Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:28-11-2015 Uruchomiony przez boczek1984 (2015-11-29 16:45:15) Uruchomiony z C:\Users\boczek1984\Downloads Windows 10 Home (X64) (2015-08-06 14:11:21) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2245542573-2779261186-3183875247-500 - Administrator - Disabled) besty_000 (S-1-5-21-2245542573-2779261186-3183875247-1004 - Limited - Enabled) => C:\Users\besty_000 boczek1984 (S-1-5-21-2245542573-2779261186-3183875247-1001 - Administrator - Enabled) => C:\Users\boczek1984 Gość (S-1-5-21-2245542573-2779261186-3183875247-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2245542573-2779261186-3183875247-1003 - Limited - Enabled) Konto domyślne (S-1-5-21-2245542573-2779261186-3183875247-503 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Internet Security 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Internet Security 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} FW: AVG Internet Security 2015 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Acronis Disk Director Suite (HKLM-x32\...\{2300EE96-0A41-4FAB-BD03-989EC44577A0}) (Version: 10.0.2160 - Acronis) Acronis Disk Director 12 (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3223 - Acronis) Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.) ALL YouTube Downloader (HKLM-x32\...\ALL YouTube Downloader_is1) (Version: 2.3 - ALLPlayer Ltd.) Autorun Organizer version 2.14 (HKLM-x32\...\Autorun Organizer_is1) (Version: 2.14 - ChemTable Software) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6176 - AVG Technologies) AVG 2015 (Version: 15.0.4460 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.6176 - AVG Technologies) Hidden AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.12.1.43164 - AVG Technologies) AVG PC TuneUp (x32 Version: 16.12.3 - AVG Technologies) Hidden AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.9.0.231 - AVG Technologies) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2.5712 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.) CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard) FMW 1 (Version: 1.32.2 - AVG Technologies) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Documentation (HKLM-x32\...\{8E7CB625-076C-4812-87B9-A2695C2CFABF}) (Version: 1.1.0.0 - Hewlett-Packard) HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company) HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard) HP Software Framework (HKLM-x32\...\{6975FEB2-7CBF-4150-A067-F2E2D2E03839}) (Version: 4.6.10.1 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company) HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MyDriveConnect 4.0.4.2260 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.4.2260 - TomTom) NapiProjekt 2.0.0 (build 2151) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - ) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.232 - Qualcomm Atheros) Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.) Registry Life wersja 3.22 (HKLM-x32\...\Registry Life_is1) (Version: 3.22 - ChemTable Software) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation) Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-2245542573-2779261186-3183875247-1001\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated) TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Nazwa firmy) TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Nazwa firmy) TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Nazwa firmy) TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Nazwa firmy) TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Nazwa firmy) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH) Unity Web Player (HKU\S-1-5-21-2245542573-2779261186-3183875247-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2245542573-2779261186-3183875247-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\boczek1984\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation) ==================== Punkty Przywracania systemu ========================= 11-11-2015 23:23:46 Windows Update 15-11-2015 14:52:27 Windows Update 18-11-2015 17:29:06 Windows Update 25-11-2015 23:00:22 Removed Java 8 Update 65 ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {09BCA860-390E-4018-B9E1-0BD688A1C432} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe Task: {110C6092-A540-4304-A7CA-7299658BBB6D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {111E8317-7A20-440D-B964-250935BF4163} - System32\Tasks\{B80B6B85-E310-4D40-999B-9F784A453B22} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUInstallHelper.exe" -c --Trigger-Uninstall Task: {1F80D2AC-A229-45A1-AEF8-1ADA02493137} - System32\Tasks\{D2C59669-AD29-48BE-85EE-99EBB431EFBF} => pcalua.exe -a C:\Users\boczek1984\AppData\Roaming\BitTorrent\BitTorrent.exe -c /UNINSTALL Task: {2358B975-6F25-40CF-89F2-FF2BA060B8C3} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.6.3\SymErr.exe Task: {23FEF41D-DD11-4BB3-82A7-B86DA33A1671} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {29D85D88-239A-40CC-88B6-4E0D07F4E87D} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.6.3\SymErr.exe Task: {2CBBF744-4185-492D-B355-557FB04C148B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {458AC969-9620-4C16-A0C0-DAD67647B733} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {54847FAB-5B42-4A9F-8B0D-4B6E45880A59} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {81E0F47D-D7F3-45C7-BC47-C187DB56C9B9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {84B6EE6F-27C4-4040-B143-0037C9C33B01} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {854D894F-160A-4193-B8B7-F77498A1658C} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe Task: {8868689F-6932-45EF-84E8-8A3A95EAFFFF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {95D1452A-1D8A-482F-B81D-10A37B024EB2} - System32\Tasks\HPCeeScheduleForboczek1984 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard) Task: {A825AD2A-0EA6-4664-8362-DA904DE247F2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {B7C6884C-C0A7-4CF6-8DD6-0F750B484BA1} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink) Task: {B9F4A72E-0349-47A9-ADD6-F50331F0C12C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {BE7217A4-D890-418D-98DF-BEAF7CE54D82} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {C2BFF101-8155-4F50-83B6-D86CEB1360A2} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink) Task: {D0A1BE22-E557-41FB-AE8C-3AA7F6E6BD2C} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2015-11-23] (AVG Technologies CZ, s.r.o.) Task: {D0E7354D-2395-4875-BFDE-F3FA15DBA28E} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert <==== UWAGA Task: {D83DFAA1-CF49-4BD3-9FA7-00D9594CBFAB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {E923BD50-A4FB-4848-B0B6-320EF604B9AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {EEA92FAE-C1BC-496A-82C0-B7F505D8A683} - System32\Tasks\{0C88C3FB-8B76-41E7-A931-3CFD3E4778F1} => Chrome.exe hxxp://ui.skype.com/ui/0/7.4.0.102/pl/eula Task: {F642E6DF-D0DF-4909-822A-878EE2023EB0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {F761B057-102A-4364-B24B-B3178B0D60E9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA Task: {F77A5ED1-8201-40E4-9FB6-2B6E9BA6EA4F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {F9E692FF-D438-4CE9-8E9A-47C4FC1E5C4E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-18] (Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForboczek1984.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2015-08-06 15:14 - 2015-08-06 15:14 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-08-19 15:28 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-09-30 20:15 - 2015-09-30 20:14 - 00168336 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\loggingserver.exe 2015-10-01 20:26 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-10-01 20:26 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-10-01 20:24 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-10-01 20:26 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-10-01 20:24 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-10-01 20:24 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-10-01 20:25 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-08-07 21:37 - 2015-09-30 20:14 - 02569616 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe 2015-11-21 15:16 - 2015-11-21 15:16 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2015-11-21 15:16 - 2015-11-21 15:16 - 11526656 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2015-11-19 18:12 - 2015-11-19 18:12 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2015-09-30 20:15 - 2015-09-30 20:14 - 00528272 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.9.0\log4cplusU.dll 2012-09-26 01:29 - 2012-06-26 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2012-09-26 01:44 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2015-10-30 21:32 - 2015-10-30 21:31 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll 2015-11-11 23:06 - 2015-11-07 05:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll 2015-11-11 23:06 - 2015-11-07 05:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll 2015-11-11 23:06 - 2015-11-07 05:36 - 16496456 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2245542573-2779261186-3183875247-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\boczek1984\Downloads\rekin-paszcza.jpeg HKU\S-1-5-21-2245542573-2779261186-3183875247-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\...\StartupApproved\Run32: => "mobilegeni daemon" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-2245542573-2779261186-3183875247-1001\...\StartupApproved\Run: => "ALLUpdate" HKU\S-1-5-21-2245542573-2779261186-3183875247-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-2245542573-2779261186-3183875247-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2245542573-2779261186-3183875247-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-2245542573-2779261186-3183875247-1001\...\StartupApproved\Run: => "MyDriveConnect.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{B69F1611-FBC5-43C0-B75D-0F5695E329CD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{72E92AA8-F1F9-4B93-BF7A-F7C7D1BE6470}] => (Allow) LPort=2869 FirewallRules: [{B737B6F8-5208-425C-A98F-93B5F4C38024}] => (Allow) LPort=1900 FirewallRules: [{C34A84D6-ABA1-40A6-8B70-A4A636C936E5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{C76E4FDB-9BAC-4D86-A2DD-0B8710F8BA8F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{9EAF946E-41DE-4680-8034-394440B0B59A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{B31203BE-9E91-4F11-A5AA-EA95512F72F3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{ED79B79B-878E-4953-9641-AC5EDE1F9864}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [TCP Query User{2C5D4BA6-C1F7-4537-A66A-3E02C23C3433}C:\users\boczek1984\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\boczek1984\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{2A8FFC37-2A7B-47F4-9A8A-E3D8B32A9B70}C:\users\boczek1984\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\boczek1984\appdata\roaming\spotify\spotify.exe FirewallRules: [{496218DD-BEF6-42C1-AE20-3DDCE6F2A532}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{23278F10-D099-4137-B283-6FE7080E9BD2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{3903F540-F45A-49D6-82AF-DB520A6BD023}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{5F0670E6-2AFE-4D51-A471-BDD4B89EC69E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{CD97682E-C894-43C0-8FA2-8492920EB21F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{05834FCB-B684-4CE4-9831-044CD4D9C398}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{1185761C-45E9-4227-A2A9-A1C55B4325FB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{A2255D1E-7F50-43ED-88AA-9F9D566B98A3}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{C598F50D-CCF9-4473-BC80-737B43F5C8D5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{050FE9B9-84F7-4C35-8ECB-A4A4A621451B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (11/29/2015 04:28:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: boczek) Description: Aktywacja aplikacji Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App nie powiodła się. Błąd: -2147024770. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (11/29/2015 03:26:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: boczek) Description: Aktywacja aplikacji Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (11/29/2015 02:56:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: boczek) Description: Aktywacja aplikacji Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (11/29/2015 01:26:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: boczek) Description: Aktywacja aplikacji Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (11/29/2015 00:56:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: boczek) Description: Aktywacja aplikacji Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (11/29/2015 11:20:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: boczek) Description: Aktywacja aplikacji Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (11/29/2015 10:45:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: boczek) Description: Aktywacja aplikacji Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (11/29/2015 09:20:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: boczek) Description: Aktywacja aplikacji Microsoft.BingTravel_8wekyb3d8bbwe!AppexTravel nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (11/29/2015 09:20:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: boczek) Description: Aktywacja aplikacji Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (11/28/2015 11:37:42 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 12547 Dziennik System: ============= Error: (11/29/2015 09:14:27 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (11/28/2015 11:37:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (11/27/2015 10:28:48 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: ZARZĄDZANIE NT) Description: Usługa autokonfiguracji sieci WLAN wykryła ograniczenie łączności podczas resetowania/odzyskiwania karty. Kod: 8 0x0 0x0 Error: (11/27/2015 10:28:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: ZARZĄDZANIE NT) Description: Usługa autokonfiguracji sieci WLAN wykryła ograniczenie łączności podczas resetowania/odzyskiwania karty. Kod: 4 0x0 0x0 Error: (11/27/2015 10:28:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: ZARZĄDZANIE NT) Description: Usługa autokonfiguracji sieci WLAN wykryła ograniczenie łączności podczas resetowania/odzyskiwania karty. Kod: 1 0xc 0x4 Error: (11/26/2015 06:23:36 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (11/26/2015 06:23:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (11/25/2015 09:13:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi esgiguard z powodu następującego błędu: %%1275 Error: (11/25/2015 09:13:38 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\boczek1984\Desktop\SpyHunter\SpyHunter\esgiguard.s Error: (11/25/2015 08:39:12 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} CodeIntegrity: =================================== Date: 2015-08-06 16:59:36.126 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-06 16:59:36.032 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-06 16:59:35.865 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-06 16:59:35.762 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-06 16:59:35.595 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-06 16:59:35.492 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-06 16:59:35.229 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-06 16:59:34.968 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-06 16:59:34.898 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-06 16:59:34.813 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz Procent pamięci w użyciu: 69% Całkowita pamięć fizyczna: 3983.28 MB Dostępna pamięć fizyczna: 1202.83 MB Całkowita pamięć wirtualna: 4687.28 MB Dostępna pamięć wirtualna: 1645.3 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:450.57 GB) (Free:403.19 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive d: (RECOVERY) (Fixed) (Total:13.25 GB) (Free:1.73 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 05DCA4BB) Partition: GPT. ==================== Koniec Addition.txt ============================