.2014.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1094 Godzina rozpoczęcia: 01d1497dfa25e40c Godzina zakończenia: 3 Ścieżka aplikacji: C:\Users\pc\Downloads\FRST-OlderVersion\FRST-OlderVersion\FRST64.exe Identyfikator raportu: 3f581c78-b571-11e5-9731-74de2b62e9c6 Error: (01/07/2016 07:41:43 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. (Patch task for {90140011-0066-0415-0000-0000000FF1CE}): DownloadLatest Failed: Nie można określić nazwy serwera lub adresu. Error: (01/07/2016 07:38:44 PM) (Source: MsiInstaller) (EventID: 1002) (User: pc-HP) Description: Nieoczekiwana lub brakująca wartość (nazwa: „PackageName”, wartość: „”) w kluczu „HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList” Error: (01/07/2016 07:31:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: HPMSGSVC.exe, wersja: 2.7.2.0, sygnatura czasowa: 0x4f544ff4 Nazwa modułu powodującego błąd: HPMSGSVC.exe, wersja: 2.7.2.0, sygnatura czasowa: 0x4f544ff4 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000394d Identyfikator procesu powodującego błąd: 0x1018 Godzina uruchomienia aplikacji powodującej błąd: 0xHPMSGSVC.exe0 Ścieżka aplikacji powodującej błąd: HPMSGSVC.exe1 Ścieżka modułu powodującego błąd: HPMSGSVC.exe2 Identyfikator raportu: HPMSGSVC.exe3 Error: (01/07/2016 07:23:43 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/07/2016 07:15:23 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/06/2016 08:19:35 PM) (Source: MsiInstaller) (EventID: 1002) (User: pc-HP) Description: Nieoczekiwana lub brakująca wartość (nazwa: „PackageName”, wartość: „”) w kluczu „HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList” Error: (01/06/2016 08:13:24 PM) (Source: MsiInstaller) (EventID: 1002) (User: pc-HP) Description: Nieoczekiwana lub brakująca wartość (nazwa: „PackageName”, wartość: „”) w kluczu „HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList” Error: (01/06/2016 08:07:09 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Dziennik System: ============= Error: (01/07/2016 07:23:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi HPWMISVC. Error: (01/07/2016 07:23:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Util PodoWeb z powodu następującego błędu: %%2 Error: (01/07/2016 07:22:25 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 19:20:57 na ‎2016-‎01-‎07 było nieoczekiwane. Error: (01/07/2016 07:15:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi HPWMISVC. Error: (01/07/2016 07:14:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Util PodoWeb z powodu następującego błędu: %%2 Error: (01/06/2016 08:06:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Util PodoWeb z powodu następującego błędu: %%2 Error: (01/06/2016 01:09:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi HP Software Framework Service z powodu następującego błędu: %%1053 Error: (01/06/2016 01:09:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą HP Software Framework Service. Error: (01/06/2016 01:09:51 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1053hpqwmiex{F5539356-2F02-40D4-999E-FA61F45FE12E} Error: (01/06/2016 01:08:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Util PodoWeb z powodu następującego błędu: %%2 ==================== Statystyki pamięci =========================== Procesor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz Procent pamięci w użyciu: 53% Całkowita pamięć fizyczna: 3947.86 MB Dostępna pamięć fizyczna: 1837.59 MB Całkowita pamięć wirtualna: 7893.93 MB Dostępna pamięć wirtualna: 5389.81 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:278.69 GB) (Free:145.49 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive d: (Recovery) (Fixed) (Total:15.24 GB) (Free:1.66 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 97FABA35) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=278.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=15.2 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=4 GB) - (Type=0C) ==================== Koniec Addition.txt ============================