Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:07-02-2016 Uruchomiony przez Adam (2016-02-09 20:27:26) Uruchomiony z C:\Users\Adam\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2016-01-04 16:31:59) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Adam (S-1-5-21-2241876270-1104089119-2635419705-1001 - Administrator - Enabled) => C:\Users\Adam Administrator (S-1-5-21-2241876270-1104089119-2635419705-500 - Administrator - Disabled) Gość (S-1-5-21-2241876270-1104089119-2635419705-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2241876270-1104089119-2635419705-1002 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Reader XI (11.0.14) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated) Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.5 - ASUS) ASUS FancyStart (HKLM-x32\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.) ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.24 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.18 - asus) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.5 - Atheros Communications Inc.) ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK) ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0051 - ASUS) ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0005 - ASUS) ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0005 - ASUS) AutoCAD 2014 — Polski (Polish) (Version: 19.1.18.0 - Autodesk) Hidden AutoCAD 2014 Language Pack – Polski (Polish) (Version: 19.1.18.0 - Autodesk) Hidden Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk) Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk) Autodesk AutoCAD 2014 — Polski (Polish) (HKLM\...\AutoCAD 2014 — Polski (Polish)) (Version: 19.1.18.0 - Autodesk) Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk) Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk) Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk) AVG (HKLM\...\AvgZen) (Version: 1.31.1.48846 - AVG Technologies) AVG (Version: 16.41.7442 - AVG Technologies) Hidden AVG 2016 (Version: 16.0.4522 - AVG Technologies) Hidden AVG Protection (HKLM\...\AVG) (Version: 2016.41.7442 - AVG Technologies) AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.00.05 - TOSHIBA CORPORATION) ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.3 - ASUS) ElcomPDF (HKLM\...\ElcomPDF) (Version: - ) Elektroniczny Magnetplaner (HKLM-x32\...\magnet) (Version: - ) ELISOFT Faktury 2016 wersja 11.1.2.0 (HKLM-x32\...\ELISOFT Faktury 2016_is1) (Version: 11.1.2.0 - ELISOFT) ETDWare PS/2-x64 7.0.5.9_WHQL (HKLM\...\Elantech) (Version: - ) ETI Cennik 1.9 (HKLM-x32\...\{E7A6BCC2-3074-4A7B-98FD-BC1AAEBC8423}_is1) (Version: - ETI POLAM) FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production) Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.2 - ASUS) FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Hager - Tehalit 5.1 (HKLM-x32\...\Elcom 5.1) (Version: - ) Hager prerequisites (HKLM-x32\...\{98C64AD3-6A1D-4737-9ED8-06A73741550C}) (Version: 1.00.0000 - hager) Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation) K-Lite Codec Pack 11.7.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.7.5 - ) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5928 - Realtek Semiconductor Corp.) Semiolog (HKLM-x32\...\Semiolog2) (Version: - ) SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.103 - Skype Technologies S.A.) SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.08.1000 - SRS Labs, Inc.) USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - ) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.14 - ASUS) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2241876270-1104089119-2635419705-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2241876270-1104089119-2635419705-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2241876270-1104089119-2635419705-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2241876270-1104089119-2635419705-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\pl-PL\acadficn.dll (Autodesk, Inc.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0402BACF-9275-41BB-9B45-7C8D12C4C733} - System32\Tasks\P4GIntlCtrl => C:\Program Files\P4G\IntlCtrl.exe [2009-08-11] (TODO: ) Task: {0EE16BFD-BA97-48AD-A384-B71CA1837667} - System32\Tasks\{9A533925-0E09-491C-A980-271CE4EA6998} => pcalua.exe -a C:\Users\Adam\Downloads\VGA_nVidia_NB9X_Vista64_Win7_64_816118757\setup.exe -d C:\Users\Adam\Downloads\VGA_nVidia_NB9X_Vista64_Win7_64_816118757 Task: {11AD56EF-6FDD-4E57-8711-406AFAA36983} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {148204E9-07F5-43B5-9415-E6E4DDC4BEA0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-04] (Google Inc.) Task: {52C7B039-E987-4D29-91CA-1FD561184FA0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {7DCADC2B-0E6D-496E-895E-054E2DC9CC1D} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-09-08] (ATK) Task: {82AE26C3-16CA-4505-BC71-AA7D22F7691D} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-11-12] () Task: {8724237D-BF76-45A9-B4B7-33EE3F46ABEF} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-11-30] () Task: {BF1B3087-D01A-4ACA-BE54-0543B7588198} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation) Task: {D2032BD8-D158-45FE-9D53-0EEB9D843A08} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-09-03] () Task: {D3A4C5DE-D4B2-4745-BAFA-C7866302C691} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-04] (Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-01-04 19:27 - 2009-09-03 17:59 - 00274560 _____ () C:\Windows\system32\GetBootTime.dll 2016-01-04 19:11 - 2007-08-08 00:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe 2016-01-06 21:58 - 2008-07-19 16:26 - 00087040 _____ () C:\Windows\System32\custmon64.dll 2009-07-01 18:54 - 2009-07-01 18:54 - 00173344 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll 2009-09-10 16:42 - 2009-09-10 16:42 - 00041984 _____ () C:\Program Files\P4G\DevMng.dll 2009-09-11 12:27 - 2009-09-11 12:27 - 00029184 _____ () C:\Program Files\P4G\OvrClk.dll 2016-01-04 19:11 - 2007-03-09 18:58 - 00124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll 2009-09-03 10:33 - 2009-09-03 10:33 - 00054400 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe 2013-02-05 00:21 - 2013-02-05 00:21 - 00056352 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll 2013-02-05 00:21 - 2013-02-05 00:21 - 00937504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll 2013-02-05 00:21 - 2013-02-05 00:21 - 00124448 _____ () C:\Program Files\Autodesk\Autodesk Sync\QJson.dll 2013-02-05 00:21 - 2013-02-05 00:21 - 00045088 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll 2008-08-13 20:59 - 2008-08-13 20:59 - 00301624 _____ () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe 2016-02-09 17:02 - 2016-02-09 17:01 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll 2016-02-04 21:02 - 2016-02-03 08:27 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libglesv2.dll 2016-02-04 21:02 - 2016-02-03 08:27 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\Adam\Desktop\AVG_Protection_Free_1064.exe:BDU AlternateDataStreams: C:\Users\Adam\Downloads\341.92-notebook-win8-win7-64bit-international.exe:BDU AlternateDataStreams: C:\Users\Adam\Downloads\AdbeRdr11000_pl_PL.exe:BDU AlternateDataStreams: C:\Users\Adam\Downloads\chromeinstall-8u66.exe:BDU AlternateDataStreams: C:\Users\Adam\Downloads\DTLiteInstaller.exe:BDU AlternateDataStreams: C:\Users\Adam\Downloads\K-Lite_Codec_Pack_1175_Full.exe:BDU ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2016-02-09 18:41 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2241876270-1104089119-2635419705-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 - 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{17DC69E2-1C9A-49C4-8ED0-A5621E69C983}] => (Allow) LPort=50248 FirewallRules: [TCP Query User{61F69E1D-2266-4884-93DB-65859E8CE284}C:\hager\elcom 5.1\apps\rteng9.exe] => (Allow) C:\hager\elcom 5.1\apps\rteng9.exe FirewallRules: [UDP Query User{342C24F0-335D-44BD-98EC-54445930CD7C}C:\hager\elcom 5.1\apps\rteng9.exe] => (Allow) C:\hager\elcom 5.1\apps\rteng9.exe FirewallRules: [{76CAF891-6980-4E6B-B2F1-E1A2C5C2B4E9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{5D90AA08-1E8C-49FA-BDCE-8A8EAFCFF536}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{24A773C8-A66A-4132-A769-80606DEF9A62}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{8E02E26D-1423-4F15-B12E-F8378B8B765D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{7934A331-5C41-4855-A030-E35D937EE891}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{91795C12-40B8-4E9C-97D3-7743578C0E9D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{ADCB074E-6C7E-4899-826F-8FE7A2EF21F6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{933278D8-5A3F-452D-B243-D8EDD3329848}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{9D211DFE-98C6-4EE0-929F-249F92C502EA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{2263B81A-BF43-41C2-946D-E1AB58F385B7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe ==================== Punkty Przywracania systemu ========================= 09-02-2016 18:55:29 ComboFix created restore point 09-02-2016 19:22:14 Zainstalowany program DirectX ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/09/2016 06:49:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/09/2016 06:20:39 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/09/2016 04:49:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/09/2016 06:55:40 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/08/2016 03:48:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/08/2016 05:31:01 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/07/2016 08:18:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/07/2016 11:57:31 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/06/2016 11:31:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/06/2016 09:13:17 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Dziennik System: ============= Error: (02/09/2016 06:41:56 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (02/09/2016 06:40:49 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (02/09/2016 06:36:14 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (02/09/2016 05:01:08 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla DeleteFlag nie powiodło się i wystąpił następujący błąd: %%5. Error: (02/09/2016 05:01:05 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił następujący błąd: %%5. Error: (02/08/2016 09:00:17 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Struktura systemu plików na dysku jest uszkodzona i nie nadaje się do użytku. Uruchom narzędzie chkdsk na woluminie My Passport. Error: (02/08/2016 09:00:17 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Struktura systemu plików na dysku jest uszkodzona i nie nadaje się do użytku. Uruchom narzędzie chkdsk na woluminie My Passport. Error: (02/08/2016 09:00:17 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Struktura systemu plików na dysku jest uszkodzona i nie nadaje się do użytku. Uruchom narzędzie chkdsk na woluminie My Passport. Error: (02/08/2016 09:00:17 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Struktura systemu plików na dysku jest uszkodzona i nie nadaje się do użytku. Uruchom narzędzie chkdsk na woluminie My Passport. Error: (02/08/2016 09:00:16 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: Struktura systemu plików na dysku jest uszkodzona i nie nadaje się do użytku. Uruchom narzędzie chkdsk na woluminie My Passport. CodeIntegrity: =================================== Date: 2016-02-09 18:40:49.770 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-09 18:40:49.676 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz Procent pamięci w użyciu: 45% Całkowita pamięć fizyczna: 4095.11 MB Dostępna pamięć fizyczna: 2214.29 MB Całkowita pamięć wirtualna: 8188.43 MB Dostępna pamięć wirtualna: 6123.97 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:119.24 GB) (Free:81.82 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive e: () (Fixed) (Total:149.04 GB) (Free:67.66 GB) NTFS Drive f: () (Fixed) (Total:149.04 GB) (Free:7.77 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 9FB5B749) Partition 1: (Active) - (Size=119.2 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 298.1 GB) (Disk ID: BBC58B91) Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================