Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:07-01-2015 Uruchomiony przez Admin (2016-01-08 20:56:16) Uruchomiony z C:\Users\Admin\Desktop\Nowy folder (2) Windows 7 Professional Service Pack 1 (X64) (2015-03-17 16:03:32) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Admin (S-1-5-21-1308598367-973250538-272051807-1000 - Administrator - Enabled) => C:\Users\Admin Administrator (S-1-5-21-1308598367-973250538-272051807-500 - Administrator - Disabled) Gość (S-1-5-21-1308598367-973250538-272051807-501 - Limited - Disabled) UpdatusUser (S-1-5-21-1308598367-973250538-272051807-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} FW: AVG Internet Security (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 007 Legends (HKLM-x32\...\007 Legends_is1) (Version: - ) Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated) Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.8.1.21 - NVIDIA Corporation) AVG (HKLM\...\AvgZen) (Version: 1.31.1.48846 - AVG Technologies) AVG (Version: 16.12.7303 - AVG Technologies) Hidden AVG 2016 (Version: 16.0.4489 - AVG Technologies) Hidden AVG Protection (HKLM\...\AVG) (Version: 2016.12.7303 - AVG Technologies) AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.4.155 - AVG Technologies) AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden Battlefield 4 version 1.0.0.0 (HKLM-x32\...\Battlefield 4_is1) (Version: 1.0.0.0 - GTX Box Team) BitTorrent (HKU\S-1-5-21-1308598367-973250538-272051807-1000\...\BitTorrent) (Version: 7.9.5.41373 - BitTorrent Inc.) Blender (HKLM\...\{D593042C-8739-488D-93B8-E6B202013E57}) (Version: 2.76.1 - Blender Foundation) Call of Juarez Gunslinger version 5.1 (HKLM-x32\...\{BEBFBFCB-2C09-42B1-88C3-381F227320D7}_is1) (Version: 5.1 - Black_Box) CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform) Creative Live! Cam Sync (VF0520) Driver (1.01.04.00) (HKLM\...\Creative VF0520) (Version: - Creative Technology Ltd.) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd) Dead Space™ (HKLM-x32\...\{4D87DC92-C328-46EC-A7B4-9C88129DC696}) (Version: 1.0.222.0 - Electronic Arts) DriverPack Notifier (HKLM-x32\...\DriverPack Notifier) (Version: 2.0.2 - DriverPack Solution) F.E.A.R. 2 Project Origin (HKLM-x32\...\F.E.A.R. 2 Project Origin_is1) (Version: - ) Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.00.00 - Ubisoft) FMW 1 (Version: 1.42.1 - AVG Technologies) Hidden Free eXPert PDF Reader (HKLM-x32\...\{C2B5A2E5-51F8-4883-AF40-6A17902DAFEA}) (Version: 9.0.180.0 - Visagesoft) GodFather II v.1 RUS (HKLM-x32\...\{6CC65C90-E6F3-4CE6-81F1-6E8F8B58637F}_is1) (Version: - Rustorka.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden HDR projects 3 elements (64-Bit) (HKLM\...\HDR_PROJECTS_3_1_3BF7CE82_is1) (Version: 3.34 - Franzis Verlag GmbH) HWiNFO64 Version 5.10 (HKLM\...\HWiNFO64_is1) (Version: 5.10 - Martin Malík - REALiX) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) istartpageing (HKLM-x32\...\istartpageing) (Version: 1.0.0.6 - ) <==== UWAGA Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) K-Lite Codec Pack 11.1.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.1.0 - ) Kozacy - Europejskie Boje (x32 Version: 1.00.0000 - CDV) Hidden Mafia II (HKLM-x32\...\Mafia II_is1) (Version: Mafia II - ) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version: - ) Mozilla Firefox 41.0.2 (x86 ru) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 ru)) (Version: 41.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden NVIDIA nView 146.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 146.90 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Sterownik graficzny 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA WMI 2.22.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.22.0 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software) Operation Flashpoint ®: Red River (HKLM-x32\...\GFWL_{434D083E-7E9A-4D3A-914B-121000008100}) (Version: 1.0.0000.129 - Codemasters) Operation Flashpoint ®: Red River (x32 Version: 1.0.0000.129 - Codemasters) Hidden Panel sterowania NVIDIA 361.43 (Version: 361.43 - NVIDIA Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) PriceFountain (HKU\S-1-5-21-1308598367-973250538-272051807-1000\...\PriceFountain) (Version: - ) <==== UWAGA PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.) Quantum of Solace(TM) (HKLM-x32\...\InstallShield_{CDF29D6C-AA05-49F9-A55A-89C2F8F4F46E}) (Version: 1.00.0000 - Activision) Quantum of Solace(TM) (x32 Version: 1.00.0000 - Activision) Hidden Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7695 - Realtek Semiconductor Corp.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) SketchUp 2015 (HKLM\...\{90A6F70E-96AD-4054-AB8F-42BCFA75F8EC}) (Version: 15.0.9350 - Trimble Navigation Limited) Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.) Update for PriceFountain (HKU\S-1-5-21-1308598367-973250538-272051807-1000\...\Price Fountain) (Version: - Update for PriceFountain) <==== UWAGA Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0415-0000-0000000FF1CE}_Office15.PROPLUS_{905D709F-3A3E-46BB-B1D5-A7AA11430819}) (Version: - Microsoft) USB Vibration Joystick (BM) (HKLM-x32\...\{61A994FF-D39B-4937-9DB9-87EC4FF1BB88}) (Version: 1.00.0000 - ShanWan) USB Vibration Joystick (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - ) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR 5.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) Yandex (HKU\S-1-5-21-1308598367-973250538-272051807-1000\...\YandexBrowser) (Version: 15.10.2454.3865 - ООО «ЯНДЕКС») Yandex taskbar button (HKU\S-1-5-21-1308598367-973250538-272051807-1000\...\YaPinLancher) (Version: 2.0.0.2117 - Yandex) ZOMBI v.версия 1.0 (HKLM-x32\...\ZOMBI_is1) (Version: - ) Менеджер браузеров (HKU\S-1-5-21-1308598367-973250538-272051807-1000\...\{12f34aee-538c-44d5-b33a-12213b7e0197}) (Version: 2.1.2.577 - Яндекс) Менеджер браузеров (x32 Version: 2.1.2.577 - Яндекс) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0B42194E-1382-4DAF-A8DC-528955471DC7} - System32\Tasks\DriverPack Notifier => C:\Program Files (x86)\DriverPack Notifier\DriverPackNotifier.exe [2015-12-18] () Task: {2B531431-BB9D-48C3-A7F7-225F0D13DE8D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe [2016-01-02] (Adobe Systems Incorporated) Task: {36487AC8-FF07-4294-A008-02FD5F0C27C4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {46FB3D53-4C21-4098-9C73-B959BF91353F} - System32\Tasks\{DD7538D2-FB70-425C-AF6D-2F4C55D8CAA0} => D:\ZOMBI\ZOMBI.exe [2015-08-25] (Game) Task: {4EA768FC-291E-442F-92F9-355221F85480} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd) Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {7A3709D2-E066-4E99-A82E-ED62BFE61DE8} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {90566E87-4832-48D1-B8F0-41566B9D0A16} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-02] (Adobe Systems Incorporated) Task: {96B5A787-07A3-4110-AC26-A010F21499F4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {B923D5EF-022E-4364-9D08-6FB5ECD0C4DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-03] (Google Inc.) Task: {C144D586-5217-4324-A0A3-A4699F62EE11} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {CDCE66FE-9BFF-4B22-A93D-A7A33BF70ACA} - System32\Tasks\Opera scheduled Autoupdate 1427571481 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-04] (Opera Software) Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc Task: {E93370EF-A55E-4A47-B72C-8A39D119602E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {E998492F-2B91-4063-B225-4F264AF67835} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-03] (Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Price Fountain.job => C:\Users\Admin\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== UWAGA Task: C:\Windows\Tasks\Обновление Браузера Яндекс .job => C:\Users\Admin\AppData\Local\Yandex\YandexBrowser\Application\browser.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-01-02 16:06 - 2016-01-02 16:05 - 01164688 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe 2015-03-18 00:31 - 2015-10-28 01:16 - 03171632 _____ () C:\Windows\system32\nvwmi64.exe 2015-03-17 17:34 - 2015-12-16 15:53 - 00126072 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-11-22 14:27 - 2015-12-16 20:34 - 01666168 _____ () C:\Program Files\NVIDIA Corporation\nview\nViewH64.dll 2016-01-03 16:05 - 2016-01-03 16:05 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2016-01-03 16:06 - 2016-01-03 16:06 - 00107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2015-11-22 14:27 - 2015-12-16 20:34 - 01309304 _____ () C:\Program Files\NVIDIA Corporation\nview\nViewMain64.exe 2016-01-02 16:06 - 2016-01-02 16:05 - 02814864 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe 2015-11-22 13:56 - 2015-02-05 17:38 - 00020288 _____ () C:\Program Files\CCleaner\branding.dll 2015-06-01 18:28 - 2015-06-01 18:28 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2015-11-29 13:37 - 2015-11-29 13:37 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll 2016-01-04 20:52 - 2015-12-04 08:18 - 61547128 _____ () C:\Program Files (x86)\Opera\34.0.2036.25_0\opera.dll 2016-01-04 20:52 - 2015-12-04 08:18 - 01983096 _____ () C:\Program Files (x86)\Opera\34.0.2036.25_0\libglesv2.dll 2016-01-04 20:52 - 2015-12-04 08:18 - 00081528 _____ () C:\Program Files (x86)\Opera\34.0.2036.25_0\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1308598367-973250538-272051807-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta z Przeglądarki fotografii systemu Windows.jpg DNS Servers: 192.168.100.1 - 198.41.0.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{729B9BC6-F2B9-4A8A-9614-A15E1730A4F2}] => (Allow) C:\Users\Admin\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{38B41B39-628B-4EEE-B22A-FBA60D0E7102}] => (Allow) C:\Users\Admin\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{AF9F157C-0EBD-475A-8E2C-40E5BE38C20A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{7EC7296F-7EA3-4801-A5B0-CDCE73E2CAB8}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{DAEC10E0-A090-4E85-BE27-83C85A5673E4}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{18FFEDF9-EFEF-40FD-B46C-C737FEF269B1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{8455B657-2B9F-48C0-915C-A3FF36FC7BC2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{2F78B585-1B95-4BC1-93F4-20BEAD7431D6}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_40\bin\javaw.exe FirewallRules: [UDP Query User{86524F0D-F82B-41ED-B4A8-9C980F613CC3}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_40\bin\javaw.exe FirewallRules: [{4EDBA4B9-55F2-4029-9198-8F16C7A61D4C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{60D142EE-3B7F-4823-8EBB-BB7B356F8A4E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{DF2F327A-5336-4FFB-9441-82BF45E4F5B2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{636D0E3B-5628-42EC-AE2D-4DCD30C2888D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{716A98E1-1256-41E1-ADF9-B7A9F039956C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{4175E78C-9851-4150-8CA1-9238B9857FA5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{6D7D4D8B-8828-424D-8B3B-4F6484993893}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{2ADF163B-941A-48EE-98F2-5375EAB2899E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{66530A3D-20C0-465C-96C5-F5245A5F2DD5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{26452678-2AA6-4591-B577-B29E77EAC388}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{2E123DF6-78B3-45E0-81B1-199FCCD8DF4C}] => (Allow) D:\strzelanka\RedRiver.exe FirewallRules: [{E8E27861-627D-4232-A562-5310B5471A71}] => (Allow) D:\strzelanka\RedRiver.exe FirewallRules: [{0B58D69C-3C92-4546-81FE-948F287E9833}] => (Allow) D:\strzelanka\RedRiverLauncher.exe FirewallRules: [{1C45D1AD-8CB5-4275-A0B3-79CD5A2E7483}] => (Allow) D:\strzelanka\RedRiverLauncher.exe FirewallRules: [TCP Query User{C180B6AC-E235-4B22-AB1C-738EB11F5B39}D:\007 bond quantum\jb_liveengine_s.exe] => (Allow) D:\007 bond quantum\jb_liveengine_s.exe FirewallRules: [UDP Query User{232F1977-E75B-4382-BCAC-A12DACC27FB5}D:\007 bond quantum\jb_liveengine_s.exe] => (Allow) D:\007 bond quantum\jb_liveengine_s.exe FirewallRules: [TCP Query User{47861CB5-F183-4B43-ADED-E72B8089002A}D:\battlefield 4\bf4.exe] => (Allow) D:\battlefield 4\bf4.exe FirewallRules: [UDP Query User{A525A574-DE2F-4462-A25D-6078F3ABE835}D:\battlefield 4\bf4.exe] => (Allow) D:\battlefield 4\bf4.exe FirewallRules: [TCP Query User{FD9758CA-576C-4DCC-BF68-FA6482A52D69}D:\battlefield 4\bf4_x86.exe] => (Allow) D:\battlefield 4\bf4_x86.exe FirewallRules: [UDP Query User{E68885CA-3F4B-474C-BF37-9A64B2732FC5}D:\battlefield 4\bf4_x86.exe] => (Allow) D:\battlefield 4\bf4_x86.exe FirewallRules: [{02C2F7D5-6E8E-4CEC-BBFD-F26337328C38}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{1579AEF4-B540-4005-8702-F0AF856BDE2E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{0921A9B3-AEA0-49F6-9613-D933A4C1A594}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{79858C2F-36C0-4702-84BA-9882ED1589E9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{D72998B9-A932-44FD-8AF5-FFE59EA4D71E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{BECF8BE4-F8B4-4FDD-8735-24D3F9E828A5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6C19468E-5FFD-4746-935E-7197DE352DC2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Punkty Przywracania systemu ========================= 04-01-2016 19:19:40 Usunięto: Microsoft Visual C++ 2005 Redistributable 04-01-2016 19:22:24 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 04-01-2016 19:22:49 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 04-01-2016 19:26:51 Windows Update 04-01-2016 20:39:02 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 04-01-2016 20:39:28 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 04-01-2016 20:40:29 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 04-01-2016 20:40:45 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 04-01-2016 20:41:07 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 04-01-2016 20:41:30 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 04-01-2016 20:41:54 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 04-01-2016 20:42:16 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 04-01-2016 20:42:40 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 04-01-2016 20:43:03 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 04-01-2016 20:43:27 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 04-01-2016 20:43:52 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 04-01-2016 20:44:19 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 04-01-2016 20:50:16 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 06-01-2016 20:11:23 Zainstalowany program DirectX ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Mysz Microsoft PS/2 Description: Mysz Microsoft PS/2 Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Standardowa klawiatura PS/2 Description: Standardowa klawiatura PS/2 Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Klawiatury standardowe) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (01/08/2016 08:49:50 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Nie można zainicjować indeksu. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/08/2016 08:49:50 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Nie można zainicjować aplikacji. Kontekst: aplikacja Windows Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/08/2016 08:49:50 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Nie można zainicjować obiektu programu zbierającego. Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/08/2016 08:49:50 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Nie można zainicjować dodatku typu plug-in w . Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Nie można odnaleźć elementu. (HRESULT : 0x80070490) (0x80070490) Error: (01/08/2016 08:49:50 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Nie można zainicjować dodatku typu plug-in w . Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/08/2016 08:49:50 PM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: Usługa Windows Search nie może załadować informacji z magazynu właściwości. Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800) (0xc0041800) Error: (01/08/2016 08:49:50 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Usługa Windows Search jest zatrzymywana, ponieważ wystąpił problem z indeksatorem: The catalog is corrupt. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/08/2016 08:49:50 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Usługa wyszukiwania wykryła uszkodzone pliki danych w indeksie {id=4700}. Usługa podejmie próbę automatycznego rozwiązania tego problemu przez odbudowanie indeksu. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (01/08/2016 08:49:50 PM) (Source: Windows Search Service) (EventID: 9000) (User: ) Description: Usługa Windows Search nie może otworzyć magazynu właściwości aparatu Jet. Szczegóły: 0x%08x (0xc0041800 - Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800)) Error: (01/08/2016 08:49:50 PM) (Source: ESENT) (EventID: 455) (User: ) Description: Windows (3536) Windows: Wystąpił błąd -1811 podczas otwierania pliku dziennika C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00008.log. Dziennik System: ============= Error: (01/08/2016 08:50:20 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Error: (01/08/2016 08:49:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (01/08/2016 08:49:50 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-1073473535. Error: (01/08/2016 06:54:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa WtuSystemSupport niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (01/08/2016 03:29:42 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Usługa AVG WatchDog nie została poprawnie zamknięta po odebraniu kodu sterującego przed zamknięciem. Error: (01/08/2016 12:35:14 AM) (Source: cdrom) (EventID: 7) (User: ) Description: W urządzeniu \Device\CdRom0 wystąpił zły blok. Error: (01/08/2016 12:28:01 AM) (Source: cdrom) (EventID: 7) (User: ) Description: W urządzeniu \Device\CdRom0 wystąpił zły blok. Error: (01/08/2016 12:28:00 AM) (Source: cdrom) (EventID: 7) (User: ) Description: W urządzeniu \Device\CdRom0 wystąpił zły blok. Error: (01/08/2016 12:27:58 AM) (Source: cdrom) (EventID: 7) (User: ) Description: W urządzeniu \Device\CdRom0 wystąpił zły blok. Error: (01/08/2016 12:27:54 AM) (Source: cdrom) (EventID: 7) (User: ) Description: W urządzeniu \Device\CdRom0 wystąpił zły blok. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz Procent pamięci w użyciu: 26% Całkowita pamięć fizyczna: 12270.66 MB Dostępna pamięć fizyczna: 9040.46 MB Całkowita pamięć wirtualna: 24539.52 MB Dostępna pamięć wirtualna: 21450.09 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:232.87 GB) (Free:77.48 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: () (Fixed) (Total:232.89 GB) (Free:90.78 GB) NTFS Drive e: (SCISLE PRYWATNE 07-08/2013) (CDROM) (Total:4.11 GB) (Free:0 GB) UDF Drive g: (Mafia II) (CDROM) (Total:4.26 GB) (Free:0 GB) UDF ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E489E489) Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.9 GB) - (Type=OF Extended) ==================== Koniec Addition.txt ============================