Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:03-06-2016 Uruchomiony przez Asus (2016-06-04 20:16:21) Uruchomiony z C:\ Windows 7 Professional Service Pack 1 (X64) (2015-07-24 13:58:35) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3268135465-591020038-312475966-500 - Administrator - Disabled) => C:\Users\Administrator Asus (S-1-5-21-3268135465-591020038-312475966-1000 - Administrator - Enabled) => C:\Users\Asus Gość (S-1-5-21-3268135465-591020038-312475966-501 - Limited - Disabled) _ashbackup_ (S-1-5-21-3268135465-591020038-312475966-1013 - Administrator - Enabled) => C:\Users\_ashbackup_ ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 15.12 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1512-000001000000}) (Version: 15.12.00.0 - Igor Pavlov) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.3.0 - IObit) Aktualizacje NVIDIA 2.11.3.5 (Version: 2.11.3.5 - NVIDIA Corporation) Hidden Angry Birds (HKLM-x32\...\{569702D6-2583-4CE1-AB67-404F69428D7B}) (Version: 4.0.0 - Rovio Entertainment Ltd.) Angry Birds Rio (HKLM-x32\...\{88BE1C5B-2150-4BCA-A3DE-13E6D92EE045}) (Version: 2.2.0 - Rovio Entertainment Ltd.) Angry Birds Seasons (HKLM-x32\...\{2418FDF6-0D10-4714-9E44-34884DC37ECA}) (Version: 4.1.0 - Rovio Entertainment Ltd.) Angry Birds Star Wars (HKLM-x32\...\{999F5B8B-CEEA-4616-8D23-B350EA801A46}) (Version: 1.5.0 - Rovio Entertainment Ltd.) Angry Birds Star Wars II (HKLM-x32\...\{C8644F2A-318E-4B8E-9E61-EB54E61AA8E4}) (Version: 1.5.1 - Rovio Entertainment Ltd.) Ashampoo Backup 2016 (HKLM\...\{FDAE1FAD-57F8-6DCD-940E-885B7FB1CE43}_is1) (Version: 10.01 - Ashampoo GmbH & Co. KG) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0007 - ASUS) Bad Piggies (HKLM-x32\...\{6A062CC2-747A-455F-9892-5CF7F86EA451}) (Version: 1.5.1 - Rovio Entertainment Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform) Chicken Invaders 5: Cluck of the Dark Side (HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\Chicken Invaders 5: Cluck of the Dark Side) (Version: 1.0.0.0 - Alawar Entertainment Inc.) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform) Dropbox (HKLM-x32\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.) EagleGet version 2.0.4.9 (HKLM-x32\...\{F6D8142A-B30B-454B-9EE0-08A7B997DFE4}_is1) (Version: 2.0.4.9 - EagleGet) EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) EasyBCD 2.3 (HKLM-x32\...\EasyBCD) (Version: 2.3 - NeoSmart Technologies) Evernote v. 6.0.6 (HKLM-x32\...\{FC4A0E2E-0CD3-11E6-B80E-005056951CAD}) (Version: 6.0.6.1769 - Evernote Corp.) Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015PL_is1) (Version: 1.4 - GIANTS Software) Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.0 - Ellora Assets Corporation) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) HP Deskjet 1510 series Basic Device Software (HKLM\...\{EB94EF62-E46A-495E-AF31-69D1CB3B46EA}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}) (Version: 2.1.1.0153 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation) K-Lite Codec Pack 11.3.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.3.0 - ) Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\OneDriveSetup.exe) (Version: 17.3.6302.0225 - Microsoft Corporation) Minecraft1.9 (HKLM-x32\...\Minecraft1.9) (Version: - ) Mozilla Firefox 43.0.4 (x86 pl) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 pl)) (Version: 43.0.4 - Mozilla) Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.1 - Notepad++ Team) NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NVIDIA Sterownik graficzny 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.22 - NVIDIA Corporation) Odkurzacz (HKLM-x32\...\Odkurzacz 14.1_is1) (Version: 14.1.0.4136 - FranmoSoftware - Maciej Opaliński) Opera Stable 37.0.2178.54 (HKLM-x32\...\Opera 37.0.2178.54) (Version: 37.0.2178.54 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.) Panel sterowania NVIDIA 368.22 (Version: 368.22 - NVIDIA Corporation) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden SHU (HKLM-x32\...\{DF11DD92-DBB8-4F3F-9564-A8BBDBE986F5}_is1) (Version: 1.0 - ScreenShu Software) Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.) Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.0.2 - IObit) TeamSpeak 3 Client (HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer) Transformers Rise of the Dark Spark version 1.0 (HKLM-x32\...\Transformers Rise of the Dark Spark_is1) (Version: 1.0 - Activision) <==== UWAGA Update for Skype for Business 2016 (KB3114696) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{7A411660-6F59-4704-B90D-E37E20790CF2}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3114696) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{7A411660-6F59-4704-B90D-E37E20790CF2}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3114696) 64-Bit Edition (HKLM\...\{90160000-012B-0415-1000-0000000FF1CE}_Office16.PROPLUS_{7A411660-6F59-4704-B90D-E37E20790CF2}) (Version: - Microsoft) Vivaldi (HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\Vivaldi) (Version: 1.0.344.37 - Vivaldi) VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN) Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.) Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3268135465-591020038-312475966-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Asus\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64\FileCoAuthLib64.dll () CustomCLSID: HKU\S-1-5-21-3268135465-591020038-312475966-1000_Classes\CLSID\{6d4c2238-c1b9-5d67-81d8-2cf6949997db}\InprocServer32 -> C:\Program Files (x86)\EagleGet\npEagleget64.dll (EagleGet) CustomCLSID: HKU\S-1-5-21-3268135465-591020038-312475966-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Asus\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1DE8A9B8-F467-48C5-B318-A280E52CF34B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {2A944250-D82C-4052-8B47-56E6C6BE9994} - \{BBF2DDFF-86AA-4555-BDFF-6EB98BCEB998} -> Brak pliku <==== UWAGA Task: {468349B4-8EE6-437B-8843-B3F337CCFBD0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {4A720884-7F0C-417A-B2BB-0F7AE73FEDCD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd) Task: {53786DF8-9A1E-45F9-9C1D-AE6CAD7CC410} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-23] (Dropbox, Inc.) Task: {56CC3D19-C07B-4271-96FC-FADCE5B8742D} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-05-06] (IObit) Task: {5B4B8DC0-E477-402F-B472-0BCE09178A94} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {6AE83811-BB66-4D96-8859-5BD4CB0FDF8F} - System32\Tasks\AdobeAAMUpdater-1.0-Asus-Komputer-Asus => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {90B95871-4C58-4228-ADCA-59AAFDD34C90} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-04-18] (IObit) Task: {9F019101-2149-4B12-978C-D86410650698} - System32\Tasks\ASC9_SkipUac_Asus => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-05-16] (IObit) Task: {D09C6E4F-B324-45F0-9B56-B6343ACD3982} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS) Task: {DBC7A3EB-9AEF-42D9-8EDF-34432535269A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {E977AE7C-CF36-4379-9064-9AF6A60E5968} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-05-09] () Task: {EB490FE7-9877-45F8-89A4-0FE8EB8EB7AB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-23] (Dropbox, Inc.) Task: {F492C491-9765-490E-8828-E0A9DBB2054A} - System32\Tasks\Opera scheduled Autoupdate 1438095968 => C:\Program Files (x86)\Opera\launcher.exe [2016-05-30] (Opera Software) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\Asus\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat () ==================== Załadowane moduły (filtrowane) ============== 2016-03-04 22:57 - 2016-05-20 09:01 - 00020536 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2016-03-28 20:07 - 2016-03-28 20:07 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2016-03-04 22:57 - 2016-05-20 09:01 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2015-12-20 23:35 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl 2015-12-20 23:35 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl 2015-12-20 23:35 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl 2016-06-02 13:25 - 2016-06-02 13:25 - 65893928 _____ () C:\Program Files (x86)\Opera\37.0.2178.54\opera.dll 2016-06-02 13:25 - 2016-06-02 13:25 - 02212392 _____ () C:\Program Files (x86)\Opera\37.0.2178.54\libglesv2.dll 2016-06-02 13:25 - 2016-06-02 13:25 - 00082472 _____ () C:\Program Files (x86)\Opera\37.0.2178.54\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-3268135465-591020038-312475966-1000\...\100sexlinks.com -> 100sexlinks.com Wykryto więcej niż wyliczono: 4788 witryn. ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2013-09-03 17:19 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3268135465-591020038-312475966-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\Services: AdobeARMservice => 3 MSCONFIG\Services: AdvancedSystemCareService9 => 2 MSCONFIG\Services: ATKGFNEXSrv => 3 MSCONFIG\Services: Bluetooth Device Monitor => 3 MSCONFIG\Services: Bluetooth OBEX Service => 3 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: dbupdate => 3 MSCONFIG\Services: dbupdatem => 3 MSCONFIG\Services: DPS => 2 MSCONFIG\Services: egGetSvc => 3 MSCONFIG\Services: fdPHost => 3 MSCONFIG\Services: ICCS => 3 MSCONFIG\Services: IKEEXT => 2 MSCONFIG\Services: IPBusEnum => 3 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\Services: NvNetworkService => 3 MSCONFIG\Services: NvStreamNetworkSvc => 3 MSCONFIG\Services: NvStreamSvc => 3 MSCONFIG\Services: nvsvc => 3 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: p2pimsvc => 3 MSCONFIG\Services: p2psvc => 3 MSCONFIG\Services: PNRPAutoReg => 3 MSCONFIG\Services: PNRPsvc => 3 MSCONFIG\Services: SCardSvr => 3 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\Services: VaultSvc => 3 MSCONFIG\Services: WdiServiceHost => 3 MSCONFIG\Services: WdiSystemHost => 3 MSCONFIG\Services: WebClient => 3 MSCONFIG\Services: WinHttpAutoProxySvc => 3 MSCONFIG\Services: wuauserv => 2 MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: Advanced SystemCare 9 => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /auto MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe" MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe" MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{DEC5BB2F-B20B-435E-99C6-B248165F3520}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{9679EC6C-48C1-45B2-AF22-2A7B7F29C2CF}C:\program files (x86)\transformers rise of the dark spark\binaries\transgame.exe] => (Allow) C:\program files (x86)\transformers rise of the dark spark\binaries\transgame.exe FirewallRules: [UDP Query User{F2F6FAC2-977F-459F-B548-C42CBA01BBA2}C:\program files (x86)\transformers rise of the dark spark\binaries\transgame.exe] => (Allow) C:\program files (x86)\transformers rise of the dark spark\binaries\transgame.exe FirewallRules: [{D5C7A94E-600C-4EE0-9B92-7EED788DEB7E}] => (Allow) C:\Program Files (x86)\CDP Games\Farming Simulator 15\FarmingSimulator2015.exe FirewallRules: [{D7500B58-F925-4FEC-90C1-40EB327B3712}] => (Allow) C:\Program Files (x86)\CDP Games\Farming Simulator 15\dedicatedServer.exe FirewallRules: [TCP Query User{57521441-3CC7-4969-A40F-570D43A262A1}E:\counter strike 1.6\hl.exe] => (Allow) E:\counter strike 1.6\hl.exe FirewallRules: [UDP Query User{3C743672-10E1-408A-A3A5-0F383394371E}E:\counter strike 1.6\hl.exe] => (Allow) E:\counter strike 1.6\hl.exe FirewallRules: [TCP Query User{A373D22C-B0E2-4C1B-8ED2-7CF87DCE34C2}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe FirewallRules: [UDP Query User{7E5F5916-20CD-4C5D-950B-4E52C4A722C4}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe FirewallRules: [{EA8C68ED-9D30-484A-BDD7-7DCA988872DD}] => (Allow) C:\Program Files (x86)\Alawar.pl\Chicken Invaders 5 Cluck of the Dark Side\CI5.exe FirewallRules: [{6604A86B-465C-4F50-81D4-8F34EA5ED040}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{81CB0565-C80A-44FF-9E7D-6F41733EF705}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{DB084FB5-D6A2-4917-A127-6D0EAFBCBB00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{5B27D08A-0021-4056-8FE1-A72A97A9F8CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{BBC30962-1E88-4F3F-8E37-29A0F7E33EEF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{B6F7E20A-BC69-448E-9F8F-FD5A3DC1023D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{2B9FFE62-15BA-45A0-BA47-C83BE9FF7DF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{68587DCD-A8AA-42AB-9934-737D99A2CAC7}C:\program files\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_92\bin\javaw.exe FirewallRules: [UDP Query User{3EDD9A44-9C93-4077-9DC8-AE2D3F810073}C:\program files\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_92\bin\javaw.exe FirewallRules: [TCP Query User{81EF12B4-42C4-4AF8-B74C-778248E190FD}C:\program files\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_92\bin\javaw.exe FirewallRules: [UDP Query User{FED59656-B00F-4D7D-AC85-6BDE5ED36CEB}C:\program files\java\jre1.8.0_92\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_92\bin\javaw.exe FirewallRules: [{7720B32F-AA6E-4BF9-9067-39053A05EF59}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe FirewallRules: [{04FB150E-4EB2-4948-9C4A-E1E1F7B9FA35}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{4C096440-FF84-48CD-84FB-7F0782317D65}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{EE0123E6-4C61-4BAE-B0EE-629B5DDF33D8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{5987AAE7-CFD3-4CB8-A3AE-380BE9419EA8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{0D19112F-A15B-4FA3-BA8D-2C3234950E29}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Punkty Przywracania systemu ========================= 18-05-2016 21:36:00 Windows Update 21-05-2016 19:36:16 Removed HP Deskjet 1510 series — podstawowe oprogramowanie urządzenia 25-05-2016 19:10:45 Windows Update 28-05-2016 13:55:58 Punkt Iobit 29-05-2016 19:15:38 Windows Update 31-05-2016 17:46:25 Installed Microsoft USB Hub and Controller Test Tool (MUTT) v2.0 31-05-2016 19:21:42 Removed Microsoft USB Hub and Controller Test Tool (MUTT) v2.0 ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: ASUS USB2.0 Webcam Description: Urządzenie wideo USB Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: usbvideo Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Dziennik System: ============= Error: (06/04/2016 08:15:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (06/04/2016 08:15:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (06/04/2016 08:15:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (06/04/2016 08:14:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (06/04/2016 08:14:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (06/04/2016 08:14:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (06/04/2016 08:13:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (06/04/2016 08:13:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (06/04/2016 08:13:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (06/04/2016 08:12:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz Procent pamięci w użyciu: 31% Całkowita pamięć fizyczna: 8075.64 MB Dostępna pamięć fizyczna: 5535.77 MB Całkowita pamięć wirtualna: 10121.82 MB Dostępna pamięć wirtualna: 7490.5 MB ==================== Dyski ================================ Drive c: (Windows 7) (Fixed) (Total:341.57 GB) (Free:239.14 GB) NTFS Drive d: (Dysk D) (Fixed) (Total:276.84 GB) (Free:171.86 GB) NTFS Drive e: (Backup) (Fixed) (Total:40 GB) (Free:18.28 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 0490F921) Partition: GPT. ==================== Koniec Addition.txt ============================