Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 02-07-2016 Uruchomiony przez NajaArt (2016-07-06 16:42:22) Uruchomiony z C:\Users\NajaArt\Downloads\frst64 i inne skany\Nowy folder Windows 7 Professional Service Pack 1 (X64) (2013-07-24 11:10:22) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-309583454-3636370961-3052257446-500 - Administrator - Disabled) Gość (S-1-5-21-309583454-3636370961-3052257446-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-309583454-3636370961-3052257446-1003 - Limited - Enabled) NajaArt (S-1-5-21-309583454-3636370961-3052257446-1001 - Administrator - Enabled) => C:\Users\NajaArt ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.42 - ArcSoft) ArcSoft TotalMedia (x32 Version: 1.0.61.25 - ArcSoft) Hidden ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.39 - ArcSoft) Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Booking.com version 1.2.0.0 (HKLM-x32\...\{958A475F-037D-401A-AC05-209725973E11}_is1) (Version: 1.2.0.0 - Booking.com) CrystalDiskInfo 7.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.0 - Crystal Dew World) Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.0.0.4 - Hewlett-Packard Company) Drive Encryption For HP ProtectTools (HKLM\...\{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}) (Version: 7.0.28.30376 - Hewlett-Packard Company) Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard) Evernote v. 4.5.4 (HKLM-x32\...\{550BFF6E-7376-11E1-99EA-984BE15F174E}) (Version: 4.5.4.6487 - Evernote Corp.) Face Recognition for HP ProtectTools (HKLM\...\Face Recognition for HP ProtectTools) (Version: 7.01.4525 - Hewlett-Packard Company) Face Recognition for HP ProtectTools (Version: 7.01.4525 - Hewlett-Packard Company) Hidden File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 7.0.0.5 - Hewlett-Packard Company) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google+ Auto Backup (HKU\S-1-5-21-309583454-3636370961-3052257446-1001\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.) HP 3D DriveGuard (HKLM\...\{5B4F3B85-83F0-4BBF-9052-7A38B6B09634}) (Version: 5.0.8.0 - Hewlett-Packard Company) HP Connection Manager (HKLM-x32\...\{22706ADC-74A1-43A0-ABAE-47F84966B909}) (Version: 4.2.50.1 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{A351CC1B-C92C-4F37-8109-9F6D33ACF5EF}) (Version: 1.1.1.0 - Hewlett-Packard) HP ESU for Microsoft Windows 7 (HKLM-x32\...\{6357258D-2BF9-49E7-A9EF-0C609D52C46D}) (Version: 2.0.6.1 - Hewlett-Packard Company) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.12 - SunplusIT) HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.5.9.1 - Hewlett-Packard Company) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Power Assistant (HKLM\...\{84642787-58C0-44AE-8B26-E2F544E380A1}) (Version: 2.5.0.16 - Hewlett-Packard Company) HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.0.1177 - Hewlett-Packard Company) HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company) HP SoftPaq Download Manager (HKLM-x32\...\{223AE3E8-4445-410F-8EDA-13EC137E3BDB}) (Version: 3.4.3.0 - Hewlett-Packard Company) HP Software Framework (HKLM-x32\...\{962CB079-85E6-405F-8704-1C62365AE46F}) (Version: 4.5.10.1 - Hewlett-Packard Company) HP Software Setup (HKLM-x32\...\{658A8756-7B1E-44FD-A434-D777DD906232}) (Version: 8.5.2.1 - Hewlett-Packard Company) HP System Default Settings (HKLM-x32\...\{C4E9E8A4-EEC4-4F9E-B140-520A8B75F430}) (Version: 2.4.1.2 - Hewlett-Packard Company) HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 3.0.0.1 - Hewlett-Packard Company) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden Huawei E5373 (HKLM-x32\...\Huawei E5373) (Version: 22.001.23.00.1202 - Huawei Technologies Co.,Ltd) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6392.0 - IDT) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation) ipla 2.8.6 (HKLM-x32\...\ipla) (Version: 2.8.6 - Redefine Sp z o.o.) JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.68.0 - JMicron Technology Corp.) Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden Ksiega (HKLM-x32\...\Ksiega) (Version: - ) Księga Express STD ver. 5.1.01 (HKLM-x32\...\Księga Express STD_is1) (Version: - ) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Odkurzacz (HKLM-x32\...\Odkurzacz 14.1_is1) (Version: 14.1.0.4136 - FranmoSoftware - Maciej Opaliński) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1004 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden Pakiet zgodności dla systemu Office 2007 (HKLM-x32\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.93 - PDF Complete, Inc) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.5 - Nikon) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Privacy Manager for HP ProtectTools (HKLM\...\{CA2F6FAD-D8CD-42C1-B04D-6E5B1B1CFDCC}) (Version: 7.0.0.865 - Hewlett-Packard Company) Ralink Bluetooth Stack64 (HKLM\...\{ED818A3C-3DF5-CDCF-3DB2-A646D7B31A16}) (Version: 9.0.717.0 - Ralink Corporation) Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.50.1123.2011 - Realtek) SDK (x32 Version: 2.30.042 - Portrait Displays, Inc.) Hidden Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.9.0 - Synaptics Incorporated) Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.0.10 - Hewlett-Packard Company) Theft Recovery for HP ProtectTools (x32 Version: 7.0.0.10 - Hewlett-Packard Company) Hidden Toolkit Documentation (x32 Version: 8.100.26866 - Microsoft) Hidden Validity Fingerprint Sensor Driver (HKLM\...\{93581599-ECF1-4DCD-BE36-BD969A6C8DB5}) (Version: 4.4.213.0 - Validity Sensors, Inc.) Windows Assessment and Deployment Kit for Windows 8.1 (HKLM-x32\...\{e9e06304-a604-434b-b35f-d9beb94dc06d}) (Version: 8.100.26866 - Microsoft Corporation) WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CF}) (Version: 15.0.10039 - WinZip Computing, S.L. ) WPT Redistributables (x32 Version: 8.100.26866 - Microsoft) Hidden WPTx64 (x32 Version: 8.100.26837 - Microsoft) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-309583454-3636370961-3052257446-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\NajaArt\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-309583454-3636370961-3052257446-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\NajaArt\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-309583454-3636370961-3052257446-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\NajaArt\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {093249C2-E520-4F12-A325-8F3F7BFF3BED} - System32\Tasks\Odkurzacz => C:\Program Files (x86)\Odkurzacz\odkurzacz.exe [2016-05-10] (FranmoSoftware) Task: {0F5458BD-C54B-4067-A564-099B3E38C61C} - System32\Tasks\Games\UpdateCheck_S-1-5-21-309583454-3636370961-3052257446-1001 Task: {1689DF05-D52D-4D3F-A955-08527E59383B} - System32\Tasks\{C0062099-5841-4AE1-933E-929B32DD1FE2} => C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE [2013-05-29] (Microsoft Corporation) Task: {2863D477-6F3A-403B-A143-B925215A0664} - \Price Fountain -> Brak pliku <==== UWAGA Task: {47086AE5-E55F-4BC1-B01C-456AAC7498B4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: {5DC7C379-5E6D-4467-B11C-E54ACD68F5C9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-16] (AVAST Software) Task: {94A23ACA-7E44-4C14-ABDF-BECCCEEF69C6} - System32\Tasks\{D31F180C-EE3F-4A20-8C10-CF647C06580C} => C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE [2013-05-29] (Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2012-08-15 00:11 - 2012-08-15 00:11 - 00022528 _____ () C:\windows\system32\BsTrace.dll 2012-08-16 03:20 - 2012-08-16 03:20 - 00356352 _____ () C:\windows\system32\BsExtendFunc.dll 2015-02-17 10:58 - 2008-01-02 15:25 - 10365952 _____ () C:\TGSoft\kex.exe 2015-12-09 16:25 - 2015-12-09 16:25 - 00068288 _____ () C:\Program Files (x86)\ipla\ziplib.dll 2015-12-09 16:25 - 2015-12-09 16:25 - 00299712 _____ () C:\Program Files (x86)\ipla\MediaFileScanner.dll 2015-11-06 14:03 - 2015-11-06 14:03 - 41293432 _____ () C:\Program Files (x86)\ipla\libcef.dll 2015-12-09 16:25 - 2015-12-09 16:25 - 00392384 _____ () C:\Program Files (x86)\ipla\jabberoo.dll 2015-11-06 14:03 - 2015-11-06 14:03 - 01486456 _____ () C:\Program Files (x86)\ipla\libglesv2.dll 2015-11-06 14:03 - 2015-11-06 14:03 - 00079480 _____ () C:\Program Files (x86)\ipla\libegl.dll 2012-08-15 00:02 - 2012-08-15 00:02 - 00019456 _____ () C:\windows\SysWOW64\BsTrace.dll 2015-07-27 13:45 - 2015-07-24 00:39 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libglesv2.dll 2015-07-27 13:45 - 2015-07-24 00:39 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\NajaArt\AppData\Roaming\Microsoft\Windows\Start Menu\Wirtualna Polska - www.wp.pl.website:DESTICON_favicon-13356084 [21566] AlternateDataStreams: C:\Users\NajaArt\AppData\Roaming\Microsoft\Windows\Start Menu\Wirtualna Polska - www.wp.pl.website:DESTICON_favicon-1865418238 [21566] AlternateDataStreams: C:\Users\NajaArt\AppData\Roaming\Microsoft\Windows\Start Menu\Wirtualna Polska - www.wp.pl.website:DESTICON_favicon-281982367 [21566] AlternateDataStreams: C:\Users\NajaArt\AppData\Roaming\Microsoft\Windows\Start Menu\Wirtualna Polska - www.wp.pl.website:DESTICON_favicon-685321098 [21566] AlternateDataStreams: C:\Users\NajaArt\AppData\Roaming\Microsoft\Windows\Start Menu\Wirtualna Polska - www.wp.pl.website:DESTICON_favicon2067447364 [21566] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2016-07-03 10:33 - 00002024 ____A C:\windows\system32\Drivers\etc\hosts 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com 0.0.0.0 cdn.appround.biz 0.0.0.0 cdn.bigspeedpro.com 0.0.0.0 cdn.bispd.com Wykryto więcej niż wyliczono: 4 linii. ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-309583454-3636370961-3052257446-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\NajaArt\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\Services: ACDaemon => 3 MSCONFIG\Services: BlueSoleilCS => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: BsHelpCS => 3 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: DpHost => 2 MSCONFIG\Services: FLCDLOCK => 3 MSCONFIG\Services: HP Power Assistant Service => 2 MSCONFIG\Services: HPAuto => 2 MSCONFIG\Services: hpCMSrv => 3 MSCONFIG\Services: HPFSService => 2 MSCONFIG\Services: hpHotkeyMonitor => 2 MSCONFIG\Services: hpqwmiex => 3 MSCONFIG\Services: hpsrv => 2 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: IDriverT => 3 MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2 MSCONFIG\Services: Intel(R) ME Service => 2 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: McAfee Endpoint Encryption Agent => 2 MSCONFIG\Services: Mobile Broadband HL Service => 2 MSCONFIG\Services: pdfcDispatcher => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: STacSV => 2 MSCONFIG\Services: uArcCapture => 2 MSCONFIG\Services: vcsFPService => 2 MSCONFIG\startupfolder: C:^Users^NajaArt^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Wysyłanie do programu OneNote.lnk => C:\windows\pss\Wysyłanie do programu OneNote.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: BtTray => "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" MSCONFIG\startupreg: DTRun => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe MSCONFIG\startupreg: File Sanitizer => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe MSCONFIG\startupreg: HotKeysCmds => C:\windows\system32\hkcmd.exe MSCONFIG\startupreg: HP HD Webcam Driver_Monitor => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe MSCONFIG\startupreg: HPConnectionManager => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe MSCONFIG\startupreg: HPPowerAssistant => C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 MSCONFIG\startupreg: IgfxTray => C:\windows\system32\igfxtray.exe MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe MSCONFIG\startupreg: Persistence => C:\windows\system32\igfxpers.exe MSCONFIG\startupreg: QLBController => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{D80A2CED-438B-4A89-9F18-0A203771E1CD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{E2FA3FB8-BA8A-4F82-B2EB-1CAFF3C0EAD7}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe ==================== Punkty Przywracania systemu ========================= 19-06-2016 18:58:48 ASU_MSI_TRAN 19-06-2016 19:00:06 Kopia zapasowa systemu Windows 21-06-2016 05:27:16 Windows Update 03-07-2016 08:20:15 Kopia zapasowa systemu Windows 06-07-2016 08:51:03 Kopia zapasowa systemu Windows 06-07-2016 08:55:05 ASU_MSI_TRAN 06-07-2016 14:18:12 ASU_MSI_TRAN 06-07-2016 16:24:54 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (07/06/2016 03:34:08 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/06/2016 03:22:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/06/2016 02:37:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/06/2016 02:27:04 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/06/2016 02:21:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/06/2016 02:12:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/06/2016 08:48:14 AM) (Source: Windows Search Service) (EventID: 3083) (User: ) Description: Nie można załadować programu obsługi protokołu OneIndex15. Opis błędu: Nie można odnaleźć określonego modułu. (HRESULT : 0x8007007e). Error: (07/03/2016 10:40:14 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/03/2016 08:42:34 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program AvastUI.exe w wersji 11.2.2738.16 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 7bc Godzina rozpoczęcia: 01d1d4f57f25a755 Godzina zakończenia: 60000 Ścieżka aplikacji: C:\Program Files\AVAST Software\Avast\AvastUI.exe Identyfikator raportu: 19be9f95-40e9-11e6-a765-a417313c073c Error: (07/03/2016 08:38:14 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Dziennik System: ============= Error: (07/06/2016 03:32:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Pliki trybu offline zakończyła działanie; wystąpił następujący błąd: %%3 = System nie może odnaleźć określonej ścieżki. Error: (07/06/2016 03:20:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Pliki trybu offline zakończyła działanie; wystąpił następujący błąd: %%3 = System nie może odnaleźć określonej ścieżki. Error: (07/06/2016 02:36:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Pliki trybu offline zakończyła działanie; wystąpił następujący błąd: %%3 = System nie może odnaleźć określonej ścieżki. Error: (07/06/2016 02:25:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Pliki trybu offline zakończyła działanie; wystąpił następujący błąd: %%3 = System nie może odnaleźć określonej ścieżki. Error: (07/06/2016 02:22:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 = Uruchomienie usługi zależności lub grupy nie powiodło się. Error: (07/06/2016 02:22:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 = Uruchomienie usługi zależności lub grupy nie powiodło się. Error: (07/06/2016 02:22:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 = Uruchomienie usługi zależności lub grupy nie powiodło się. Error: (07/06/2016 02:22:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 = Uruchomienie usługi zależności lub grupy nie powiodło się. Error: (07/06/2016 02:22:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 = Uruchomienie usługi zależności lub grupy nie powiodło się. Error: (07/06/2016 02:22:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 = Uruchomienie usługi zależności lub grupy nie powiodło się. CodeIntegrity: =================================== Date: 2015-02-13 10:47:42.003 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-02-13 10:47:41.988 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-02-13 10:45:36.798 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-02-13 10:45:36.704 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-18 11:41:54.497 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-18 11:41:54.435 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-17 16:00:41.505 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-17 16:00:41.474 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-16 11:27:36.434 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-16 11:27:36.356 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz Procent pamięci w użyciu: 48% Całkowita pamięć fizyczna: 3976.57 MB Dostępna pamięć fizyczna: 2051.87 MB Całkowita pamięć wirtualna: 7951.34 MB Dostępna pamięć wirtualna: 5730.08 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:675.68 GB) (Free:620.5 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.28 GB) FAT32 Drive g: (HP_RECOVERY) (Fixed) (Total:20.66 GB) (Free:3.18 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 9CC91399) Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=675.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=20.7 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=2 GB) - (Type=0C) ==================== Koniec Addition.txt ============================