Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja:09-05-2016 Uruchomiony przez Maciej (2016-05-12 15:57:29) Uruchomiony z C:\Pobieranie Microsoft Windows 10 Home Wersja 1511 (X86) (2015-11-29 22:18:56) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-227159230-626954009-1044769965-500 - Administrator - Disabled) Gość (S-1-5-21-227159230-626954009-1044769965-501 - Limited - Disabled) => C:\Users\Gość HomeGroupUser$ (S-1-5-21-227159230-626954009-1044769965-1002 - Limited - Enabled) Konto domyślne (S-1-5-21-227159230-626954009-1044769965-503 - Limited - Disabled) Maciej (S-1-5-21-227159230-626954009-1044769965-1000 - Administrator - Enabled) => C:\Users\Maciej UpdatusUser (S-1-5-21-227159230-626954009-1044769965-1005 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated) Adobe AIR (HKLM\...\Adobe AIR) (Version: 21.0.0.176 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.) Aktualizacje NVIDIA 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden AMD Dual-Core Optimizer (HKLM\...\{886C92E6-4AF1-4290-BB86-4B5064A1BB7D}) (Version: 1.0.0.0083 - AMD) Ashampoo Burning Studio 2010 Advanced 9.25 (HKLM\...\Ashampoo Burning Studio 2010 Advanced_is1) (Version: 3.1.1 - ashampoo GmbH & Co. KG) Audytor C.O. - Deinstalacja programu (HKLM\...\Audytor C.O. 4.1basic_is1) (Version: wersja 4.1basic - SANKOM Sp. z o.o.) Audytor OZC - Deinstalacja programu (HKLM\...\Audytor OZC 6.6Pro_is1) (Version: wersja 6.6Pro - SANKOM Sp. z o.o.) AutoCAD 2010 - Polski (HKLM\...\AutoCAD 2010 - Polski) (Version: 18.0.55.0 - Autodesk) AutoCAD 2010 - Polski (Version: 18.0.55.0 - Autodesk) Hidden Autodesk DWG TrueView 2016 - English (HKLM\...\DWG TrueView 2016 - English) (Version: 20.1.49.0 - Autodesk) AVG (Version: 16.61.7539 - AVG Technologies) Hidden AVG 2016 (Version: 16.0.4568 - AVG Technologies) Hidden AVG Protection (HKLM\...\AVG) (Version: 2016.61.7539 - AVG Technologies) Blood Bowl 1.0.0.8 (HKLM\...\BloodBowl_is1) (Version: 1.0.0.8 - Cyanide Entertainment) CesarFTP 0.99g (HKLM\...\CesarFTP 0.99g_is1) (Version: - Alexandre Cesari) Counter Strike 1.6 v23 (HKU\S-1-5-21-227159230-626954009-1044769965-1000\...\Counter Strike 1.6 v23 1.0) (Version: 1.0 - Cs-Classic) DAEMON Tools Toolbar (HKLM\...\DAEMON Tools Toolbar) (Version: 1.0.8.0552 - DT Soft Ltd) <==== UWAGA DWG TrueView 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden e-Deklaracje Desktop (HKLM\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 8.0.7 - Ministerstwo Finansow) e-Deklaracje Desktop (Version: 8.0.7 - Ministerstwo Finansow) Hidden Far Cry (HKLM\...\FarCry_is1) (Version: - Cenega Poland Sp. z o. o.) Faraon (HKLM\...\Pharaoh) (Version: - ) FIFA 06 (HKLM\...\{3A9C37A6-AD4C-443D-0098-6B0A1865DEE2}) (Version: - ) FMW 1 (Version: 1.73.2 - AVG Technologies) Hidden Free YouTube to iPod Converter version 3.10.37.1212 (HKLM\...\Free YouTube to iPod Converter_is1) (Version: 3.10.37.1212 - DVDVideoSoft Ltd.) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden Google Chrome (HKLM\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden Heroes III Armageddon's Blade (HKLM\...\Heroes III Armageddon's Blade) (Version: - ) Java 8 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation) JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) Kane & Lynch 2: Dog Days (HKLM\...\Steam App 28000) (Version: - IO Interactive) K-Lite Mega Codec Pack 7.1.0 (HKLM\...\KLiteCodecPack_is1) (Version: 7.1.0 - ) LaserJet 1020 series (HKLM\...\HP-LaserJet 1020 series) (Version: - ) Legend (HKLM\...\Legend: Hand of God_is1) (Version: - dtp AG) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mozilla Firefox 43.0.1 (x86 pl) (HKLM\...\Mozilla Firefox 43.0.1 (x86 pl)) (Version: 43.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla) NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation) NVIDIA Sterownik graficzny 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) OpenAL (HKLM\...\OpenAL) (Version: - ) OpenOffice.org 3.4.1 (HKLM\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation) OrderReminder HP LaserJet 1020 (HKLM\...\OrderReminder HP LaserJet 1020) (Version: 2.0 - ) Pakiet językowy programu AutoCAD 2010 - polski (Version: 18.0.55.0 - Autodesk) Hidden Pakiet zgodności dla systemu Office 2007 (HKLM\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation) Panel sterowania NVIDIA 341.92 (Version: 341.92 - NVIDIA Corporation) Hidden PDF Architect 3 (HKLM\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH) PDF Architect 3 Create Module (Version: 3.0.13.22993 - pdfforge GmbH) Hidden PDF Architect 3 Edit Module (Version: 3.0.13.22993 - pdfforge GmbH) Hidden PDF Architect 3 View Module (Version: 3.0.13.22993 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge) PIT Format 2015 (HKLM\...\PIT Format 2015_is1) (Version: - Biuro Informatyki Stosowanej FORMAT) RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - ) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.3.9001 - SAMSUNG Electronics Co., Ltd.) SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden Sniper Elite (HKLM\...\{2311E07E-432B-4070-8265-3F85BCE19A97}_is1) (Version: - ) Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Stronghold 3 (HKLM\...\Stronghold 3_is1) (Version: - ) Stronghold Crusader Extreme (HKLM\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Tom and Jerry in Fists of Furry (HKLM\...\{52EC4A8F-2C88-11D6-B5A7-0050DA346D4C}) (Version: - ) Unity Web Player (HKU\S-1-5-21-227159230-626954009-1044769965-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN) WinAVI Video Converter (HKLM\...\WinAVI Video Converter) (Version: 11.0.0.3995 - ZJMedia Digital Technology Ltd.) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH) Władca Pierścieni® - Podbój™ (HKLM\...\{628C3D50-F524-4C49-A958-672CE7953756}) (Version: 1.0.0.1 - Electronic Arts) WRC 2 FIA World Rally Championship (HKLM\...\{E4BB976A-A6E5-49A4-9885-A58B519C2705}) (Version: 1.2.0000 - Black Bean Games) WRC 2 FIA World Rally Championship (Version: 1.2.0000 - Black Bean Games) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-227159230-626954009-1044769965-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Autodesk\DWG TrueView 2016 - English\dwgviewr.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-227159230-626954009-1044769965-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Autodesk\DWG TrueView 2016 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-227159230-626954009-1044769965-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-227159230-626954009-1044769965-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-227159230-626954009-1044769965-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll (Autodesk, Inc.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {00DC7DA8-1F70-4803-8FFB-268358F3DF33} - System32\Tasks\{643B87DD-9254-4AA5-A36F-4255CBC25B51} => E:\Steam\Steam.exe [2015-11-10] (Valve Corporation) Task: {02AE2600-922F-46CA-AE45-8D7B894F0F67} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {0EE4900F-4909-4EF2-8EFF-BC30C8F4DA86} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {11A9719A-9F35-4DE1-9928-0585FBA23A80} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {12019539-96E2-4ABC-BC00-3CEABF0D94A9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {171B2069-58FA-4FF9-8AA0-BA2204D30E10} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {1778E0B5-C8D5-472B-8BD6-209C01A7FC1C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {19D324C4-C70C-4BBE-934A-EA24F839E549} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {1BDAFB26-E15D-4CA8-AF7E-06349EE8C76C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-09] (Adobe Systems Incorporated) Task: {1E2C9D00-6F21-4E8D-B7B9-C30D7017A5F2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {225C01AD-87DC-463E-9B09-297D7F559616} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {2270C0BA-CB99-47EB-B7DC-EB9B741C2FB3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {22F6AB13-DB42-4718-B188-704D10A1C034} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {37D99D43-2DE6-4783-9B62-185565673CB8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {39552995-4F15-4A42-A472-D787AEC8E3A3} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {49AEA5B6-5358-4203-947B-FF75984E59EB} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {54DB6143-4877-4754-B440-2A46D0CE7C74} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5D96DC94-75B0-4222-9A94-626ED3E482B8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {5DA7AF0B-F4B1-4B81-B2D4-23A1A41BB978} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5FADF22A-180F-443B-A362-5C99839B5B19} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {696767E6-2426-4B7C-84EF-1115E41984C8} - System32\Tasks\{BE85963D-2F6A-4611-8DAA-CB78A02C6254} => E:\Steam\Steam.exe [2015-11-10] (Valve Corporation) Task: {6BEA4CEA-7EDC-490B-B285-1C27F73B6DC5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {75025099-F616-4B34-801B-DDEE69485070} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA Task: {80C62DFA-A3A0-493F-830F-DED8757F355E} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe Task: {8544EA56-0807-4FA0-8422-995E362E5534} - System32\Tasks\{E2D0C2EC-9F8C-499F-A52E-A3615D90CA1F} => C:\Program Files\Microsoft Office\Office14\EXCEL.EXE [2010-03-13] (Microsoft Corporation) Task: {8653FD09-BDF7-4552-9425-36F0C8A3728A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {919B6997-6FFD-4031-997E-1A06950889C7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9B4C2C04-FE7B-4595-89CE-4E14F052F3F0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {9E24F2DB-AC8F-4B1A-87A4-DDB040DDC720} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9E2E9363-D366-4409-8BFE-29DFAC9DBC57} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {A22A9E76-45B9-476F-B4C0-8C5047359B0A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A29C07AC-9DA0-453E-B288-12C233F091CB} - System32\Tasks\{3D21DC21-A4FB-48FD-8B32-D6D9ADDAF84C} => E:\Steam\Steam.exe [2015-11-10] (Valve Corporation) Task: {A6984108-FA16-426E-A6D7-379C910D3C64} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B99D8D67-3D3E-493E-946E-806695647829} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {B9ED34E4-3379-4DD4-8EB6-99015474A34C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {BE5D024E-07AF-4975-ADD1-FABFC57BEEC7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {C550C6AB-FD86-4796-AB24-BD12A1481E39} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-12] (Microsoft Corporation) Task: {E766719C-9021-438D-89F8-77119DA52088} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {EB54B5E8-E6A8-46D9-BD3A-22BE189D215E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {EF45B222-90CF-42AD-874B-AD9A11F5EADA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {EF8E98BF-18D3-4E88-9012-CCD3A3F5C162} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {F151F2FE-6CC7-4163-AA97-D91D2EEB014E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F51C6C20-9762-4BFA-8B00-1149B7D68D01} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {F9008046-E466-48D0-8996-1DEED5DC0A69} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job => C:\Spybot - Search & Destroy\SpybotSD.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2014-07-06 22:06 - 2012-09-18 15:26 - 00169472 _____ () C:\WINDOWS\System32\zlhp1020.dll 2012-01-20 18:05 - 2009-03-20 17:16 - 00116224 _____ () C:\WINDOWS\System32\redmonnt.dll 2014-07-06 22:11 - 2012-09-18 15:26 - 00059904 _____ () C:\WINDOWS\system32\spool\PRTPROCS\W32X86\pphp1020.dll 2015-10-30 07:44 - 2015-10-30 07:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-11-29 21:03 - 2015-10-13 18:47 - 00113840 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2016-04-15 08:59 - 2016-03-29 11:37 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-15 08:59 - 2016-03-29 11:37 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2010-01-30 03:41 - 2010-01-30 03:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2015-12-17 21:37 - 2015-12-07 06:11 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-04-15 08:58 - 2016-04-02 05:26 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-04-15 08:58 - 2016-04-02 05:09 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-04-15 08:58 - 2016-04-02 05:03 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-04-15 08:58 - 2016-04-02 05:03 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-04-15 08:59 - 2016-04-02 05:07 - 02657280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-11-02 17:37 - 2016-04-15 09:06 - 40500224 _____ () C:\Program Files\AVG\UiDll\2171\libcef.dll 2016-04-19 15:10 - 2016-04-19 15:11 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-04-19 15:10 - 2016-04-19 15:11 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 15:10 - 2016-04-19 15:11 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-05-04 16:04 - 2016-04-28 01:25 - 01738904 _____ () C:\Program Files\Google\Chrome\Application\50.0.2661.94\libglesv2.dll 2016-05-04 16:04 - 2016-04-28 01:25 - 00086168 _____ () C:\Program Files\Google\Chrome\Application\50.0.2661.94\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-227159230-626954009-1044769965-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Maciej\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta z Przeglądarki fotografii systemu Windows.jpg DNS Servers: 10.0.0.2 - 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\Services: AVGIDSAgent => 2 MSCONFIG\Services: avgwd => 2 MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: ALLUpdate => "C:\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: DAEMON Tools Lite => "C:\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: Google Update => "C:\Users\Maciej\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: Steam => "E:\Steam\Steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" HKU\S-1-5-21-227159230-626954009-1044769965-1000\...\StartupApproved\Run: => "OneDrive" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808 FirewallRules: [UDP Query User{CF4F1F81-B098-4C4E-99C2-56FA76CFA53F}E:\counter strike 1.6 v23\hl.exe] => (Allow) E:\counter strike 1.6 v23\hl.exe FirewallRules: [TCP Query User{C14DAD58-6B5F-4095-823E-E063654D0370}E:\counter strike 1.6 v23\hl.exe] => (Allow) E:\counter strike 1.6 v23\hl.exe FirewallRules: [{EAEEE65F-9DE3-4F3B-9E2D-155445CEA013}] => (Allow) E:\Steam\SteamApps\common\Kane & Lynch 2 - Dog Days\kl2.exe FirewallRules: [{40389ADB-B029-4735-83CD-DA8D7E52A798}] => (Allow) E:\Steam\SteamApps\common\Kane & Lynch 2 - Dog Days\kl2.exe FirewallRules: [{041EBADA-1270-48AE-8BC8-01622B02319B}] => (Allow) E:\Steam\bin\steamwebhelper.exe FirewallRules: [{A87DB607-6974-47C4-8AB3-13B445EC4A67}] => (Allow) E:\Steam\bin\steamwebhelper.exe FirewallRules: [{A1887FA3-008D-4B5E-BCA8-55D38E6E6FB3}] => (Allow) E:\Steam\Steam.exe FirewallRules: [{1828EE98-9D6E-4F3C-9564-C944AB17B334}] => (Allow) E:\Steam\Steam.exe FirewallRules: [{47046020-8292-4A17-BD32-D15355856629}] => (Allow) C:\Mozilla Firefox\firefox.exe FirewallRules: [{255AD1DA-2326-4E10-803D-2621C57F6ADD}] => (Allow) C:\Mozilla Firefox\firefox.exe FirewallRules: [{C28D629B-B317-4EF3-AC2B-1AC29520EDC1}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe FirewallRules: [{E126EDE4-28F3-4373-B77C-7E24A1363E02}] => (Allow) C:\Program Files\AVG\Av\avgnsx.exe FirewallRules: [{1A118AF8-2AB4-468D-A3D9-37933FAEE91F}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe FirewallRules: [{689804D8-6F92-4361-BFE9-513DFA2A7EB2}] => (Allow) C:\Program Files\AVG\Av\avgdiagex.exe FirewallRules: [{3CA49A9B-E6AD-45CA-9B4D-161A2A0DB5EE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (05/12/2016 03:36:12 PM) (Source: MsiInstaller) (EventID: 1024) (User: elmariaci) Description: Produkt: Adobe Acrobat Reader DC - nie można zainstalować aktualizacji '{AC76BA86-7AD7-0000-2550-AC0F104E4700}'. Kod błędu 1625. Instalator Windows może tworzyć dzienniki, aby ułatwić rozwiązywanie problemów z instalowaniem pakietów oprogramowania. Użyj następującego linku, aby uzyskać instrukcje dotyczące włączania obsługi rejestrowania: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (05/11/2016 04:26:37 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (05/11/2016 03:36:31 PM) (Source: MsiInstaller) (EventID: 1024) (User: elmariaci) Description: Produkt: Adobe Acrobat Reader DC - nie można zainstalować aktualizacji '{AC76BA86-7AD7-0000-2550-AC0F104E4700}'. Kod błędu 1625. Instalator Windows może tworzyć dzienniki, aby ułatwić rozwiązywanie problemów z instalowaniem pakietów oprogramowania. Użyj następującego linku, aby uzyskać instrukcje dotyczące włączania obsługi rejestrowania: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (05/06/2016 12:14:26 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (04/30/2016 05:30:49 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (04/23/2016 03:17:08 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (04/23/2016 02:43:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: elmariaci) Description: Aktywacja aplikacji Microsoft.Windows.Photos_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (04/21/2016 03:44:21 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (04/19/2016 05:20:55 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (04/15/2016 01:31:40 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Dziennik System: ============= Error: (05/12/2016 03:19:25 PM) (Source: AmdTools) (EventID: 3) (User: ) Description: RegisterTscDrift() Node[ 0 ] Core[ 1 ] Error: Thread already registered. Error: (05/12/2016 03:19:25 PM) (Source: AmdTools) (EventID: 3) (User: ) Description: RegisterTscDrift() Node[ 0 ] Core[ 0 ] Error: Thread already registered. Error: (05/11/2016 04:27:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_3e77efb niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (05/11/2016 03:54:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Wykrywanie usług interakcyjnych zakończyła działanie; wystąpił następujący błąd: %%1 Error: (05/11/2016 03:22:23 PM) (Source: AmdTools) (EventID: 3) (User: ) Description: RegisterTscDrift() Node[ 0 ] Core[ 1 ] Error: Thread already registered. Error: (05/11/2016 03:22:23 PM) (Source: AmdTools) (EventID: 3) (User: ) Description: RegisterTscDrift() Node[ 0 ] Core[ 0 ] Error: Thread already registered. Error: (05/10/2016 07:01:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_3c38e41 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (05/10/2016 06:53:38 PM) (Source: AmdTools) (EventID: 3) (User: ) Description: RegisterTscDrift() Node[ 0 ] Core[ 1 ] Error: Thread already registered. Error: (05/10/2016 06:53:38 PM) (Source: AmdTools) (EventID: 3) (User: ) Description: RegisterTscDrift() Node[ 0 ] Core[ 0 ] Error: Thread already registered. Error: (05/06/2016 12:59:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_31ee385 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. CodeIntegrity: =================================== Date: 2016-04-21 14:53:25.873 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-20 14:04:10.004 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2016-04-20 14:04:09.881 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2016-04-20 14:04:09.779 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2016-04-20 14:04:09.646 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2016-04-20 14:04:09.586 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2016-04-20 14:04:09.515 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2016-04-20 14:04:07.336 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. Date: 2016-04-20 14:04:06.702 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. Date: 2016-04-16 20:26:13.456 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+ Procent pamięci w użyciu: 62% Całkowita pamięć fizyczna: 3327.3 MB Dostępna pamięć fizyczna: 1249.79 MB Całkowita pamięć wirtualna: 6655.3 MB Dostępna pamięć wirtualna: 3904.16 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:97.22 GB) (Free:57.92 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: (Dysk lokalny) (Fixed) (Total:97.65 GB) (Free:9.9 GB) NTFS Drive e: () (Fixed) (Total:270.44 GB) (Free:138.9 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 434E434D) Partition 1: (Active) - (Size=97.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=449 MB) - (Type=27) Partition 3: (Not Active) - (Size=368.1 GB) - (Type=OF Extended) ==================== Koniec Addition.txt ============================