Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja: 16-11-2016 01 Uruchomiony przez Administrator (17-11-2016 14:52:10) Uruchomiony z C:\Users\Czubacka\Downloads Microsoft Windows 7 Professional Service Pack 1 (X86) (2014-04-23 07:53:00) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3499476810-1878256354-1432804099-500 - Administrator - Enabled) => C:\Users\Administrator ASPNET (S-1-5-21-3499476810-1878256354-1432804099-1003 - Limited - Enabled) Czubacka (S-1-5-21-3499476810-1878256354-1432804099-1001 - Limited - Enabled) => C:\Users\Czubacka Gość (S-1-5-21-3499476810-1878256354-1432804099-501 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET Endpoint Security 6.4.2014.2 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Endpoint Security 6.4.2014.2 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} FW: Zapora osobista ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Reader XI (11.0.18) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden ESET Endpoint Security (HKLM\...\{C02F7363-38B0-42E2-BD8D-AE9A723D4C14}) (Version: 6.4.2014.2 - ESET, spol. s r.o.) ESET Remote Administrator Agent (HKLM\...\{6FF45024-D548-4970-A795-69BFB0837017}) (Version: 6.4.283.0 - ESET, spol. s r.o.) Galeria fotografii usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - ) Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation) Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle) Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LPG (HKLM\...\{39CEAACC-75A9-4EBD-BF8E-A268BD526DB1}) (Version: 1.0.3 - Dialtech) Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0415-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0415-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Mozilla Firefox 49.0.2 (x86 pl) (HKLM\...\Mozilla Firefox 49.0.2 (x86 pl)) (Version: 49.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla) OCS Inventory NG Agent 2.0.5.0 (HKLM\...\OCS Inventory NG Agent) (Version: 2.0.5.0 - OCS Inventory NG Team) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge) Poczta usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Podstawowe programy Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.) Skype™ 7.3 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) SUNIX Multi-IO Controller (HKLM\...\{A8D5B39E-815D-44BC-AC52-657FE3D2E21D}) (Version: 8.1.5.0 - SUNIX Co., Ltd.) UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.1.0 - uvnc bvba) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {CDFED304-E376-4AD3-B2B2-DF10806B5A26} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated) Task: {D9FCDC78-88A5-4BED-93F9-B7E428224BBA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2014-04-23 13:26 - 2012-08-31 14:01 - 00151552 _____ () C:\Windows\System32\HP1100LM.DLL 2014-04-23 13:26 - 2012-08-31 14:01 - 00069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HP1100PP.DLL 2011-09-29 17:19 - 2011-09-29 17:19 - 00067584 _____ () C:\Program Files\OCS Inventory Agent\zlib1.dll 2009-02-26 12:46 - 2009-02-26 12:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll 2011-06-22 10:46 - 2011-06-22 10:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll 2015-11-11 03:41 - 2015-11-11 03:41 - 00756376 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL 2014-04-23 13:26 - 2012-08-31 14:02 - 02306048 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\hp1100su.dll 2014-04-23 13:26 - 2012-08-31 14:01 - 00794624 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1100GC.dll 2014-04-23 13:26 - 2012-08-31 14:02 - 00274432 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\hp1100sd.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\Czubacka\AppData\Roaming\Microsoft\Windows\Start Menu\Onet.pl.website:TASKICON_0faviconn2-673245254 [11500] AlternateDataStreams: C:\Users\Czubacka\AppData\Roaming\Microsoft\Windows\Start Menu\Onet.pl.website:TASKICON_1faviconn-1947923671 [30174] AlternateDataStreams: C:\Users\Czubacka\AppData\Roaming\Microsoft\Windows\Start Menu\Onet.pl.website:TASKICON_2faviconn1203174799 [30174] AlternateDataStreams: C:\Users\Czubacka\AppData\Roaming\Microsoft\Windows\Start Menu\Onet.pl.website:TASKICON_3faviconn-1729168065 [30174] AlternateDataStreams: C:\Users\Czubacka\AppData\Roaming\Microsoft\Windows\Start Menu\Onet.pl.website:TASKICON_4faviconn-2076716315 [30174] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-3499476810-1878256354-1432804099-1001\...\fiat.com -> hxxps://linkentry-euro.fiat.com IE trusted site: HKU\S-1-5-21-3499476810-1878256354-1432804099-1001\...\google.pl -> hxxps://www.google.pl ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3499476810-1878256354-1432804099-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Czubacka\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp HKU\S-1-5-21-3499476810-1878256354-1432804099-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 194.204.159.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: TapiSrv => 3 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^OCS Inventory NG Systray.lnk => C:\Windows\pss\OCS Inventory NG Systray.lnk.CommonStartup MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{4BFF1A01-3FFF-4B3F-B071-3011A81A06BA}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{1081427F-3A55-4181-9C7C-78552A590200}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{F8B52EBE-CBCF-4BD5-9239-0E87D96581F6}] => (Allow) LPort=2869 FirewallRules: [{BF284A9E-8692-4BD6-B53E-1E4E49BEFF27}] => (Allow) LPort=1900 FirewallRules: [{0044A132-D6B0-4842-8752-DE26C988FD0B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{1F65447E-5ACC-448B-88DC-0BDDA849A7AA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{9F71295E-267D-4BE7-B555-0B06F9835E69}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{55393767-38BD-4612-BEEC-31EAC4392B8F}] => (Allow) C:\Program Files\G Data\AVKClient\AVKCl.exe FirewallRules: [{D33C7B1F-AD1C-4FA9-9DD9-83CC42C7E8BF}] => (Allow) C:\Program Files\G Data\AVKClient\AVKCl.exe FirewallRules: [{66F0EA3D-6228-4340-9FC7-9B217BC0E72B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{960D8939-2A2A-4302-84D7-D3FC6FC51041}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{70E01C09-727D-466A-9D4F-7A13C4766D4B}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe FirewallRules: [{D36A7EEA-B7B8-49EE-A4C3-541EF1FF61D9}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe FirewallRules: [{F95139FF-58C2-43D4-86D3-F43E3579AAA4}] => (Allow) LPort=5900 FirewallRules: [{278E933D-F6B4-49A0-B150-55AAD116E5C4}] => (Allow) LPort=5800 FirewallRules: [{762B5CE7-38A7-4BE6-90E1-0C12A1C07B5B}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe FirewallRules: [{6E6B0B29-BC63-4D19-9F95-377A82B010AE}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe ==================== Punkty Przywracania systemu ========================= 28-10-2016 07:11:10 Windows Update 02-11-2016 09:43:34 Windows Update 02-11-2016 09:50:05 Kopia zapasowa systemu Windows 07-11-2016 07:17:19 Kopia zapasowa systemu Windows 09-11-2016 14:59:20 Windows Update 12-11-2016 16:35:31 Windows Update 13-11-2016 19:00:18 Kopia zapasowa systemu Windows ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (11/17/2016 12:57:06 PM) (Source: OCS Inventory Service) (EventID: 20) (User: ) Description: Service encounter error Failed to talk with Communication Server)>. Error: (11/17/2016 10:55:22 AM) (Source: OCS Inventory Service) (EventID: 20) (User: ) Description: Service encounter error Failed to talk with Communication Server)>. Error: (11/17/2016 10:06:39 AM) (Source: OCS Inventory Service) (EventID: 20) (User: ) Description: Service encounter error Failed to talk with Communication Server)>. Error: (11/17/2016 10:03:27 AM) (Source: OCS Inventory Service) (EventID: 20) (User: ) Description: Service encounter error Failed to talk with Communication Server)>. Error: (11/17/2016 09:58:33 AM) (Source: OCS Inventory Service) (EventID: 20) (User: ) Description: Service encounter error Failed to talk with Communication Server)>. Error: (11/17/2016 09:53:13 AM) (Source: OCS Inventory Service) (EventID: 20) (User: ) Description: Service encounter error Failed to talk with Communication Server)>. Error: (11/17/2016 09:50:06 AM) (Source: OCS Inventory Service) (EventID: 20) (User: ) Description: Service encounter error Failed to talk with Communication Server)>. Error: (11/17/2016 09:49:11 AM) (Source: OCS Inventory Service) (EventID: 20) (User: ) Description: Service encounter error Failed to talk with Communication Server)>. Error: (11/16/2016 02:20:30 PM) (Source: OCS Inventory Service) (EventID: 20) (User: ) Description: Service encounter error Failed to talk with Communication Server)>. Error: (11/16/2016 11:37:51 AM) (Source: OCS Inventory Service) (EventID: 20) (User: ) Description: Service encounter error Failed to talk with Communication Server)>. Dziennik System: ============= Error: (11/17/2016 09:48:44 AM) (Source: Parvdm) (EventID: 2) (User: ) Description: Nie można uzyskać wskaźnika obiektu urządzenia dla obiektu portu. Error: (11/16/2016 09:47:38 AM) (Source: Parvdm) (EventID: 2) (User: ) Description: Nie można uzyskać wskaźnika obiektu urządzenia dla obiektu portu. Error: (11/15/2016 10:20:32 AM) (Source: Parvdm) (EventID: 2) (User: ) Description: Nie można uzyskać wskaźnika obiektu urządzenia dla obiektu portu. Error: (11/14/2016 07:41:34 AM) (Source: Parvdm) (EventID: 2) (User: ) Description: Nie można uzyskać wskaźnika obiektu urządzenia dla obiektu portu. Error: (11/12/2016 04:32:40 PM) (Source: Parvdm) (EventID: 2) (User: ) Description: Nie można uzyskać wskaźnika obiektu urządzenia dla obiektu portu. Error: (11/10/2016 02:59:15 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Usługa Klient zasad grupy nie została poprawnie zamknięta po odebraniu kodu sterującego przed zamknięciem. Error: (11/10/2016 07:13:55 AM) (Source: Parvdm) (EventID: 2) (User: ) Description: Nie można uzyskać wskaźnika obiektu urządzenia dla obiektu portu. Error: (11/09/2016 07:12:50 AM) (Source: Parvdm) (EventID: 2) (User: ) Description: Nie można uzyskać wskaźnika obiektu urządzenia dla obiektu portu. Error: (11/08/2016 07:14:04 AM) (Source: Parvdm) (EventID: 2) (User: ) Description: Nie można uzyskać wskaźnika obiektu urządzenia dla obiektu portu. Error: (11/07/2016 11:44:27 AM) (Source: Parvdm) (EventID: 2) (User: ) Description: Nie można uzyskać wskaźnika obiektu urządzenia dla obiektu portu. ==================== Statystyki pamięci =========================== Procesor: Pentium(R) Dual-Core CPU E5500 @ 2.80GHz Procent pamięci w użyciu: 76% Całkowita pamięć fizyczna: 1919.61 MB Dostępna pamięć fizyczna: 454.35 MB Całkowita pamięć wirtualna: 3839.23 MB Dostępna pamięć wirtualna: 1972.43 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:150 GB) (Free:103.91 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: (Data) (Fixed) (Total:315.76 GB) (Free:189.4 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 003B6225) Partition 1: (Active) - (Size=150 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=315.8 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================