Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 11-08-2016 01 Uruchomiony przez pcc (2016-08-13 09:15:53) Uruchomiony z C:\Users\pcc\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2012-07-30 15:34:00) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1647462393-2480976863-1240803015-500 - Administrator - Disabled) Gość (S-1-5-21-1647462393-2480976863-1240803015-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1647462393-2480976863-1240803015-1013 - Limited - Enabled) pcc (S-1-5-21-1647462393-2480976863-1240803015-1000 - Administrator - Enabled) => C:\Users\pcc ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) „Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden „Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden „Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden „Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden µTorrent (HKU\S-1-5-21-1647462393-2480976863-1240803015-1000\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.) 7-Zip 9.20 (HKLM-x32\...\{23170F69-40C1-2701-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated) Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) ALLPlayer Pilot (HKLM-x32\...\{146BDBDD-ACD9-4B04-A286-C27471841E8E}_is1) (Version: 1.3 - ALLPlayer Group, Ltd.) ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros) AutoCAD 2014 — Polski (Polish) (Version: 19.1.18.0 - Autodesk) Hidden AutoCAD 2014 Language Pack – Polski (Polish) (Version: 19.1.18.0 - Autodesk) Hidden Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software) Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.120 - Atheros Communications) CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) Clean Master (HKLM-x32\...\Clean Master) (Version: 1.0 - Cheetah Mobile) CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.) CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.) CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.) CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.) Easy File Share (HKLM-x32\...\{95BB7324-77D3-4BF3-8CF6-29F0857AC175}) (Version: 1.1.1699 - Samsung Electronics Co., Ltd.) Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.) Easy Software Manager (HKLM-x32\...\{DE256D8B-D971-456D-BC02-CB64DA24F115}) (Version: 1.1.31.21 - Samsung Electronics Co., Ltd.) Easy Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.44 - Samsung) E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung) Farming Simulator 15 Gold Edition v.1.4.2 (HKLM-x32\...\Farming Simulator 15 Gold Edition_is1) (Version: - ) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden HP Deskjet 1050 J410 series — podstawowe oprogramowanie urządzenia (HKLM\...\{B6A3D97D-484B-48B5-85C6-361D9FA25CDF}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet 1050 J410 series Pomoc (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Codec Pack 7.5.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.5.0 - ) LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) NapiProjekt 2.0.0 (build 2151) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 39.0.2256.48 (HKLM-x32\...\Opera 39.0.2256.48) (Version: 39.0.2256.48 - Opera Software) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Plus Internet 2.5 (HKLM-x32\...\Plus Internet_is1) (Version: 2.5 - Polkomtel S.A.) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pro Evolution Soccer 2016 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - ) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.) SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.1.5 - Samsung) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung) SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.1.1 - Krzysztof Kowalczyk) The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts) Twin USB Gamepad (HKLM-x32\...\{0AD1F05D-15F6-476D-A3BE-E3D5E3E0E023}) (Version: 1.00.0000 - yanglx) Unity Web Player (HKU\S-1-5-21-1647462393-2480976863-1240803015-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS) USB Force Wheel (HKLM-x32\...\{D5778AE9-6376-4CE6-AD4A-8712F4EC3302}) (Version: 2002.10.8 - ) USB RACING WHEEL (HKLM-x32\...\{DED994FF-D39B-4937-9DB9-87EC4E91B316}) (Version: 1.00.0000 - Y-J-R) USB Vibration Joystick (BM) (HKLM-x32\...\{61A994FF-D39B-4937-9DB9-87EC4E91B31F}) (Version: 1.00.0000 - ShanWan) USB Vibration Joystick (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - ) Winamp (HKLM-x32\...\Winamp) (Version: 5.56 - Nullsoft, Inc) Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) WinRAR 5.21 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ZTE LTE Device USB Driver (HKLM\...\{00C1EF09-B5B7-4082-B1F4-C35CE7A7FCA9}) (Version: - ZTE Corporation) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1647462393-2480976863-1240803015-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1647462393-2480976863-1240803015-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1647462393-2480976863-1240803015-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1647462393-2480976863-1240803015-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\pl-PL\acadficn.dll (Autodesk, Inc.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {05E82E36-91AF-484E-B684-2DFD86C3B918} - System32\Tasks\Opera scheduled Autoupdate 1441460031 => C:\Program Files (x86)\Opera\launcher.exe [2016-08-03] (Opera Software) Task: {0BEF1551-8753-4A8B-A4D4-02F1CA277C2B} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2011-09-06] (Samsung Electronics Co., Ltd.) Task: {0C93FD7E-6BA7-4B5D-B066-902574FCBDC2} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2011-08-22] (Samsung Electronics Co., Ltd.) Task: {168F2C47-414A-43CB-900E-83AFF686E876} - System32\Tasks\{0B792322-D5A9-4F3E-9E47-4D80AC817B59} => D:\DAEMON Tools Lite\DTLite.exe [2014-03-04] (Disc Soft Ltd) Task: {1FEC8C1B-496F-4354-9073-6EC089766655} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1647462393-2480976863-1240803015-1000UA => C:\Users\pcc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2016-06-10] (Facebook Inc.) Task: {23E42910-2B82-4D9A-AB6F-3F2C246110B4} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-07] (Adobe Systems Incorporated) Task: {2CDB0F28-AEEA-4A40-8829-A07CDCC26E13} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd) Task: {2F0E85F0-E252-434D-8528-5F1F725E5361} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2011-08-19] (Samsung Electronics Co., Ltd.) Task: {36E01240-60BC-47E2-BFED-41E03F4F9B5D} - System32\Tasks\ALL Update => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2015-07-28] (ALLPlayer Group Ltd.) Task: {395DE250-40F6-4C8C-9A0A-8E9718C37F25} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-11] (AVAST Software) Task: {51CE56F0-099E-4DF8-9208-9914C8BAB00B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec [Argument = /RestartRecording] Task: {69F419D7-F9E4-42A5-B78D-E386E7B10599} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-08-19] (SAMSUNG Electronics co., LTD.) Task: {704DBDE0-02CC-489B-B88D-91BE65AE80C1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1647462393-2480976863-1240803015-1000Core => C:\Users\pcc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2016-06-10] (Facebook Inc.) Task: {9377CFC1-B600-452D-B641-E01A0FBDA9B0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software) Task: {A1DC2765-02E4-4A22-8C98-35A7E9C2C5E5} - System32\Tasks\SafeZone scheduled Autoupdate 1468304439 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software) Task: {A3455639-DD01-467F-9621-1B4D3A4F7597} - System32\Tasks\Easy Software Manager Agent => C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe [2011-12-06] (Samsung) Task: {A8A58500-87B7-4FF1-AD9C-FB32C6F688B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-22] (Google Inc.) Task: {AC7D0A85-AE72-452F-83E9-3B27672EE3BA} - System32\Tasks\{F244BC8E-BCF8-495D-89D3-E05171D6807B} => C:\Program Files (x86)\NAPI-PROJEKT\napisy.exe [2010-02-01] () Task: {B7E697BA-F961-4C02-BEDA-590F68403521} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink) Task: {BDA8B14D-CBD7-4B2C-8C9F-3F48E8D9C63E} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec [Argument = /StartRecording] Task: {C7A6F82B-B78B-4868-AE0A-96B7395E93F5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate [Argument = $(Arg0)] Task: {DBAE934A-4B83-4EAB-AD23-29AC6D829234} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2011-09-06] (Samsung Electronics Co., Ltd.) Task: {EDD6EDAA-2EF0-4B23-BCD1-7484622D03DD} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe [2011-10-12] (SAMSUNG Electronics) Task: {F08ECDD9-201B-40DE-AE25-CC8021A22452} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-22] (Google Inc.) Task: {F126976C-FA15-44F1-ADCD-6FF7403F2456} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2011-09-28] (Samsung Electronics) Task: {F8453F5F-922A-49A6-BAFD-EF064A8CC352} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-08-07] (Adobe Systems Incorporated) Task: {FD0287A8-6047-4FD3-87B3-45A344008FFF} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-06-24] (SEC) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1647462393-2480976863-1240803015-1000Core.job => C:\Users\pcc\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1647462393-2480976863-1240803015-1000UA.job => C:\Users\pcc\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2012-01-11 10:49 - 2009-12-01 09:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2010-01-30 03:40 - 2010-01-30 03:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2014-12-13 00:25 - 2014-12-13 00:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2016-07-11 18:57 - 2016-07-11 18:57 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-08-12 16:29 - 2016-08-12 16:29 - 03016192 _____ () C:\Program Files\AVAST Software\Avast\defs\16081201\algo.dll 2016-07-11 18:57 - 2016-07-11 18:57 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2012-01-11 09:35 - 2011-02-16 18:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll 2012-01-11 10:58 - 2011-07-29 02:53 - 00746064 _____ () C:\Program Files (x86)\Samsung\Easy Software Manager\SWMFuncDLL.dll 2012-01-11 09:35 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll 2009-11-02 07:20 - 2009-11-02 07:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2009-11-02 07:23 - 2009-11-02 07:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2016-07-11 18:57 - 2016-07-11 18:57 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-08-05 11:49 - 2016-08-05 11:49 - 69095432 _____ () C:\Program Files (x86)\Opera\39.0.2256.48\opera.dll 2016-08-05 11:49 - 2016-08-05 11:48 - 02209800 _____ () C:\Program Files (x86)\Opera\39.0.2256.48\libglesv2.dll 2016-08-05 11:49 - 2016-08-05 11:48 - 00086024 _____ () C:\Program Files (x86)\Opera\39.0.2256.48\libegl.dll 2012-01-11 09:50 - 2010-05-07 16:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll 2016-08-07 11:54 - 2016-08-07 11:54 - 17602240 _____ () C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_22_0_0_209.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) HKU\S-1-5-21-1647462393-2480976863-1240803015-1000\Software\Classes\.scr: AutoCADScriptFile => C:\windows\system32\notepad.exe "%1" ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2014-10-14 09:56 - 00000860 ____N C:\windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1647462393-2480976863-1240803015-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pcc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupfolder: C:^Users^pcc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Powiadomienia monitorowania tuszu - HP Deskjet 1050 J410 series.lnk => C:\windows\pss\Powiadomienia monitorowania tuszu - HP Deskjet 1050 J410 series.lnk.Startup MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: cmsc => "c:\program files (x86)\cmcm\Clean Master\cmtray.exe" -autorun MSCONFIG\startupreg: Plus Internet => C:\Program Files (x86)\Plus Internet\PlusInternetChecker.exe MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{18F104DB-15F8-446B-AB6D-7719CB8C8C85}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Block) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [UDP Query User{71035888-6332-402E-8E6E-7A79CCB88C2B}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Block) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe ==================== Punkty Przywracania systemu ========================= 11-08-2016 14:48:24 WinThruster Cz, sie 11, 16 14:48 13-08-2016 08:50:30 Removed Facebook Video Calling 3.1.0.521 13-08-2016 08:51:11 Removed HP Deskjet 1050 J410 series — badanie mające na celu poprawę produktów 13-08-2016 08:51:49 Removed Java 8 Update 77 (64-bit) 13-08-2016 08:53:04 Removed Java 8 Update 77 13-08-2016 08:57:43 Installed Microsoft Solution - B4164D8C-3813-495A-BBBC-BA51D122A226 13-08-2016 09:01:15 Installed Microsoft Solution - B4164D8C-3813-495A-BBBC-BA51D122A226 13-08-2016 09:06:55 Restore Point Created by FRST ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Karta tunelowania Teredo firmy Microsoft Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (08/13/2016 09:09:39 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/13/2016 08:39:21 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/12/2016 07:15:21 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/12/2016 04:27:36 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/11/2016 10:24:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/11/2016 07:53:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: PlusInternetChecker.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x516399b8 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7601.17725, sygnatura czasowa: 0x4ec49b8f Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00033325 Identyfikator procesu powodującego błąd: 0x444 Godzina uruchomienia aplikacji powodującej błąd: 0xPlusInternetChecker.exe0 Ścieżka aplikacji powodującej błąd: PlusInternetChecker.exe1 Ścieżka modułu powodującego błąd: PlusInternetChecker.exe2 Identyfikator raportu: PlusInternetChecker.exe3 Error: (08/11/2016 06:54:55 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/11/2016 06:07:11 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/11/2016 05:24:04 PM) (Source: ESENT) (EventID: 455) (User: ) Description: DllHost (3416) WebCacheLocal: Wystąpił błąd -1811 podczas otwierania pliku dziennika C:\Users\pcc\AppData\Local\Microsoft\Windows\WebCache\V0100001.log. Error: (08/11/2016 05:20:18 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Dziennik System: ============= Error: (08/13/2016 09:07:24 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056 = Jedno wystąpienie usługi już działa.. Error: (08/13/2016 09:06:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Instalator Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/13/2016 09:06:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Live ID Sign-in Assistant niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/13/2016 09:06:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/13/2016 09:06:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Cyberlink RichVideo Service(CRVS) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/13/2016 09:06:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Skype Click to Call PNR Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/13/2016 09:06:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Skype Click to Call Updater niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/13/2016 09:06:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa AtherosSvc niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/13/2016 09:06:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Atheros Bt&Wlan Coex Agent niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/13/2016 09:06:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. CodeIntegrity: =================================== Date: 2016-08-13 09:08:40.178 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-08-13 09:08:39.819 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2016-08-13 08:38:00.038 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-08-13 08:37:59.585 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2016-08-12 19:14:31.053 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-08-12 19:14:30.710 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2016-08-12 16:26:41.350 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-08-12 16:26:41.256 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2016-08-11 22:23:10.646 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-08-11 22:23:10.568 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: AMD A6-3420M APU with Radeon(tm) HD Graphics Procent pamięci w użyciu: 35% Całkowita pamięć fizyczna: 5611.8 MB Dostępna pamięć fizyczna: 3602.68 MB Całkowita pamięć wirtualna: 11221.79 MB Dostępna pamięć wirtualna: 8973.95 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:271 GB) (Free:86.06 GB) NTFS Drive d: () (Fixed) (Total:406.36 GB) (Free:387.85 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: A5ADEED1) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=271 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=406.4 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=21.2 GB) - (Type=27) ==================== Koniec Addition.txt ============================