Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:27-01-2016 Uruchomiony przez Ewa (2016-01-30 00:44:18) Uruchomiony z C:\Users\Ewa\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2012-06-21 14:06:33) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2060724838-3934703078-1233277874-500 - Administrator - Disabled) Ewa (S-1-5-21-2060724838-3934703078-1233277874-1000 - Administrator - Enabled) => C:\Users\Ewa Gość (S-1-5-21-2060724838-3934703078-1233277874-501 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Bitdefender Ochrona antywirusowa (Enabled - Out of date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D} AS: Bitdefender Antyszpieg (Enabled - Out of date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Zapora sieciowa (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov) Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated) Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.00.1687, 18.01.2016 - AIMP DevTeam) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros) Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.14.0.1088 - Bitdefender) Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.04.000.70 - Atheros Communications) CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Compaq Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13476.3753 - Hewlett-Packard Company) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.4119 - CyberLink Corp.) Defraggler (HKLM\...\Defraggler) (Version: 2.20 - Piriform) Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 10.0 - Emsisoft Ltd.) ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard) Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.) Faktury Express 7 (HKLM-x32\...\Faktury Express 7_is1) (Version: - Polpress) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden HP Deskjet 3520 series — badanie mające na celu poprawę produktów (HKLM\...\{95529536-D97D-4DD0-83B1-24C6922A93B1}) (Version: 27.0.847.0 - Hewlett-Packard Co.) HP Deskjet 3520 series — podstawowe oprogramowanie urządzenia (HKLM\...\{B1AED071-214B-4F7B-B397-321B77490133}) (Version: 27.0.847.0 - Hewlett-Packard Co.) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation) K-Lite Mega Codec Pack 11.8.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.8.5 - KLCP) Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Polski (HKLM-x32\...\{90140011-0066-0415-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Moduł Szybka instalacja pakietu Microsoft Office 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Moduł Szybka instalacja pakietu Microsoft Office 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Odkurzacz (HKLM-x32\...\Odkurzacz 13.5_is1) (Version: 13.5.4.1971 - FranmoSoftware - Maciej Opaliński) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6461 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.) Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1200 - SUPERAntiSpyware.com) Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.21.0 - Synaptics Incorporated) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {08C3216B-74FF-4A82-9238-1F6018AC69B6} - System32\Tasks\{C7D1C61A-A881-4E7A-B7AE-6EE13F6B5F42} => pcalua.exe -a C:\Users\Ewa\Downloads\sp55843.exe -d C:\Users\Ewa\Downloads Task: {0BD089E1-C774-4E66-8A81-966FD3808718} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {1BAE6ECA-DD27-4EA9-B035-2761443362DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) Task: {570F8FD4-21DD-4B9B-9F4A-FC5763A099B8} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-08-06] (Symantec Corporation) Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {7A01A985-859F-4074-B684-944FD459DE96} - \AdobeFlashPlayerUpdate -> Brak pliku <==== UWAGA Task: {9FDC1A5A-F628-4899-BA7F-C0A7426BB0B1} - System32\Tasks\WSManHTTPConfig => C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\IEUpdate\WSManHTTPConfig.exe <==== UWAGA Task: {A61FA2F7-553F-40D8-8C4E-06B45EE2450A} - System32\Tasks\{5B13B85D-F3F9-4CD4-BBED-60A85CBA1736} => pcalua.exe -a C:\Users\Ewa\Downloads\sp52212.exe -d C:\Users\Ewa\Downloads Task: {C4CCB51D-E46A-4338-A0EB-F4466214C617} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {DD0067E7-D68E-4F02-AD3B-9D2FCB523D54} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN29P151HG05SZ => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc Task: {F082FB45-D1F8-401A-8C8B-985604EEFEE7} - \AdobeFlashPlayerUpdate 2 -> Brak pliku <==== UWAGA Task: {F98C0926-31A3-4AEF-B923-6E10251F54EF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-01-29 18:00 - 2014-08-08 13:30 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll 2016-01-29 18:02 - 2014-09-04 15:24 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui 2016-01-29 18:01 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll 2016-01-29 18:00 - 2014-07-24 09:44 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpbr.mdl 2016-01-29 18:00 - 2014-07-24 09:44 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpdsp.mdl 2016-01-29 18:00 - 2014-07-24 09:44 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpph.mdl 2016-01-29 18:00 - 2014-07-24 09:44 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttprbl.mdl 2011-04-05 04:18 - 2011-04-05 04:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-09-11 10:25 - 2013-09-11 10:25 - 03233806 _____ () C:\Program Files (x86)\Tor\tor.exe 2016-01-29 18:02 - 2013-03-25 15:16 - 01117920 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll 2014-10-27 10:16 - 2014-10-27 10:16 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll 2011-11-06 21:30 - 2010-09-13 18:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2016-01-28 23:07 - 2016-01-27 18:39 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libglesv2.dll 2016-01-28 23:07 - 2016-01-27 18:39 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\Ewa\Desktop\adwcleaner_5.031.exe:BDU AlternateDataStreams: C:\Users\Ewa\Desktop\FRST64.exe:BDU AlternateDataStreams: C:\Users\Ewa\Downloads\DDSViewerSetup.exe:BDU AlternateDataStreams: C:\Users\Ewa\Downloads\x6g3plmj.exe:BDU ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2016-01-29 17:19 - 00000006 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2060724838-3934703078-1233277874-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 194.204.152.34 - 194.204.159.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: ALLUpdate => "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" MSCONFIG\startupreg: AVworks => regsvr32.exe C:\Users\Ewa\AppData\Local\AVworks\apiMobileVdm.dll MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: CheckNDISPortf0ac62 => C:\Program Files (x86)\Hostless Modem\Router Wi-Fi Movil\CheckNDISPort_df.exe MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe MSCONFIG\startupreg: HP Deskjet 3520 series (NET) => "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN29P151HG05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1 MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: HPOSD => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe MSCONFIG\startupreg: HPQuickWebProxy => "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" MSCONFIG\startupreg: Iksoft => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Ewa\AppData\Local\ITKsoft\symApippm.dll MSCONFIG\startupreg: iPlusManager => C:\Program Files (x86)\iPlus\iPlusChecker.exe MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe" MSCONFIG\startupreg: Microsoft Windows Manager => C:\Users\Ewa\M-505045204205054050886045405080\winmgr.exe MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s MSCONFIG\startupreg: SetDefault => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot MSCONFIG\startupreg: Tok-Cirrhatus => "C:\Users\Ewa\AppData\Local\smss.exe" MSCONFIG\startupreg: WSManHTTPConfig => "C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\IEUpdate\WSManHTTPConfig.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{36EA4C33-8398-4FD8-A3A3-DEB809458BDA}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe FirewallRules: [{9CEB7F71-4DEB-4C31-8288-B7BA6FC676AA}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe FirewallRules: [{B437B3B4-A177-4C37-8B33-1EB647A191C6}] => (Allow) C:\Windows\System32\hasplms.exe FirewallRules: [{ECC6458A-49EF-48D2-9521-FAE3D799AB06}] => (Allow) C:\Windows\System32\hasplms.exe FirewallRules: [{ED678A3A-9A36-420B-8122-A6983E1B5B00}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe FirewallRules: [{527886E4-C67E-491D-9D21-B829FD8AD773}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{E6A649FE-39F0-42E5-87F6-BDED50247BDD}] => (Allow) C:\Windows\SysWOW64\dfrg\minerd.exe FirewallRules: [{719917DC-C6C0-4568-A73B-6CD8A5C14850}] => (Allow) C:\Windows\SysWOW64\dfrg\minerd.exe FirewallRules: [{A556DD87-01FB-4BEE-8232-6C84D8EB5728}] => (Allow) C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Windows Internet Name Service\wins.exe FirewallRules: [{34BC113D-4470-44B3-BF57-2DD39E9649B6}] => (Allow) C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Windows Internet Name Service\wins.exe FirewallRules: [{CF97C6F5-94DF-4DD6-B1E3-EE2262BF4049}] => (Allow) C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Windows Internet Name Service\wins.exe FirewallRules: [TCP Query User{91570C2C-BA8E-4AA3-87E2-A6417A6DCF0D}C:\users\ewa\appdata\local\{1f6a284e-9b30-e06e-d9bb-ea65b9158f30}\syshost.exe] => (Block) C:\users\ewa\appdata\local\{1f6a284e-9b30-e06e-d9bb-ea65b9158f30}\syshost.exe FirewallRules: [UDP Query User{8E17E1A2-1F3A-4905-9454-EA7BC8D4B491}C:\users\ewa\appdata\local\{1f6a284e-9b30-e06e-d9bb-ea65b9158f30}\syshost.exe] => (Block) C:\users\ewa\appdata\local\{1f6a284e-9b30-e06e-d9bb-ea65b9158f30}\syshost.exe FirewallRules: [{12B81031-3002-4038-B17E-3559066F53B6}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe FirewallRules: [{E9806728-D1F4-4CDA-9984-41A4507B94F1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= 20-12-2015 21:44:42 Windows Defender Checkpoint 03-01-2016 13:31:34 Windows Defender Checkpoint 04-01-2016 18:03:51 Windows Defender Checkpoint 07-01-2016 17:39:30 Windows Defender Checkpoint 11-01-2016 13:24:30 Windows Defender Checkpoint 28-01-2016 19:42:07 Removed Compaq Setup Manager. 28-01-2016 19:56:57 Removed Evernote v. 4.2.3 28-01-2016 19:58:33 Usunięto: Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych 28-01-2016 19:59:52 Removed HP Documentation 28-01-2016 20:01:34 Removed HP Deskjet 3520 series Setup Guide 28-01-2016 20:03:22 Removed HP Deskjet 3520 series Pomoc 28-01-2016 20:09:37 Removed HP Launch Box 28-01-2016 20:10:01 Removed HP On Screen Display 28-01-2016 20:11:00 Removed HP Power Manager 28-01-2016 20:12:15 Removed HP Quick Launch 28-01-2016 20:13:09 Removed HP Setup. 28-01-2016 20:14:36 Removed HP Software Framework 28-01-2016 20:15:17 Removed HP Support Assistant. 28-01-2016 20:20:50 Removed HP Support Assistant. 28-01-2016 20:27:42 Removed HP Support Assistant. 28-01-2016 20:33:49 Removed HP Support Solutions Framework 28-01-2016 20:36:39 Removed HP Update. 28-01-2016 20:46:03 Windows Live Essentials 28-01-2016 20:47:14 WLSetup 28-01-2016 20:50:00 Usunięto: Windows Live Mesh ActiveX Control for Remote Connections 28-01-2016 20:51:22 Removed HP Support Assistant. 28-01-2016 20:55:17 Removed Bluetooth Win7 Suite (64). 28-01-2016 22:09:28 Instalator modułów systemu Windows 28-01-2016 23:13:43 Windows Defender Checkpoint 29-01-2016 00:00:08 Installed HP BIOS Update UEFI 29-01-2016 00:01:43 Zainstalowane Realtek PCIE Card Reader 29-01-2016 00:03:09 Zainstalowane Realtek Ethernet Controller Driver ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Description: Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318} Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (01/29/2016 11:11:36 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. (Patch task for {90140011-0066-0415-0000-0000000FF1CE}): DownloadLatest Failed: Limit czasu operacji został przekroczony. Error: (01/29/2016 11:01:23 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/29/2016 09:49:01 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. (Patch task for {90140011-0066-0415-0000-0000000FF1CE}): DownloadLatest Failed: Limit czasu operacji został przekroczony. Error: (01/29/2016 09:38:36 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/29/2016 06:01:13 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. (Patch task for {90140011-0066-0415-0000-0000000FF1CE}): DownloadLatest Failed: Limit czasu operacji został przekroczony. Error: (01/29/2016 05:51:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/29/2016 05:45:17 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. (Patch task for {90140011-0066-0415-0000-0000000FF1CE}): DownloadLatest Failed: Limit czasu operacji został przekroczony. Error: (01/29/2016 05:36:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/29/2016 05:32:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/29/2016 05:30:24 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Tylko informacje. (Patch task for {90140011-0066-0415-0000-0000000FF1CE}): DownloadLatest Failed: Limit czasu operacji został przekroczony. Dziennik System: ============= Error: (01/30/2016 12:39:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Bitdefender Desktop Update Service z powodu następującego błędu: %%2 Error: (01/30/2016 12:34:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Bitdefender Desktop Update Service z powodu następującego błędu: %%2 Error: (01/30/2016 12:29:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Bitdefender Desktop Update Service z powodu następującego błędu: %%2 Error: (01/30/2016 12:24:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Bitdefender Desktop Update Service z powodu następującego błędu: %%2 Error: (01/30/2016 12:19:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Bitdefender Desktop Update Service z powodu następującego błędu: %%2 Error: (01/30/2016 12:14:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Bitdefender Desktop Update Service z powodu następującego błędu: %%2 Error: (01/30/2016 12:09:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Bitdefender Desktop Update Service z powodu następującego błędu: %%2 Error: (01/30/2016 12:04:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Bitdefender Desktop Update Service z powodu następującego błędu: %%2 Error: (01/29/2016 11:59:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Bitdefender Desktop Update Service z powodu następującego błędu: %%2 Error: (01/29/2016 11:54:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Bitdefender Desktop Update Service z powodu następującego błędu: %%2 CodeIntegrity: =================================== Date: 2016-01-29 14:47:53.903 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-29 14:47:53.887 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz Procent pamięci w użyciu: 55% Całkowita pamięć fizyczna: 3947.86 MB Dostępna pamięć fizyczna: 1756.32 MB Całkowita pamięć wirtualna: 5994.07 MB Dostępna pamięć wirtualna: 3343.68 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:278.69 GB) (Free:218.73 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive d: (Recovery) (Fixed) (Total:15.24 GB) (Free:1.63 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 97FABA35) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=278.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=15.2 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=2 GB) - (Type=0C) ==================== Koniec Addition.txt ============================