Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:03-06-2016 Uruchomiony przez admin (2016-06-03 23:05:11) Uruchomiony z C:\Users\admin\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2016-04-18 21:44:22) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= admin (S-1-5-21-1693114668-2537149228-3336235061-1001 - Administrator - Enabled) => C:\Users\admin Administrator (S-1-5-21-1693114668-2537149228-3336235061-500 - Administrator - Disabled) Gość (S-1-5-21-1693114668-2537149228-3336235061-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1693114668-2537149228-3336235061-1002 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Panda Free Antivirus (Disabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Panda Free Antivirus (Disabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: Panda Firewall (Enabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) 2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft) 2007 Microsoft Office Suite Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden 7-Zip 15.14 (HKLM-x32\...\{23170F69-40C1-2701-1514-000001000000}) (Version: 15.14.00.0 - Igor Pavlov) 7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version: - ) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.198 - Adobe Systems Incorporated) Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Shockwave Player + Authorware Web Player (HKLM-x32\...\Adobe Shockwave Player + Authorware Web Player) (Version: v12.1.5.155 - Adobe Systems, Inc.) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.) Amazon Assistant (HKLM-x32\...\Amazon Assistant) (Version: 2.3.4 - Amazon) <==== UWAGA Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software) AxessManager (HKLM-x32\...\{B52D7A21-03E5-4C0C-82FA-FD8EB4C92149}) (Version: 1.1.2.3 - ) Booking.com version 1.1.0.5019 (HKLM-x32\...\{F9B4E180-69C1-4414-81E6-DF79F5F971B1}_is1) (Version: 1.1.0.5019 - Booking.com) CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform) ffdshow v1.1.4206 [2011-12-27] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4206.0 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) K-Lite Codec Pack 4.1.7 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 4.1.7 - ) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6215.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Mozilla Firefox 46.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 pl)) (Version: 46.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla) MPC-HC 1.7.7 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.7 - MPC-HC Team) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.93.20.0 - Overwolf Ltd.) Panda Devices Agent (x32 Version: 1.03.05 - Panda Security) Hidden Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.0.2 - Panda Security) SafeFinder (HKLM-x32\...\{11AE47D3-A0DD-4946-B6DA-C2E105231F1F}) (Version: 1.0.0.0 - Linkury) <==== UWAGA SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1218 - SUPERAntiSpyware.com) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer) Unity Web Player (HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS) Update for PriceFountain (HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\{02A4C830-93E9-550B-DF07-2212D2B65170}) (Version: - Update for PriceFountain) <==== UWAGA VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN) WarThunder (HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\WarThunder) (Version: - WarThunder) <==== UWAGA WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) WinThruster (HKLM-x32\...\WinThruster_is1) (Version: 1.79 - solvusoft Corporation) <==== UWAGA ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0F38CAE6-CCED-474A-93A8-69EC571DAF59} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-04-05] (Overwolf LTD) Task: {5EC6C11E-9EAF-4162-81CF-E5146F93D9C0} - System32\Tasks\DistromaticSearchProtect-logon => C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe [2016-04-20] (Distromatic) <==== UWAGA Task: {742DF0AF-B707-4583-8FC6-342A9F294D91} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-19] (Google Inc.) Task: {89E109EB-8F7E-4CFC-ADB2-70EB84D7C48D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-19] (Google Inc.) Task: {9012A5E0-8F23-444E-BB4F-90C770B9FB52} - System32\Tasks\DistromaticSearchProtect-hourly => C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe [2016-04-20] (Distromatic) <==== UWAGA Task: {99CE2EEC-471F-4E7E-AD2D-2CD2A03BCF49} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-19] (Adobe Systems Incorporated) Task: {B912689A-D8BB-416B-914A-A93E4B41CEB3} - System32\Tasks\Driver Booster SkipUAC (admin) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {BB8BF0FC-9FD6-4F09-9E1D-FB925CFAD18A} - System32\Tasks\adminTrowCatkinV2 => Rundll32.exe AdministratricesAlms.dll,main 7 1 <==== UWAGA Task: {C626D32D-649F-4B8D-8990-C6A84CE015A8} - System32\Tasks\DistromaticUpdater-periodic => C:\Program Files (x86)\Amazon Browser Settings\updater.exe [2016-04-20] (Distromatic) <==== UWAGA Task: {C76C41EB-442C-4804-84DF-B1AF61CFE600} - System32\Tasks\{02A4C830-93E9-550B-DF07-2212D2B65170} => C:\Users\admin\AppData\Roaming\PriceFountainUpdateVer\syncversion.exe [2013-05-01] () <==== UWAGA Task: {CBC02E0E-07F6-42E4-BC27-52B217EE5EF7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {F515DA5D-B244-4271-A5F8-AE402E5F5A9E} - System32\Tasks\DistromaticUpdater-logon => C:\Program Files (x86)\Amazon Browser Settings\updater.exe [2016-04-20] (Distromatic) <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: C:\Windows\Tasks\ByteFence Scan.job => C:\Program Files\ByteFence\ByteFence.exe <==== UWAGA Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Norton 8M.job => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\uiStub.exe Task: C:\Windows\Tasks\SafeZone scheduled Autoupdate 1461410609.job => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 9297b17f-ca8e-48f1-8928-ca2473bc2558.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f2e46f0b-0daf-46c0-8890-d394fdf1c93d.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\Windows\Tasks\WarThunder sat.job => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe}hxxp:/mmotraffic.com/catalog/goplay/1000932/MTE3NjYvLy8xMDAwOTMy/ <==== UWAGA Task: C:\Windows\Tasks\WarThunder sun.job => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe}hxxp:/mmotraffic.com/catalog/goplay/1000932/MTE3NjYvLy8xMDAwOTMy/ <==== UWAGA Task: C:\Windows\Tasks\WarThunder05.job => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe}hxxp:/mmotraffic.com/catalog/goplay/1000932/MTE3NjYvLy8xMDAwOTMy/ <==== UWAGA Task: C:\Windows\Tasks\WarThunder24.job => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe}hxxp:/mmotraffic.com/catalog/goplay/1000932/MTE3NjYvLy8xMDAwOTMy/ <==== UWAGA Task: C:\Windows\Tasks\{02A4C830-93E9-550B-DF07-2212D2B65170}.job => C:\Users\admin\AppData\Roaming\PRICEF~1\SYNCVE~1.EXE <==== UWAGA ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\admin\Desktop\instalki\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://mmotraffic.com/catalog/goplay/1000932/MTE3NjYvLy8xMDAwOTMy/?subid=3&click_id=92b09c00533dc39a139f0f03344d7913090ca572 ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://mmotraffic.com/catalog/goplay/1000932/MTE3NjYvLy8xMDAwOTMy/?subid=3&click_id=92b09c00533dc39a139f0f03344d7913090ca572 ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://mmotraffic.com/catalog/goplay/1000932/MTE3NjYvLy8xMDAwOTMy/?subid=3&click_id=92b09c00533dc39a139f0f03344d7913090ca572 ==================== Załadowane moduły (filtrowane) ============== 2016-05-07 16:58 - 2016-05-07 16:58 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2016-05-07 16:58 - 2016-05-07 16:58 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-06-03 20:37 - 2016-06-03 20:37 - 02923008 _____ () C:\Program Files\AVAST Software\Avast\defs\16060301\algo.dll 2016-05-07 16:58 - 2016-05-07 16:58 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll 2016-05-07 16:58 - 2016-05-07 16:58 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-04-23 12:59 - 2016-04-23 12:59 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\...\100sexlinks.com -> 100sexlinks.com Wykryto więcej niż wyliczono: 4788 witryn. ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2016-05-16 20:47 - 00002024 ____A C:\Windows\system32\Drivers\etc\hosts 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com 0.0.0.0 cdn.appround.biz 0.0.0.0 cdn.bigspeedpro.com 0.0.0.0 cdn.bispd.com Wykryto więcej niż wyliczono: 4 linii. ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1693114668-2537149228-3336235061-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\Services: !SASCORE => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AESTFilters => 2 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: hpsrv => 2 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: OverwolfUpdater => 3 MSCONFIG\Services: PandaAgent => 2 MSCONFIG\Services: Quotenamron => 2 MSCONFIG\Services: STacSV => 2 MSCONFIG\Services: SynTPEnhService => 2 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\startupreg: Advanced SystemCare 8 => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: PSUAMain => "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{DF30D517-C4C1-4E1E-94C3-A630CD335CEC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{4035818F-065B-4DCF-8301-23EB54EAC8A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{D507DD3D-2670-4A90-88E1-E0180889D2DC}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [UDP Query User{B627109E-ED51-4CDD-B62F-146A92730337}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [{145C9835-6C53-4BC3-9565-C375295C2FB2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{3E5D2E53-05AA-4193-96C4-245056E95F7B}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B9D00B83-B803-4A06-AEF0-04A142F2FF7E}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7CBFD2E4-7EC4-4247-8B69-2EDBDBD305D4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{01EF6DEB-B624-40D7-BB4A-56ADCBF52B14}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{7125AB13-A098-449B-BE30-88BAE8E10E0A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{F4701C51-2A80-41ED-BAB1-3F0D8CB188B8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Punkty Przywracania systemu ========================= 19-04-2016 13:19:37 Zainstalowany program DirectX 21-04-2016 20:38:00 Removed Skype™ 7.2 25-04-2016 14:45:14 Windows Update 25-04-2016 14:53:31 Installed Microsoft XNA Framework Redistributable 4.0 Refresh 16-05-2016 15:27:35 Installed AxessManager 26-05-2016 11:58:01 WinThruster Cz, maj 26, 16 11:57 29-05-2016 13:55:31 Operacja przywracania ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (04/21/2016 10:47:55 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/21/2016 10:28:34 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/21/2016 06:38:48 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/20/2016 10:11:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/20/2016 07:17:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/20/2016 07:00:28 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program hl.exe w wersji 1.1.1.1 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: a6c Godzina rozpoczęcia: 01d19b25b8835859 Godzina zakończenia: 2237 Ścieżka aplikacji: C:\Users\admin\Desktop\ Counter Strike 1.6\hl.exe Identyfikator raportu: Error: (04/20/2016 06:14:35 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/20/2016 04:17:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/20/2016 12:58:04 PM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Nie można uruchomić usługi. Jedno wystąpienie usługi już działa Error: (04/20/2016 12:58:04 PM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Nie można uruchomić usługi. Nieprawidłowe dojście Dziennik System: ============= Error: (05/30/2016 01:16:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi ByteFence Security Real-time Protection z powodu następującego błędu: %%2 Error: (05/30/2016 01:15:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Harmonogram zadań zależy od usługi Dziennik zdarzeń systemu Windows, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (04/21/2016 10:47:52 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił następujący błąd: %%5. Error: (04/21/2016 10:47:37 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 10:46:02 na ‎2016-‎04-‎21 było nieoczekiwane. Error: (04/21/2016 10:28:31 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił następujący błąd: %%5. Error: (04/21/2016 10:28:16 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 06:55:05 na ‎2016-‎04-‎21 było nieoczekiwane. Error: (04/21/2016 06:38:42 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił następujący błąd: %%5. Error: (04/21/2016 06:38:24 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 00:29:09 na ‎2016-‎04-‎21 było nieoczekiwane. Error: (04/20/2016 10:11:26 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił następujący błąd: %%5. Error: (04/20/2016 10:11:12 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 19:25:45 na ‎2016-‎04-‎20 było nieoczekiwane. CodeIntegrity: =================================== Date: 2016-04-21 17:21:28.454 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAC64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-21 17:20:58.516 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAC64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-21 17:20:50.441 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAC64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-21 17:19:16.719 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAC64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-21 17:19:01.587 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAC64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-21 17:03:08.496 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAC64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-21 17:02:51.918 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAC64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-21 16:53:38.242 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAC64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-21 16:52:03.047 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAC64.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-21 16:51:33.919 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAC64.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: AMD Athlon(tm) II Dual-Core M320 Procent pamięci w użyciu: 44% Całkowita pamięć fizyczna: 3068.2 MB Dostępna pamięć fizyczna: 1706.94 MB Całkowita pamięć wirtualna: 3066.4 MB Dostępna pamięć wirtualna: 1388.16 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:200.34 GB) (Free:161.81 GB) NTFS Drive d: () (Fixed) (Total:97.66 GB) (Free:93.99 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: E8DE8B6E) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=200.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================