Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 15.11.2018 Uruchomiony przez Administrator (18-11-2018 14:15:53) Uruchomiony z C:\Users\Administrator\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2012-04-18 16:03:38) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2184118066-859118458-687225370-500 - Administrator - Enabled) => C:\Users\Administrator Gość (S-1-5-21-2184118066-859118458-687225370-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2184118066-859118458-687225370-1002 - Limited - Enabled) Robert1 (S-1-5-21-2184118066-859118458-687225370-1000 - Administrator - Enabled) => C:\Users\TEMP UpdatusUser (S-1-5-21-2184118066-859118458-687225370-1004 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated) Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated) Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated) Aktualizacje NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software) Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.1.867.100 - AVAST Software) AVG 2015 (HKLM\...\{CE436E8B-C7C3-466F-A1BB-7391D6296BFE}) (Version: 15.0.4321 - AVG Technologies) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform) fillUp Przyjazne formularze 4.9.3 (HKLM-x32\...\{D4A8DDEF-CE67-4466-9A68-9C93D7322CEB}_is1) (Version: 4.9.3 - e-file sp. z o.o. sp. k.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.) Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden Google+ Auto Backup (HKLM-x32\...\{D4C4A751-F7F3-4DCA-B825-9AC391BFFC3F}) (Version: 1.0.19.76 - Google) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Mozilla Firefox 48.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 pl)) (Version: 48.0.2 - Mozilla) Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - ) NVIDIA Oprogramowanie systemu PhysX 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.16.0 - NVIDIA Corporation) NVIDIA Sterownik graficzny 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation) Opera Stable 46.0.2597.32 (HKLM-x32\...\Opera 46.0.2597.32) (Version: 46.0.2597.32 - Opera Software) Panel sterowania NVIDIA 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 311.06 - NVIDIA Corporation) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) proCertum SmartSign (HKLM-x32\...\{E80B3FB7-DAB0-40E9-B256-98D8FF8C1EA9}) (Version: 4.0.0.1820 - Unizeto) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.) RMVB Player 1.0.3 (HKLM-x32\...\RMVB Player_is1) (Version: - ) SafeZone Stable 3.55.2393.607 (HKLM-x32\...\SafeZone 3.55.2393.607) (Version: 3.55.2393.607 - Avast Software) Hidden Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) WinRAR 5.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-03] (AVAST Software) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2012-06-05] (GG Network S.A.) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-03] (AVAST Software) ContextMenuHandlers1: [SmartSign] -> {A9F3EE64-2047-49CF-8522-FE41C75C158B} => C:\Program Files (x86)\Unizeto\proCertum SmartSign\RSContext64.dll [2012-06-21] (Unizeto Technologies SA) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-08] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-08] (Alexander Roshal) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-03] (AVAST Software) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-08] (Alexander Roshal) ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-08] (Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-01-18] (NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-03] (AVAST Software) ContextMenuHandlers6: [SmartSign] -> {A9F3EE64-2047-49CF-8522-FE41C75C158B} => C:\Program Files (x86)\Unizeto\proCertum SmartSign\RSContext64.dll [2012-06-21] (Unizeto Technologies SA) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-08] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-08] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {2D2EA850-8115-41F2-9ED2-4972BF7510B2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent Task: {2D2EA850-8115-41F2-9ED2-4972BF7510B2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2015-07-04] (Microsoft Corporation) Task: {3DF52864-939E-4CE4-AF88-F0C313D203B8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2184118066-859118458-687225370-1000UA => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-18] (Google Inc.) Task: {4CC47B97-46FA-4EB4-BEA4-6ABF3ADB62F5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2184118066-859118458-687225370-1000Core => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-18] (Google Inc.) Task: {4DCA720C-BE5A-4575-A221-16FEC966D50B} - System32\Tasks\Opera scheduled Autoupdate 1493112728 => C:\Program Files\Opera\launcher.exe [2017-06-27] (Opera Software) Task: {608DC69C-B9E3-4B37-AD99-9C90952968AD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated) Task: {62263F03-324B-4500-8AAA-3C7AEB115370} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {744B5AC3-A4F4-40F5-9984-EF16D1F45EAA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig Task: {744B5AC3-A4F4-40F5-9984-EF16D1F45EAA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2015-07-04] (Microsoft Corporation) Task: {74AA1DB4-A23D-4F01-A6D9-9876C78F47D5} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-03-25] (AVAST Software) Task: {74D6BD76-F4A6-4C98-8A9F-F7EA24A0C8A1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd) Task: {7E33E461-D326-405D-BDF8-21123068D324} - System32\Tasks\{CBCA3755-A644-494C-ACFB-F4E7D90A216B} => C:\Windows\system32\pcalua.exe -a C:\Users\Administrator\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=cor Task: {85974B0D-0DD9-489B-B122-A3D4242F9F2D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-03] (AVAST Software) Task: {9E2E5A52-5B17-4A38-8726-D5A7825A04D9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe [2017-10-16] (Adobe Systems Incorporated) Task: {9FBF4BBC-5278-4D9D-8006-5515E31F2001} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-03-25] (AVAST Software) Task: {A5180A02-8754-463F-ABD5-2C5DBE7E877E} - System32\Tasks\Xl5jVVxcVWIx => C:\Users\Administrator\AppData\Roaming\Xl5jVVxcVWIx\abgrcnq.exe [2017-04-26] () Task: {AC511B2A-4C7A-4F85-A9CF-A6FB58A80C22} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig Task: {AC511B2A-4C7A-4F85-A9CF-A6FB58A80C22} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent Task: {AC511B2A-4C7A-4F85-A9CF-A6FB58A80C22} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2015-07-04] (Microsoft Corporation) Task: {AF93B6BA-E5E8-4F58-94A9-F8ECF7E4B481} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {B94B37D4-5BB1-4FA0-A6D6-A72CC5FFA367} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {C1F2F158-8BFA-4A05-AB03-951716D73BA9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd) Task: {CDF891A1-C2D8-4D37-86CA-87BE1DCD857C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-11-04] (AVAST Software) Task: {D6574FF9-B75C-4F9B-AA45-28CD01553D5B} - System32\Tasks\0615tbUpdateInfo => C:\ProgramData\Avg_Update_0615tb\0615tb_{A79DEC18-A2F8-4ACD-8713-005FDFFDE1EB}.exe [2015-06-10] () Task: {FCCF46CC-5284-4622-8EDA-55AC2BF5FB64} - System32\Tasks\0715tbUpdateInfo => C:\ProgramData\Avg_Update_0715tb\0715tb_{C766B15F-AFE8-4110-BBAC-4646D0507498}.exe [2015-07-16] () (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\0615tbUpdateInfo.job => C:\ProgramData\Avg_Update_0615tb\0615tb_{A79DEC18-A2F8-4ACD-8713-005FDFFDE1EB}.exe Task: C:\Windows\Tasks\0715tbUpdateInfo.job => C:\ProgramData\Avg_Update_0715tb\0715tb_{C766B15F-AFE8-4110-BBAC-4646D0507498}.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2184118066-859118458-687225370-1000Core.job => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2184118066-859118458-687225370-1000UA.job => C:\Users\Robert\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2012-05-26 15:43 - 2013-01-18 16:00 - 000087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-07-29 19:32 - 2012-07-30 07:42 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2018-11-03 20:35 - 2018-11-03 20:35 - 000730328 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll 2015-10-19 21:00 - 2018-09-10 16:14 - 000091520 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2018-11-03 20:35 - 2018-11-03 20:35 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll 2018-11-03 20:35 - 2018-11-03 20:35 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2018-11-03 20:35 - 2018-11-03 20:35 - 000496856 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll 2018-11-03 20:35 - 2018-11-03 20:35 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll 2018-11-03 20:35 - 2018-11-03 20:35 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll 2018-11-18 13:42 - 2018-11-18 13:42 - 005724304 _____ () C:\Program Files\AVAST Software\Avast\defs\18111806\algo.dll 2018-03-13 18:14 - 2018-03-13 18:14 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2018-11-14 17:33 - 2018-11-08 23:32 - 004238168 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libglesv2.dll 2018-11-14 17:32 - 2018-11-08 23:32 - 000096600 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2018-11-15 17:05 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2184118066-859118458-687225370-500\Control Panel\Desktop\\Wallpaper -> DNS Servers: 217.113.224.135 - 217.113.224.36 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) mpsdrv => Usługa "Zapora systemu Windows" nie jest uruchomiona. MpsSvc => Usługa "Zapora systemu Windows" nie jest uruchomiona. ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{FC58203B-5DD1-4FB6-B2D4-38B9AC54B824}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe FirewallRules: [{470FCAAD-C400-4C7A-B201-56F16581F361}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe FirewallRules: [{E4665C8E-7C89-4062-81C8-367493AAFD23}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{5B402D37-25AF-4508-A9BE-323439E785D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{9091538E-56B7-4D5E-AC01-FE962231BDAF}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe FirewallRules: [{6BB8CEA1-CD48-4390-A9B4-563DB15C5ECC}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe FirewallRules: [{B702CD63-0D72-4B4C-A29D-1854CEEC8D29}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe FirewallRules: [{79DB2DC0-8AB4-4FCB-9AD3-46DD651C0953}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgdiagex.exe FirewallRules: [{3B7692A7-6DF4-48D1-B396-4DE55980016B}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe FirewallRules: [{CB569460-EE8D-4E6E-9D09-D89D4DDEC3D8}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe FirewallRules: [{93AB5301-0965-4F1C-AABB-65E60185FABB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{6D9B5C2F-FAD1-4AFA-A3CD-C9FC7F3F55A8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{A818AB46-C995-469E-98DF-C5A523253DFC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{C721B180-AB00-4661-910E-04387EC7DD42}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{C445EEAE-BF15-40A5-852F-BC47254C5A83}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe FirewallRules: [UDP Query User{3CADBC1E-169F-4B84-B8D7-519436F132E1}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe FirewallRules: [{2E229C34-0545-4947-A431-0D540E51E886}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{A557DAE7-CEB2-4D57-83DB-AB9D3F988DCE}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{87E199C8-C87B-4875-807B-36DB83A51AA4}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe FirewallRules: [{AF555692-FF4D-477F-BE94-9D5718278807}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe FirewallRules: [{6BEFF714-DF5E-4EE7-B36D-303E08192304}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{020ACAC6-9702-4D78-818C-B4180F56E2C3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{E378C74A-0BD0-4D15-9EA5-AA3530DB9B66}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe FirewallRules: [{9B6E82FB-74F2-4D17-BDEA-BD3042602316}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe FirewallRules: [{810341CC-D944-413E-9CE8-A8A60CF60A18}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{29369660-D337-467A-AEE0-599C8D264C72}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{97660368-86A9-4D2D-A165-92AACFF672B1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{3DDE8D54-C4A2-4E86-95A7-BF09E2E068F6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{1F51BAE4-5050-4C80-923E-4DC7B0D80011}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{EBC4C398-CA74-4304-BD29-3A417C89F8B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{4BF58D95-1B8B-4BE8-AD83-958C14FF8550}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe FirewallRules: [{1D60FAE1-209F-4BE3-824C-21A4014E8BF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe FirewallRules: [{A6E119C3-C309-4089-84F4-126DD336A323}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{9F76DED5-9059-45A5-BC19-FF653E1D566F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{B78E3293-67E9-4E1C-943A-A7E3A1B5FF4B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{5067E25B-ABC9-4C6B-918C-1C09BF984FE5}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{9B42F941-854A-4996-A3D5-9183839DE11A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{B8F3CA5A-BD3B-44D7-A54E-F9A2908EF506}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{0AC4C933-A645-45E7-A059-B59870FB76B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EDD42237-87F7-4BA2-9A6B-BF700889F408}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{2C6C258F-E72D-4061-97FA-90F312C59148}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{9EA95C5E-A438-40F6-803E-75B24E6764C2}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{1164A525-9451-4E5F-ABAF-0C717F1BC424}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{0DA3274E-6761-49FA-86A7-7639526948E9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{8500B902-FA2D-4D0F-A7BD-DCB08833A227}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{F29B5B94-0F4D-40C6-91B3-E64E0A2BE180}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{731F4ECC-2A71-4461-BB10-5827E810F392}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{C2FAE793-6608-4661-AB2B-1C6BB09E3240}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{EC22B6B1-ACC5-4509-B312-ED28A7783335}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{67DC6875-51AB-4BD2-AE59-B16449151FDE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5BD0CF77-3C76-44A2-84DD-0EB90C9E7322}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{EF66E1E5-3CC0-47C2-87A1-C2636FD1E68F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{E30EF587-451F-4BAA-A2D0-55A4890921A6}] => (Allow) C:\Program Files (x86)\Sports Interactive\Football Manager 2011\fm.exe FirewallRules: [{B78F6B7B-26A1-485D-8FCE-3014909EEB18}] => (Allow) C:\Program Files (x86)\Sports Interactive\Football Manager 2011\fm.exe FirewallRules: [{227362F9-FEA1-4514-9DE1-D450EE2DB5F1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E8F0D478-1128-4B01-8E47-EC9EC2AE98BA}] => (Allow) C:\Program Files\Opera\44.0.0.251024142\opera.exe ==================== Punkty Przywracania systemu ========================= 13-06-2018 20:10:51 Zaplanowany punkt kontrolny 25-08-2018 17:10:47 Zaplanowany punkt kontrolny 19-09-2018 17:05:39 Zaplanowany punkt kontrolny 15-11-2018 19:08:46 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (11/18/2018 02:02:04 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Users\Administrator\Downloads\esetsmartinstaller_plk.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/18/2018 01:51:30 PM) (Source: MsiInstaller) (EventID: 11316) (User: ZARZĄDZANIE NT) Description: Product: Avast Update Helper -- Error 1316. Określone konto już istnieje. Error: (11/18/2018 01:41:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/18/2018 12:31:16 PM) (Source: MsiInstaller) (EventID: 11316) (User: ZARZĄDZANIE NT) Description: Product: Avast Update Helper -- Error 1316. Określone konto już istnieje. Error: (11/18/2018 11:31:16 AM) (Source: MsiInstaller) (EventID: 11316) (User: ZARZĄDZANIE NT) Description: Product: Avast Update Helper -- Error 1316. Określone konto już istnieje. Error: (11/18/2018 10:31:16 AM) (Source: MsiInstaller) (EventID: 11316) (User: ZARZĄDZANIE NT) Description: Product: Avast Update Helper -- Error 1316. Określone konto już istnieje. Error: (11/18/2018 10:22:56 AM) (Source: MsiInstaller) (EventID: 11316) (User: ZARZĄDZANIE NT) Description: Product: Avast Update Helper -- Error 1316. Określone konto już istnieje. Error: (11/18/2018 10:13:10 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (11/18/2018 02:11:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Usługa powiadomień SPP zakończyła działanie; wystąpił następujący błąd: Odmowa dostępu. Error: (11/18/2018 01:54:22 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Usługa nasłuchująca grup domowych zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147023143 = Nie ma więcej dostępnych punktów końcowych z programu mapowania punktów końcowych.. Error: (11/18/2018 01:44:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu: Usługa nie została uruchomiona z powodu nieudanego logowania. Error: (11/18/2018 01:44:24 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: Błąd logowania: określone hasło konta wygasło. Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error: (11/18/2018 01:44:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa %1!s! Update (avast) z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (11/18/2018 01:44:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa 30000!s! Update (avast). Error: (11/18/2018 01:41:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi lirsgt z powodu następującego błędu: System Windows nie może zweryfikować podpisu cyfrowego tego pliku. Ostatnia zmiana sprzętu lub oprogramowania mogła spowodować zainstalowanie pliku, który jest niepoprawnie podpisany lub uszkodzony. Możliwe także, że jest to złośliwe oprogramowanie pochodzące z nieznanego źródła. Error: (11/18/2018 01:41:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi atksgt z powodu następującego błędu: System Windows nie może zweryfikować podpisu cyfrowego tego pliku. Ostatnia zmiana sprzętu lub oprogramowania mogła spowodować zainstalowanie pliku, który jest niepoprawnie podpisany lub uszkodzony. Możliwe także, że jest to złośliwe oprogramowanie pochodzące z nieznanego źródła. CodeIntegrity: =================================== Date: 2018-11-18 13:41:47.574 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-11-18 13:41:47.309 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-11-18 13:41:46.981 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-11-18 13:41:46.701 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-11-18 10:13:03.093 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-11-18 10:13:02.781 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-11-18 10:13:01.829 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-11-18 10:13:01.549 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz Procent pamięci w użyciu: 84% Całkowita pamięć fizyczna: 2046.49 MB Dostępna pamięć fizyczna: 321 MB Całkowita pamięć wirtualna: 4092.98 MB Dostępna pamięć wirtualna: 1608.65 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:298.09 GB) (Free:208.61 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive e: (FM2011) (CDROM) (Total:2.52 GB) (Free:0 GB) UDF ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 1FADFE4F) Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================