Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 15-01-2017 Uruchomiony przez 12alfa (17-01-2017 18:41:11) Uruchomiony z C:\Users\12alfa\Downloads Windows 7 Professional Service Pack 1 (X64) (2016-01-18 17:17:21) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= 12alfa (S-1-5-21-852325117-2263741781-2189377267-1000 - Administrator - Enabled) => C:\Users\12alfa Administrator (S-1-5-21-852325117-2263741781-2189377267-500 - Administrator - Enabled) => C:\Users\Administrator Gość (S-1-5-21-852325117-2263741781-2189377267-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-852325117-2263741781-2189377267-1002 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Ad Muncher v4.94.34121 (Free) (HKLM-x32\...\Ad Muncher) (Version: - ) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.023.20053 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated) Aktualizacje NVIDIA 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0036 - ASUS) CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform) Device Doctor v3.1 (HKLM-x32\...\Device Doctor_is1) (Version: 3.1 - Device Doctor Software Inc.) Driver Easy 5.1.5 (HKLM\...\DriverEasy_is1) (Version: 5.1.5 - Easeware) FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden Geeks Toy - Betfair (HKLM-x32\...\{9BA606D4-A6A9-4A59-B988-CD3BD92818AB}) (Version: 1.3.14 - The Geek) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.3.5254 - Gretech Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.) Huawei E3272 (HKLM-x32\...\Huawei E3272) (Version: 22.001.22.01.1202 - Huawei Technologies Co.,Ltd) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.33 - Intel Corporation) IVONA 2 (HKLM-x32\...\IVONA 2) (Version: 1.6.3 - IVO Software Sp. z o.o.) IVONA Reader (HKLM-x32\...\IVONA Reader) (Version: - IVO Software Sp. z o.o.) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab) Kaspersky Security Scan (x32 Version: 16.0.0.1344 - Kaspersky Lab) Hidden Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{94C8D443-1D07-4E6D-A9EB-FDBA45A839D8}) (Version: 1.5.2.228 - Kaspersky Lab) Kaspersky Software Updater Beta (x32 Version: 1.5.2.228 - Kaspersky Lab) Hidden Kerish Doctor 2017 (HKLM-x32\...\{EF70A54F-E09E-4570-8F21-C7674CDDB5B6}_is1) (Version: 4.65 - Kerish Products) Malwarebytes (wersja 3.0.5.1299) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 50.1.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 pl)) (Version: 50.1.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla) NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik graficzny 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation) Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{b9007812-6a61-4dfc-8a0c-4c726c7dc43f}) (Version: 17.0.1 - Intel Corporation) Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden Pakiet sterowników systemu Windows - ASUS (ATP) Mouse (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS) Panel sterowania NVIDIA 353.84 (Version: 353.84 - NVIDIA Corporation) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) PLAY INTERNET (HKLM-x32\...\PLAY INTERNET) (Version: 23.015.11.00.264 - Huawei Technologies Co.,Ltd) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.70 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.97.1001.2015 - Realtek) Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.8 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7464 - Realtek Semiconductor Corp.) Revo Uninstaller Pro wersja 3.1.2 (HKLM\...\Revo Uninstaller Pro_is1) (Version: 3.1.2 - ) SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.) Sp5 (x32 Version: 5.1.4324.0 - Microsoft) Hidden Sp5Intl (x32 Version: 5.1.4324.0 - Microsoft) Hidden Sp5TTInt (x32 Version: 5.1.4324.0 - Microsoft) Hidden SpCommon (x32 Version: 5.1.4324.0 - Microsoft) Hidden SpPhones (x32 Version: 6.0.3122.0 - Microsoft) Hidden Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.24.3.4750 - Enigma Software Group, LLC) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-852325117-2263741781-2189377267-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {2263A729-5D06-4843-AAF4-1D9ABA1DE202} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe Task: {29079FAF-C74B-4AA0-965C-0602945D10E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-18] (Google Inc.) Task: {2A9E0721-AFCF-47CF-B576-F3BFF6AB46BC} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2000-01-01] (Realtek Semiconductor) Task: {35FB6E3F-C8F3-4F43-892F-8D88B6F777A4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.) Task: {3F716D22-6A0E-4738-9251-2DB067976585} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2016-12-12] (Easeware) Task: {4AEFA966-A14F-4C31-BC50-08D3CF401DEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {4DBDD98D-793E-4D58-9078-B155716FFECD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-12] (Adobe Systems Incorporated) Task: {59143122-F735-4C3A-BC4E-F69102482D7E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-18] (Google Inc.) Task: {6BB675D5-7E17-4EBD-951B-B8DFD722319B} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2000-01-01] (Realtek Semiconductor) Task: {75E981FF-49F2-49AF-997C-6DAF9E45623D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.) Task: {8503800C-EE4F-4664-A03D-885BBFDFD5C2} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek) Task: {8F18C838-39AC-4647-8129-490DB8C848B8} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2014-05-15] (ASUSTek Computer Inc.) Task: {C6C6886C-A740-459A-879B-6C18BC01DA49} - System32\Tasks\{47619CB6-8EA2-4E55-A920-6576BA9288BF} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.112/pl/abandoninstall?page=tsPlugin Task: {D819DD3A-9ACD-40D9-B2FF-44BB63F7A090} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-04] (AVAST Software) Task: {DE58C263-CC29-42FD-9424-3F3E10CCF759} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.) Task: {ED2A806B-1E1B-4100-8380-DE66BB801038} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-07-13] (Piriform Ltd) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe Task: C:\Windows\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-01-18 19:02 - 2015-11-17 13:21 - 00020808 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2016-01-18 19:04 - 2015-08-07 18:28 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-06-15 10:49 - 2014-03-07 02:41 - 00240720 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2016-12-02 09:57 - 2013-10-26 10:45 - 00651856 _____ () C:\ProgramData\PLAY INTERNET\OnlineUpdate\ouc.exe 2017-01-17 14:06 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2017-01-17 14:06 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll 2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0 (1)\kpcengine.2.3.dll 2016-12-02 09:57 - 2013-08-31 06:44 - 02417152 _____ () C:\ProgramData\PLAY INTERNET\OnlineUpdate\QtCore4.dll 2016-12-02 09:57 - 2009-01-10 19:32 - 00011362 _____ () C:\ProgramData\PLAY INTERNET\OnlineUpdate\mingwm10.dll 2016-12-02 09:57 - 2009-06-23 03:42 - 00043008 _____ () C:\ProgramData\PLAY INTERNET\OnlineUpdate\libgcc_s_dw2-1.dll 2016-12-02 09:57 - 2013-08-31 06:46 - 01148416 _____ () C:\ProgramData\PLAY INTERNET\OnlineUpdate\QtNetwork4.dll 2016-01-20 08:14 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2016-01-20 08:14 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2016-01-20 08:14 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2016-01-20 08:14 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2016-01-20 08:14 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2016-01-18 19:02 - 2015-11-17 13:21 - 00020624 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2017-01-13 01:17 - 2000-01-01 01:00 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-12-15 00:49 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll 2016-12-15 00:49 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com Wykryto więcej niż wyliczono: 7868 witryn. IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-852325117-2263741781-2189377267-1000\...\123simsen.com -> www.123simsen.com Wykryto więcej niż wyliczono: 7868 witryn. ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2016-02-17 09:25 - 00451006 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com Wykryto więcej niż wyliczono: 15470 linii. ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-852325117-2263741781-2189377267-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe MSCONFIG\startupreg: BingSvc => C:\Users\12alfa\AppData\Local\Microsoft\BingSvc\BingSvc.exe MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: IntelPROSet => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless MSCONFIG\startupreg: IVONA Reader => "C:\Program Files (x86)\IVONA\IVONA Reader\IVONA Reader.exe" -t -nosplash MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe FirewallRules: [{BFC67BFD-6349-4E7F-AA2C-E5E37A62CA02}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{F6956C83-A115-4FBF-8569-9741196D1E76}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{ABB23E07-8A12-4D8E-8772-3C2F34C00C06}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{1941C8D6-58AA-4714-BF5A-1D04F231F30A}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{B70446B4-26AB-47FE-B2AE-4A8161E24D3C}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{E901F1F6-ADF8-4A4B-BE36-86F0357E8083}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{91E52918-26F9-4531-B385-434052890EB8}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{BE4DB8F7-33FF-41DB-A1ED-6706A8BD586C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D022C4B2-D317-4B04-AF9C-3EAF1931CE84}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{1F0EE718-4BFF-4875-9F11-86693FF48EAC}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{35FC1AE4-E799-471E-B5E7-7317C9D2F5A4}] => C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{AAD335E9-3F1D-4E16-9B41-2B301C896A51}] => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Punkty Przywracania systemu ========================= 13-01-2017 10:55:28 Revo Uninstaller Pro's restore point - Malwarebytes Anti-Malware wersja 2.2.1.1043 13-01-2017 10:55:56 Revo Uninstaller Pro's restore point - Malwarebytes Anti-Malware wersja 2.2.1.1043 13-01-2017 11:15:52 WinThruster Pt, sty 13, 17 11:15 14-01-2017 04:22:01 Revo Uninstaller Pro's restore point - SpyHunter 4 14-01-2017 04:23:19 Revo Uninstaller Pro's restore point - SpyHunter 4 14-01-2017 04:24:25 Revo Uninstaller Pro's restore point - spyh 16-01-2017 19:29:49 Revo Uninstaller Pro's restore point - SpyHunter 4 16-01-2017 20:27:53 Revo Uninstaller Pro's restore point - gmer 16-01-2017 20:28:20 Revo Uninstaller Pro's restore point - gmer 16-01-2017 21:58:55 Punkt przywracania utworzony przez HitmanPro 16-01-2017 21:59:43 Punkt przywracania utworzony przez HitmanPro ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (01/17/2017 06:29:21 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Users\12alfa\Downloads\esetsmartinstaller_plk.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (01/17/2017 05:27:25 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000. Error: (01/17/2017 05:27:25 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 0x8007043C Error: (01/17/2017 05:21:42 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program mmc.exe w wersji 6.1.7600.16385 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: e04 Godzina rozpoczęcia: 01d270ddb26055f7 Godzina zakończenia: 0 Ścieżka aplikacji: C:\Windows\system32\mmc.exe Identyfikator raportu: 0579e856-dcd1-11e6-a2d6-f81654306861 Error: (01/17/2017 03:56:22 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Users\12alfa\Downloads\esetsmartinstaller_plk.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (01/17/2017 02:11:22 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000. Error: (01/17/2017 02:11:22 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 0x8007043C Error: (01/17/2017 02:03:32 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Users\12alfa\Downloads\esetsmartinstaller_plk.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (01/17/2017 01:41:22 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000. Error: (01/17/2017 01:41:22 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 0x8007043C Dziennik System: ============= Error: (01/17/2017 05:29:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa HWDeviceService64.exe niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (01/17/2017 05:28:14 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: AVGIDSDriver AVGIDSHA Avgldx64 Avgmfx64 Avgrkx64 Error: (01/17/2017 05:28:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi PLAY INTERNET. OUC z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (01/17/2017 05:28:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY INTERNET. OUC. Error: (01/17/2017 05:27:35 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\System32\IWMSSvc.dll Kod błędu: 21 Error: (01/17/2017 05:27:35 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {3EB3C877-1F16-487C-9050-104DBCD66683} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (01/17/2017 05:27:31 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami w celu uruchomienia serwera: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (01/17/2017 05:27:31 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami w celu uruchomienia serwera: {9E175B6D-F52A-11D8-B9A5-505054503030} Error: (01/17/2017 05:27:30 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi EventSystem z argumentami w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (01/17/2017 05:27:25 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami w celu uruchomienia serwera: {DD522ACC-F821-461A-A407-50B198B896DC} CodeIntegrity: =================================== Date: 2016-10-10 03:03:39.753 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-10 01:52:43.351 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-10 01:05:41.857 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-10 00:13:36.886 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-09 23:59:22.373 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-09 23:28:16.215 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-09 23:23:02.087 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-09 23:13:05.024 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-09 21:49:28.093 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-09 21:06:07.431 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz Procent pamięci w użyciu: 31% Całkowita pamięć fizyczna: 12170.93 MB Dostępna pamięć fizyczna: 8314.91 MB Całkowita pamięć wirtualna: 13669.11 MB Dostępna pamięć wirtualna: 9327.06 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:199.11 GB) (Free:74.08 GB) NTFS Drive d: () (Fixed) (Total:39.27 GB) (Free:15.74 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 473F5D43) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=199.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=39.3 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================