Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 28-09-2016 Uruchomiony przez uzytkownik (08-03-2017 10:59:17) Uruchomiony z C:\Users\uzytkownik\Desktop\testy Windows 7 Home Premium Service Pack 1 (X64) (2013-11-05 06:11:23) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2938479094-77888213-175405875-500 - Administrator - Disabled) azartech (S-1-5-21-2938479094-77888213-175405875-1003 - Administrator - Enabled) => C:\Users\azartech Gość (S-1-5-21-2938479094-77888213-175405875-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-2938479094-77888213-175405875-1002 - Limited - Enabled) uzytkownik (S-1-5-21-2938479094-77888213-175405875-1000 - Administrator - Enabled) => C:\Users\uzytkownik ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2108.00 - CyberLink Corp.) Acer Crystal Eye Webcam (x32 Version: 1.5.2108.00 - CyberLink Corp.) Hidden Acer Deep Sleep Settings (HKLM-x32\...\{86F3E556-83B1-47E5-A36B-560A521B999B}) (Version: 1.00.3008 - Acer Incorporated) Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated) Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0902.2011 - Acer Incorporated) Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3501 - Acer Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.198 - Adobe Systems Incorporated) Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.221 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated) Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden Agatha Christie 4 50 from Paddington (HKLM-x32\...\Agatha Christie 4 50 from Paddington_is1) (Version: - My Real Games Ltd) Agatha Christie Dead Mans Folly (HKLM-x32\...\Agatha Christie Dead Mans Folly_is1) (Version: - FreeGamePick) Agatha Christie Death On The Nile (HKLM-x32\...\Agatha Christie Death On The Nile_is1) (Version: - FreeGamePick) Amazon 1Button App (HKLM-x32\...\{FA378CD1-F32D-4610-9884-3902DF8AF826}) (Version: 2.3.8 - Amazon) <==== UWAGA AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 2.1.0 - philandro Software GmbH) Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.04.000.98 - Atheros) Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.) clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated) COMODO Secure Shopping (x32 Version: 1.1.79.0 - COMODO) Hidden Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden ETDWare PS/2-X64 11.6.24.206_WHQL (HKLM\...\Elantech) (Version: 11.6.24.206 - ELAN Microelectronic Corp.) Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.) FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden Intel(R) Identity Protection Technology 1.2.18.0 (HKLM-x32\...\{9602841E-ECE2-1019-AAEE-906A4DE25D6B}) (Version: 1.2.18.0 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1008 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan) James Patterson Womens Murder Club Twice in a Blue Moon (HKLM-x32\...\James Patterson Womens Murder Club Twice in a Blue Moon_is1) (Version: - FreeGamePick) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle) Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden KMSpico v9.3.1 (HKLM\...\KMSpico_is1) (Version: 9.3.1 - ) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Language Pack 2010 - Russian/русский (HKLM-x32\...\Office14.OMUI.ru-ru) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Language Pack 2010 - Ukrainian/Українська (HKLM-x32\...\Office14.OMUI.uk-ua) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2938479094-77888213-175405875-1000\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0419-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 51.0.1 (x86 ru) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 ru)) (Version: 51.0.1 - Mozilla) Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (HKLM-x32\...\{90150000-001F-0415-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Qualcomm Atheros Fast Reconnect (HKLM-x32\...\{0CA2063D-D43F-41F2-A8AC-A3C4A4C722D2}) (Version: 1.0 - QualComm Atheros) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31231 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.) Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39013 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0419-0000-0000000FF1CE}_Office14.OMUI.ru-ru_{E8C50326-F12B-484A-A69F-3CBCC36BE2DE}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0422-0000-0000000FF1CE}_Office14.OMUI.uk-ua_{C76E8B04-1A9C-4BC2-9FE8-AFED76100C67}) (Version: - Microsoft) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.) Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer) Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden WildTangent Games App (x32 Version: 4.0.11.14 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Засоби перевірки правопису Microsoft Office 2013 – Українська версія (HKLM-x32\...\{90150000-001F-0422-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Средства проверки правописания Microsoft Office 2013 — русский (HKLM-x32\...\{90150000-001F-0419-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {062AB61D-2B60-41C0-A743-A582BEC0596B} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation) Task: {06A65DF6-4CE1-4C65-8FB6-5A8E75B883FA} - \AutoPico Daily Restart -> Brak pliku <==== UWAGA Task: {78D7541E-5954-430A-96BE-8AE6E0F83498} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-07] (Adobe Systems Incorporated) Task: {841021B4-E260-4D50-B263-63757D1B7494} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd) Task: {A09604F9-CF7D-4A9D-9DF8-F5C5CA2ECF77} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {A39B9E18-2255-4BEB-85C2-93AAB7D4602F} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink) Task: {A4243E5A-AF4B-4DD2-A9B4-7FB56A9BBAD4} - \clear.fi -> Brak pliku <==== UWAGA Task: {AC782462-8F09-4F11-8DE6-B06ECF029340} - \clear.fiAgent -> Brak pliku <==== UWAGA Task: {C315357F-8E3B-400E-8EC4-992F92A56301} - \Program aktualizacji online firmy Adobe. -> Brak pliku <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\uzytkownik\AppData\Roaming\Microsoft\Word\Высказывания%20преподавателей304341372697949808\Высказывания%20преподавателей.docx.lnk -> C:\Users\uzytkownik\Desktop\Высказывания преподавателей.docx (Brak pliku) ==================== Załadowane moduły (filtrowane) ============== 2015-10-05 13:36 - 2015-10-05 13:34 - 01417856 _____ () C:\Program Files (x86)\AnyDesk\AnyDesk.exe 2013-11-05 10:42 - 2011-08-09 16:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Windows\system32\gpsvc.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\gpapi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\dfsc.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\mup.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\rdbss.sys:$CmdTcID [64] AlternateDataStreams: C:\ProgramData\Temp:090FB735 [116] AlternateDataStreams: C:\ProgramData\Temp:11E79CC9 [104] AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134] AlternateDataStreams: C:\ProgramData\Temp:68F27898 [130] AlternateDataStreams: C:\ProgramData\Temp:76517A37 [808] AlternateDataStreams: C:\ProgramData\Temp:89CF6F9C [143] AlternateDataStreams: C:\ProgramData\Temp:8BE8BFCD [136] AlternateDataStreams: C:\ProgramData\Temp:8F6B75BF [248] AlternateDataStreams: C:\ProgramData\Temp:A774141A [125] AlternateDataStreams: C:\ProgramData\Temp:C0A9D0E7 [112] AlternateDataStreams: C:\ProgramData\Temp:C8E82994 [105] AlternateDataStreams: C:\ProgramData\Temp:E32966C0 [110] AlternateDataStreams: C:\Users\uzytkownik\Downloads\19-613 ENEA 28.07.2015.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\uzytkownik\Downloads\avast_internet_security_setup_online.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\uzytkownik\Downloads\avast_internet_security_setup_online.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\uzytkownik\Downloads\Ergo_Hestia_Wypowiedzenie_umowy_ubezpieczenia_OC_z_koncem_okresu_ubezpieczenia_01.08.2011.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\uzytkownik\Downloads\istoriya-ukrainyi-mikola-kostomarov-[torrentino].torrent:$CmdZnID [26] AlternateDataStreams: C:\Users\uzytkownik\Downloads\istoriya_ukrainy_-_mikola_kostomarov_nikolay_kostomarov_-_kostomarov_m.exe.torrent:$CmdZnID [26] AlternateDataStreams: C:\Users\uzytkownik\Downloads\iview440_setup_www.INSTALKI.pl.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\uzytkownik\Downloads\iview440_setup_www.INSTALKI.pl.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\uzytkownik\Downloads\iview440_x64_setup.exe.part:$CmdTcID [64] AlternateDataStreams: C:\Users\uzytkownik\Downloads\license(1).avastlic:$CmdTcID [64] AlternateDataStreams: C:\Users\uzytkownik\Downloads\license(1).avastlic:$CmdZnID [26] AlternateDataStreams: C:\Users\uzytkownik\Downloads\license(2).avastlic:$CmdTcID [64] AlternateDataStreams: C:\Users\uzytkownik\Downloads\license(2).avastlic:$CmdZnID [26] AlternateDataStreams: C:\Users\uzytkownik\Downloads\license(3).avastlic:$CmdZnID [26] AlternateDataStreams: C:\Users\uzytkownik\Downloads\license.avastlic:$CmdTcID [64] AlternateDataStreams: C:\Users\uzytkownik\Downloads\license.avastlic:$CmdZnID [26] AlternateDataStreams: C:\Users\uzytkownik\Downloads\LUDZIKI - Daniel Sikorski.pdf:$CmdTcID [64] AlternateDataStreams: C:\Users\uzytkownik\Downloads\LUDZIKI - Daniel Sikorski.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\uzytkownik\Downloads\Жолондз М.Я. Щитовидная железа - тупик эндокринологии. 1997.djvu:$CmdTcID [64] AlternateDataStreams: C:\Users\uzytkownik\Downloads\Жолондз М.Я. Щитовидная железа - тупик эндокринологии. 1997.djvu:$CmdZnID [26] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\.DEFAULT\...\amazon.com -> amazon.com IE trusted site: HKU\.DEFAULT\...\amazon.com -> hxxps://amazon.com IE trusted site: HKU\S-1-5-21-2938479094-77888213-175405875-1000\...\amazon.com -> amazon.com ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2017-03-07 14:59 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2938479094-77888213-175405875-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\uzytkownik\AppData\Roaming\Mozilla\Firefox\Фон рабочего стола.bmp DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupreg: BingSvc => C:\Users\uzytkownik\AppData\Local\Microsoft\BingSvc\BingSvc.exe MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{35F7C356-1195-4807-88FE-476CA5B45C05}C:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe] => (Allow) C:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe FirewallRules: [UDP Query User{1F731F3C-4E17-4502-9879-C66ED0070FC4}C:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe] => (Allow) C:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe FirewallRules: [{CEA5BC0B-8B37-4C43-A8A3-71933D51D687}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{4A390695-89B9-4C47-A7F1-8E1165BF45CE}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{F88926FE-EAEC-47F1-89E6-532410953CEB}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{6E2FCF32-01D3-4794-B557-E5C2212B068C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{BDDF2C38-39B0-4AF2-9A54-0525E2C9B55D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{F8A05EA2-2611-4C47-A37D-7235D87C802C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe ==================== Punkty Przywracania systemu ========================= 27-07-2016 18:08:51 ASU_MSI_TRAN 05-08-2016 12:36:18 Installed Microsoft .NET Framework 1.1 26-09-2016 14:12:25 ASU_MSI_TRAN 29-09-2016 04:24:59 ASU_MSI_TRAN 29-09-2016 04:50:18 ASU_MSI_TRAN 20-10-2016 12:21:16 ASU_MSI_TRAN 24-10-2016 17:22:38 ASU_MSI_TRAN 23-11-2016 10:04:42 ASU_MSI_TRAN 04-01-2017 09:29:41 04012017 04-01-2017 10:18:51 Installed COMODO Secure Shopping 04-01-2017 10:20:38 Installing COMODO Internet Security Pro 04-01-2017 10:21:51 Instalacja pakietu sterownika urządzenia: COMODO Usługa sieciowa 09-01-2017 20:31:07 Operacja przywracania 11-01-2017 10:40:10 Instalacja pakietu sterownika urządzenia: COMODO Usługa sieciowa 11-01-2017 13:09:12 przed aktu sterowników 11-01-2017 13:15:09 DriverPack 17.7.30 09-02-2017 09:27:54 Installed COMODO Cloud Antivirus 06-03-2017 14:07:17 Removed Dolby Home Theater v4 06-03-2017 14:56:08 Malwarebytes Anti-Rootkit Restore Point 07-03-2017 14:35:43 przed czyszczeniem combo 07-03-2017 15:46:27 Configured Backup Manager V3 07-03-2017 15:49:27 Usunięte MyWinLocker Suite 07-03-2017 16:01:52 Usunięte Sleep Memory Optimizer 07-03-2017 16:03:39 Removed newsXpresso 07-03-2017 16:25:42 Removed Amazon 1Button App ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (03/08/2017 10:38:50 AM) (Source: AnyDesk) (EventID: 0) (User: ) Description: Event-ID 0 Error: (03/07/2017 04:26:47 PM) (Source: MsiInstaller) (EventID: 11316) (User: acer) Description: Product: Amazon 1Button App -- Error 1316. Określone konto już istnieje. Error: (03/07/2017 04:24:16 PM) (Source: AnyDesk) (EventID: 0) (User: ) Description: Event-ID 0 Error: (03/07/2017 03:57:07 PM) (Source: AnyDesk) (EventID: 0) (User: ) Description: Event-ID 0 Error: (03/07/2017 02:59:22 PM) (Source: AnyDesk) (EventID: 0) (User: ) Description: Event-ID 0 Error: (03/07/2017 02:43:32 PM) (Source: AnyDesk) (EventID: 0) (User: ) Description: Event-ID 0 Error: (03/07/2017 11:09:19 AM) (Source: AnyDesk) (EventID: 0) (User: ) Description: Event-ID 0 Error: (03/07/2017 10:56:41 AM) (Source: AnyDesk) (EventID: 0) (User: ) Description: Event-ID 0 Error: (03/07/2017 10:33:05 AM) (Source: AnyDesk) (EventID: 0) (User: ) Description: Event-ID 0 Error: (03/07/2017 09:54:45 AM) (Source: AnyDesk) (EventID: 0) (User: ) Description: Event-ID 0 Dziennik System: ============= Error: (03/07/2017 04:52:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (03/07/2017 04:18:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (03/07/2017 03:56:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (03/07/2017 03:47:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NTI IScheduleSvc niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (03/07/2017 02:59:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (03/07/2017 02:54:08 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (03/07/2017 02:53:18 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (03/07/2017 02:53:18 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (03/07/2017 02:50:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (03/07/2017 02:43:34 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom CodeIntegrity: =================================== Date: 2017-03-08 10:58:15.439 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-08 10:48:12.711 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-08 10:38:51.207 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-07 16:52:16.529 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-07 16:47:32.714 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-07 16:36:41.433 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-07 16:24:17.431 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-07 16:17:53.779 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-07 16:13:11.152 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-07 16:04:48.870 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-2467M CPU @ 1.60GHz Procent pamięci w użyciu: 32% Całkowita pamięć fizyczna: 3947.36 MB Dostępna pamięć fizyczna: 2667.86 MB Całkowita pamięć wirtualna: 7892.93 MB Dostępna pamięć wirtualna: 6596.27 MB ==================== Dyski ================================ Drive c: (ACER) (Fixed) (Total:138.28 GB) (Free:56.23 GB) NTFS Drive d: (DATA) (Fixed) (Total:138.23 GB) (Free:137.9 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 1C876183) Partition 1: (Not Active) - (Size=21.5 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=138.3 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=138.2 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================