Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 19-02-2017 Uruchomiony przez oem (21-02-2017 12:51:49) Uruchomiony z C:\Users\oem\Documents\Favorites\Desktop Windows 7 Professional Service Pack 1 (X64) (2012-12-20 08:37:23) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-642869367-1592473142-3323770084-500 - Administrator - Disabled) Gość (S-1-5-21-642869367-1592473142-3323770084-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-642869367-1592473142-3323770084-1006 - Limited - Enabled) oem (S-1-5-21-642869367-1592473142-3323770084-1000 - Administrator - Enabled) => C:\Users\oem ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.16 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated) Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.1.1 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated) Adobe Creative Suite 5.5 Design Premium (HKLM-x32\...\{60E59A6C-7399-495A-B85C-C829F4E59602}) (Version: 5.5 - Adobe Systems Incorporated) Adobe Creative Suite 6 Production Premium (HKLM-x32\...\{045D4EDF-8DC1-43D7-BAFC-7AAEF99C7168}) (Version: 6 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated) AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.02.28 - ASUSTeK Computer Inc.) Akamai NetSession Interface (HKU\S-1-5-21-642869367-1592473142-3323770084-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Aktualizacje NVIDIA 2.10.2.40 (Version: 2.10.2.40 - NVIDIA Corporation) Hidden amuleC (HKLM-x32\...\{B2EFFD4E-D098-4845-9D56-DE75BEB35913}) (Version: 1.0.1 - amuleC) <==== UWAGA Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) BikaQ Rss Reader (HKLM-x32\...\{56B2B28A-E663-4D28-84A3-3846068A7D63}) (Version: 1.0.0 - BikaQ) Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== UWAGA cleaner 1.0.1 (HKLM-x32\...\cleaner) (Version: - cleaner) <==== UWAGA Corel Graphics - Windows Shell Extension (HKLM\...\_{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}) (Version: 16.0.0.707 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 16.0.707 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.0.707 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - CZ (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - EN (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - IPM (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - PL (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - SU (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - SV (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.0.0.707 - Corel Corporation) CorelDRAW Graphics Suite X6 (x64) (Version: 16.0 - Corel Corporation) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) EXPERTool v9.8 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 9.8.2.0 - Gainward Co. Ltd.) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation) Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1051 - Marvell) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.27.00.264 - Huawei Technologies Co.,Ltd) nexusfont 2.6 (ver 2.6.2.1870) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version: - xiles) NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.91 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Sterownik graficzny 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.91 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) Obsługa programów Apple (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) OpenOffice 4.1.3 (HKLM-x32\...\{4D71C348-C964-442D-B2DB-5160E46FB664}) (Version: 4.13.9783 - Apache Software Foundation) Panel sterowania NVIDIA 361.91 (Version: 361.91 - NVIDIA Corporation) Hidden PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PlayMemories Home (HKLM-x32\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: 6.0.02.14151 - Sony Corporation) Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.101 - Skype Technologies S.A.) Sp5 (x32 Version: 5.1.4324.0 - Microsoft) Hidden Sp5Intl (x32 Version: 5.1.4324.0 - Microsoft) Hidden Sp5TTInt (x32 Version: 5.1.4324.0 - Microsoft) Hidden SpCommon (x32 Version: 5.1.4324.0 - Microsoft) Hidden SpPhones (x32 Version: 6.0.3122.0 - Microsoft) Hidden Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Tablet Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.4-3 - Wacom Technology Corp.) Update for PriceFountain (HKU\S-1-5-21-642869367-1592473142-3323770084-1000\...\{36C09ECF-B44B-BB67-04B0-060AE61DBB9B}) (Version: - Update for PriceFountain) <==== UWAGA WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.) WinRAR 4.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WinSnare (HKLM-x32\...\{F59B0792-442A-467A-B788-6CB01D71A3E7}) (Version: 4.1.3 - WinSnare) <==== UWAGA ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) HKU\S-1-5-21-642869367-1592473142-3323770084-1000\...\ChromeHTML: -> C:\Program Files (x86)\Cupface\Application\chrome.exe (Google Inc.) <==== UWAGA CustomCLSID: HKU\S-1-5-21-642869367-1592473142-3323770084-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-642869367-1592473142-3323770084-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) CustomCLSID: HKU\S-1-5-21-642869367-1592473142-3323770084-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-642869367-1592473142-3323770084-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-642869367-1592473142-3323770084-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-642869367-1592473142-3323770084-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-642869367-1592473142-3323770084-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-642869367-1592473142-3323770084-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1D96106F-9CD2-447F-8A69-8F52B5A79F9D} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2011-12-30] (ASUSTeK Computer Inc.) Task: {37F2CD65-2099-41C0-924A-A16C16C2234B} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-01-30] (ASUSTeK Computer Inc.) Task: {3BAE867E-0239-4F85-A10D-3555F9787F6B} - System32\Tasks\AdobeAAMUpdater-1.0-DAMIAN-oem => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated) Task: {5595ADF0-07B1-490D-B9BD-A40B98F660FB} - System32\Tasks\Zuzach Engine => C:\Program Files (x86)\Aterishwerwi\tizoch.exe [2017-01-20] (Glarysoft Ltd) Task: {57539305-5284-4E18-AE79-764D662001BF} - System32\Tasks\Gipareedese Reports => C:\Program Files (x86)\Jerqetainrutodom\prerjght.exe [2017-01-22] (Glarysoft Ltd) Task: {611061C1-8DF3-433D-982C-092391135454} - System32\Tasks\Microsoft\Windows\Multimedia\MailruSetup => C:\Users\oem\AppData\Local\MailruSetup\MailruSetup.exe [2016-10-21] () <==== UWAGA Task: {684BCED2-1990-4340-80CD-3349BB188254} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe Task: {6BAF7544-DC5A-4A76-AE29-A87B3023C133} - System32\Tasks\Stkersethafige Verfier => C:\Program Files (x86)\Pharudom\cokaward.exe [2017-01-22] (Glarysoft Ltd) Task: {8E351DEF-D0E4-4FBD-82A4-0032A609A7B8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-18] (Google Inc.) Task: {930C2E37-CE56-4D78-BE12-6F9FA3960BAF} - System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel => C:\Program Files (x86)\BikaQRssReader\BikaQ.exe [2017-02-14] (IEC) Task: {9C8E0227-701C-4A75-8088-67DBD297D4F4} - System32\Tasks\Clokisevuboly Reports => C:\Program Files (x86)\Momicultckerticult\nobent.exe [2017-01-20] (Glarysoft Ltd) Task: {BE96D5E5-0885-4218-9DBB-035DDC69F9F3} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2016-12-28] () Task: {F13C1D7F-56F6-422A-B995-CB9D8EEABA15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-18] (Google Inc.) Task: {F8BA78F2-1D10-4010-9A5B-545E11229BF0} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.) Task: {FA24D42F-9E9E-4750-9669-5B12EA206311} - System32\Tasks\{34C6FF04-D56D-424A-91FF-86C543223A98} => pcalua.exe -a "C:\Program Files (x86)\mpck\uninstaller.exe" Task: {FFC91440-7D0D-4D56-8BD5-C74EC7B7AF47} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] () (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) WMI_ActiveScriptEventConsumer_ASEC: <===== UWAGA ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Cupface\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\oem\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Cupface\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\oem\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7eacadfa43776aec\Google Chrome.lnk -> C:\Program Files (x86)\Cupface\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData2 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6dc87d5b8be063a4\Google Chrome.lnk -> C:\Program Files (x86)\Cupface\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData2 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\361178be4aa3110f\Google Chrome.lnk -> C:\Program Files (x86)\Cupface\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Cupface\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\oem\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) -> hxxp://qtipr.com/ ==================== Załadowane moduły (filtrowane) ============== 2016-01-20 09:13 - 2015-09-28 02:50 - 00026120 _____ () C:\Windows\System32\KOI1070_mfp.dll 2011-06-23 15:18 - 2011-06-23 15:18 - 00015360 _____ () C:\Windows\System32\KOI1200_mfp.dll 2017-01-20 19:58 - 2017-01-20 19:58 - 00290816 ____H () C:\Program Files (x86)\Clokisevuboly Reports\local64spl.dll 2011-10-29 02:59 - 2011-10-29 02:59 - 00918448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe 2016-01-22 13:55 - 2016-01-22 13:55 - 00553136 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2017-02-06 21:30 - 2017-02-06 04:20 - 00376832 _____ () C:\Users\oem\AppData\Roaming\cgjcg\UvConverter.exe 2017-01-20 20:00 - 2017-01-20 20:00 - 00230400 _____ () C:\Program Files (x86)\e927aa13-8b59-4155-bcc8-b9f29f322c0b1484938844\prote927aa13-8b59-4155-bcc8-b9f29f322c0b.tmpfs 2017-02-21 01:30 - 2017-02-21 01:30 - 00427520 _____ () C:\Program Files (x86)\e927aa13-8b59-4155-bcc8-b9f29f322c0b1484938844\kns8CB9.tmp 2016-03-22 14:36 - 2015-09-23 03:24 - 00242264 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2016-02-26 07:44 - 2016-02-17 07:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-02-26 07:44 - 2016-02-17 07:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-02-23 13:02 - 2016-02-17 07:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-02-20 16:03 - 2016-02-20 16:03 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2017-02-16 23:18 - 2017-02-16 23:18 - 00429056 _____ () C:\Program Files (x86)\e927aa13-8b59-4155-bcc8-b9f29f322c0b1484938844\kns7A9D.tmp 2017-02-12 21:55 - 2017-02-12 21:55 - 00432640 _____ () C:\Program Files (x86)\e927aa13-8b59-4155-bcc8-b9f29f322c0b1484938844\kns5B5D.tmp 2016-10-21 20:51 - 2016-10-21 20:44 - 00090112 _____ () C:\Users\oem\AppData\Local\MailruSetup\MailruSetup.exe 2017-02-19 01:36 - 2017-02-19 01:36 - 00421376 _____ () C:\Program Files (x86)\e927aa13-8b59-4155-bcc8-b9f29f322c0b1484938844\kns7E86.tmp 2017-02-17 21:10 - 2017-02-17 21:10 - 00386048 _____ () C:\Program Files (x86)\e927aa13-8b59-4155-bcc8-b9f29f322c0b1484938844\kns3CFF.tmp 2012-12-22 12:14 - 2012-10-29 08:14 - 01184640 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll 2017-02-21 12:08 - 2017-02-21 12:08 - 00474624 _____ () C:\Program Files (x86)\e927aa13-8b59-4155-bcc8-b9f29f322c0b1484938844\kns226E.tmp 2017-02-20 16:44 - 2017-02-17 03:01 - 00162992 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe 2015-12-26 09:59 - 2015-12-26 09:59 - 00158720 _____ () C:\Users\oem\AppData\Local\1ED023C0-1487680745-11DD-BB38-10BF48B8C1EB\qnshC38F.tmp 2012-12-21 19:48 - 2017-02-21 12:07 - 00029184 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.18\PEbiosinterface32.dll 2012-12-21 19:48 - 2010-06-29 03:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.18\ATKEX.dll 2012-12-21 19:56 - 2011-12-28 18:13 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll 2012-12-21 19:56 - 2011-09-07 23:23 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll 2017-02-14 22:03 - 2017-02-14 19:16 - 00122880 _____ () c:\program files (x86)\bilibili\bilibili.dll 2016-12-26 20:58 - 2016-12-26 04:45 - 00635392 _____ () c:\programdata\vmware\vmware workstation\uninstaller\instutil.dll 2012-12-21 19:49 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll 2012-12-21 19:49 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll 2012-12-21 19:51 - 2011-09-26 19:36 - 00869376 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll 2012-12-21 19:49 - 2011-09-20 18:11 - 00985600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll 2012-12-21 19:54 - 2012-03-01 14:20 - 01296384 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll 2012-12-21 19:54 - 2012-02-09 17:09 - 01118208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll 2012-12-21 19:49 - 2012-02-13 09:53 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll 2012-12-21 19:49 - 2011-09-26 18:37 - 01616384 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll 2012-12-21 19:49 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll 2012-12-21 19:49 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll 2012-12-21 19:49 - 2011-10-14 20:03 - 00885248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll 2012-12-21 19:48 - 2010-08-23 03:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll 2012-12-21 19:49 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll 2012-12-21 19:57 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll 2012-12-21 19:57 - 2010-09-23 11:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll 2012-12-21 19:57 - 2010-02-25 14:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\Aszip.dll 2016-10-28 22:41 - 2016-10-28 22:41 - 00275968 _____ () c:\program files (x86)\thibeward\wifertcache.dll 2012-12-21 19:49 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll 2012-12-21 19:54 - 2012-02-15 13:42 - 00150528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll 2012-12-21 19:54 - 2012-02-02 15:12 - 00786432 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll 2012-12-21 19:54 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll 2013-03-25 12:49 - 2013-03-25 12:49 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\8b857add6394c98128874eb2579534e5\IsdiInterop.ni.dll 2012-12-20 09:51 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2016-02-23 13:02 - 2016-02-17 08:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2017-01-22 21:57 - 2017-01-22 21:57 - 00225280 ____H () C:\Program Files (x86)\INet\INetcomastgmir.dll 2016-12-26 20:58 - 2016-12-01 02:29 - 01834600 _____ () C:\Program Files (x86)\Cupface\Application\libglesv2.dll 2016-12-26 20:58 - 2016-12-01 02:29 - 00091240 _____ () C:\Program Files (x86)\Cupface\Application\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\oem\AppData\Local\t5Za44SPXuU:u2oHFVRSt9MlOE5rtI [2112] AlternateDataStreams: C:\Users\oem\AppData\Local\Temp:gAMrn0yNFZcT0bH1q8Rs [2186] AlternateDataStreams: C:\Users\oem\AppData\Local\Temporary Internet Files:6CSt1ff303hKokiclHJu887 [1980] AlternateDataStreams: C:\Users\oem\AppData\Local\Temporary Internet Files:qgBULsA1egaVbVkOFw1MRqWIHn [2448] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2017-02-21 12:39 - 00007760 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com 104.131.26.227 469ba60d9681f961064c-3cca6631dac1b4997db921c060b712f6.r30.cf2.rackcdn.com 104.131.26.227 a.bf-ad.net 104.131.26.227 a.visualrevenue.com 104.131.26.227 a1.vdna-assets.com 104.131.26.227 a248.e.akamai.net 104.131.26.227 aax.amazon-adsystem.com 104.131.26.227 ad.crwdcntrl.net 104.131.26.227 ad.mail.ru 104.131.26.227 ade.clmbtech.com 104.131.26.227 ads.adfox.ru 104.131.26.227 ads.pubmatic.com 104.131.26.227 apis.google.com 104.131.26.227 asset.pagefair.net 104.131.26.227 assets.adobedtm.com 104.131.26.227 assets.flocktory.com 104.131.26.227 autocontext.begun.ru 104.131.26.227 b.grvcdn.com 104.131.26.227 b.ns1p.net 104.131.26.227 b.scorecardresearch.com 104.131.26.227 b.wal.co 104.131.26.227 babator-stg-cdn.babator.com 104.131.26.227 beacon.krxd.net 104.131.26.227 beacon.walmart.com 104.131.26.227 c.amazon-adsystem.com 104.131.26.227 c.vepxl1.net 104.131.26.227 c2.taboola.com 104.131.26.227 cdn.3lift.com 104.131.26.227 cdn.admixer.net 104.131.26.227 cdn.brcdn.com 104.131.26.227 cdn.cxense.com 104.131.26.227 cdn.interactivemedia.ne 104.131.26.227 cdn.krxd.net 104.131.26.227 cdn.lenmit.com 104.131.26.227 cdn.livefyre.com 104.131.26.227 cdn.m-pathy.com 104.131.26.227 cdn.mathjax.org 104.131.26.227 cdn.mxpnl.com 104.131.26.227 cdn.onthe.io 104.131.26.227 cdn.optimizely.com 104.131.26.227 cdn.prom.st 104.131.26.227 cdn.pushwoosh.com 104.131.26.227 cdn.scarabresearch.com 104.131.26.227 cdn.taboola.com 104.131.26.227 cdn.taplytics.com 104.131.26.227 cdn.tt.omtrdc.net 104.131.26.227 cdn.unid.go.com 104.131.26.227 cdn1.graphiq.com 104.131.26.227 cdn3.optimizely.com 104.131.26.227 cdnjs.cloudflare.com 104.131.26.227 cdnssl.clicktale.net 104.131.26.227 comet.yahoo.com 104.131.26.227 consent.truste.com 104.131.26.227 content.adriver.ru 104.131.26.227 contextual.media.net 104.131.26.227 cstatic.weborama.fr 104.131.26.227 d134l0cdryxgwa.cloudfront.net 104.131.26.227 d2oh4tlt9mrke9.cloudfront.net 104.131.26.227 dpm.demdex.net 104.131.26.227 e.monetate.net 104.131.26.227 edge.quantserve.com 104.131.26.227 edx-uk.s3ae.com 104.131.26.227 eu-services.babator.com 104.131.26.227 fc.yahoo.com 104.131.26.227 gaua.hit.gemius.pl 104.131.26.227 gde-default.hit.gemius.pl 104.131.26.227 go.flx1.com 104.131.26.227 googleadservices.com 104.131.26.227 hpr.outbrain.com 104.131.26.227 i.cricketcb.com 104.131.26.227 i.tfag.de 104.131.26.227 ib.adnxs.com 104.131.26.227 imagesrv.adition.com 104.131.26.227 img.imgsmail.ru 104.131.26.227 img7.auto.ria.com 104.131.26.227 j.ophan.co.uk 104.131.26.227 js-agent.newrelic.com 104.131.26.227 js-sec.indexww.com 104.131.26.227 js.revsci.net 104.131.26.227 js.ui-portal.de 104.131.26.227 kamradamnaradost.ru 104.131.26.227 kpmediagaua.hit.gemius.pl 104.131.26.227 level1cdn.com 104.131.26.227 mc.yandex.ru 104.131.26.227 ml314.com 104.131.26.227 mtrx.go.sonobi.com 104.131.26.227 ninja.onap.io 104.131.26.227 o.aolcdn.com 104.131.26.227 odb.outbrain.com Wykryto więcej niż wyliczono: 60 linii. ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-642869367-1592473142-3323770084-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\oem\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 188.120.239.115 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\oem\AppData\Local\Akamai\netsession_win.exe" MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: cleaner => C:\Users\oem\AppData\Roaming\UPUpdata\cleaner.exe MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: RAPBOUGKZ2 => "C:\Program Files\R24ILDVVAV\R24ILDVVA.exe" MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun MSCONFIG\startupreg: URFGLXTDWT => "C:\Program Files\LXI4ITSVJC\YMPJQTYWI.exe" MSCONFIG\startupreg: WidgetPodatnikInfo => "C:\Program Files (x86)\Podatnik.info\PIT pro 2015\Widget.exe" MSCONFIG\startupreg: WINCOMEIM => "C:\Program Files (x86)\mpck\wincom_EIM.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{7B1008ED-62C9-46A3-991D-4B6A45B8DAA7}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe FirewallRules: [{B1AFBEAE-3EA2-4EBE-829F-375BBBD72BA6}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe FirewallRules: [TCP Query User{6BB048DE-0AFC-48F6-8DCC-AAB0CEA8719D}C:\users\oem\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\oem\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{D2C671DA-6F32-4DB8-B97A-89588668FA89}C:\users\oem\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\oem\appdata\local\akamai\netsession_win.exe FirewallRules: [{F37D2F8C-7E14-463D-B6A5-73A23AC63093}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{12572BEE-90BD-47AD-927F-FE39DBCCB842}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{3A3272A1-F31B-4CAF-8C13-FA2C7AAE9324}] => (Allow) LPort=2869 FirewallRules: [{A4D19894-8E17-4265-910B-CCA02119AF60}] => (Allow) LPort=1900 FirewallRules: [{84F0945A-F0BF-45C4-BE30-0FE34EF7DFD9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{1FF17C77-A88B-4238-B092-A8BC25E4FDDD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{3A78A764-3AE7-4C49-BEF8-136B2F47CDCD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{435C322B-EF94-4523-9230-D7FE98672F9A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [TCP Query User{114875A8-985E-4A47-B740-F7E44DBEFB21}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe FirewallRules: [UDP Query User{FCC73AFB-5D00-4CE6-A9DB-09B9692B582C}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe FirewallRules: [{23E1976B-39C4-4110-99C4-D1BAEFE68ADE}] => (Allow) C:\Program Files\KMSnano\data\qemu-system-i386.exe FirewallRules: [{CFACAB3F-F4FD-429E-8CDD-812C0F446290}] => (Allow) C:\Program Files\KMSnano\data\qemu-system-i386.exe FirewallRules: [{C16B9CDC-36B9-4800-B2D5-6A21D4F84BBA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{51A5FC9D-BA3D-456A-923C-62D7260C6BD4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{07B43379-DBBE-4BCC-85BA-EF72A0437EAC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{E9459764-6965-4AAB-869F-7544CC587E59}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{A9BF5B2D-BA0B-499F-B6E9-BD7A1CC7C6E7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{19BBA0C9-B330-457B-8FD5-98900ED07216}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{BB32927A-2D65-4E88-812A-9E364F8F53EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{C195D4AF-5DEC-4135-9DDB-C6D9497114EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{84AE30A0-BA15-4244-B18A-C47F769180CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{9A358AA8-263E-4EDF-A7E5-4AD779AF668C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{14F5B20E-0630-49D0-B549-F6EBA259B774}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{B18741DE-4390-4124-B6CC-536CBD42BFCA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{52294F47-4330-4C3B-B17E-3DE48790C9A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{4D89BE83-5C1A-46B9-B450-AC7EB640FD61}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{7E8C8C42-4906-4316-BC82-143C231CEECE}] => (Allow) C:\Program Files (x86)\Cupface\Application\chrome.exe FirewallRules: [{406598AC-AAC6-414F-91F1-DE533F67FF52}] => (Allow) C:\Program Files (x86)\MIO\loader\wdcxwd10eurx-73fh1y0_wd-wmc1u763552535525.exe FirewallRules: [{91A1FC08-4E48-485F-999E-A09DE68A4C00}] => (Allow) C:\Program Files (x86)\MIO\loader\wdcxwd10eurx-73fh1y0_wd-wmc1u763552535525.exe FirewallRules: [{239ADA28-3611-4783-A397-322F125A3329}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{1A8DF41A-B61C-434F-A328-9A27E08AC912}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe FirewallRules: [{B40BDFA0-A664-4803-AC8A-E44700CA8573}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe ==================== Punkty Przywracania systemu ========================= 11-02-2017 16:09:31 Removed WinSnare 11-02-2017 16:10:04 Removed amuleC 11-02-2017 22:32:28 Removed amuleC 11-02-2017 22:38:59 Removed WinSnare 17-02-2017 23:37:55 Removed amuleC 17-02-2017 23:38:33 Removed WinSnare ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Kontroler Uniwersalnej magistrali szeregowej (USB) Description: Kontroler Uniwersalnej magistrali szeregowej (USB) Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Malwarebytes Anti-Exploit Description: Malwarebytes Anti-Exploit Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ESProtectionDriver Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/21/2017 12:08:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: UvConvInst.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x58a692df Nazwa modułu powodującego błąd: UvConvInst.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x58a692df Kod wyjątku: 0x40000015 Przesunięcie błędu: 0x000080b4 Identyfikator procesu powodującego błąd: 0x11b4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d28c32e3ec4278 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\cvbs8\UvConvInst.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\cvbs8\UvConvInst.exe Identyfikator raportu: 22a3e84a-f826-11e6-97c9-0c5b8f279a64 Error: (02/20/2017 10:36:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: InDesign.exe, wersja: 7.5.3.333, sygnatura czasowa: 0x4f6b9e72 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0038cbd8 Identyfikator procesu powodującego błąd: 0x13f8 Godzina uruchomienia aplikacji powodującej błąd: 0x01d28bbc5a163297 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Adobe\Adobe InDesign CS5.5\InDesign.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 9a15cd98-f7b4-11e6-8490-0c5b8f279a64 Error: (02/20/2017 04:44:34 PM) (Source: MsiInstaller) (EventID: 1013) (User: DAMIAN) Description: Product: WinSnare -- Unable to install because a newer version of this product is already installed. Error: (02/20/2017 04:33:25 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Nie można otworzyć obiektu wydajności usługi Server. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod stanu. Error: (02/17/2017 11:47:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: UvConvInst.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x5899a635 Nazwa modułu powodującego błąd: UvConvInst.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x5899a635 Kod wyjątku: 0x40000015 Przesunięcie błędu: 0x00008458 Identyfikator procesu powodującego błąd: 0x1d28 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2896fc45996d1 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\cvbs7\UvConvInst.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\cvbs7\UvConvInst.exe Identyfikator raportu: 0416c997-f563-11e6-98e8-0c5b8f279a64 Error: (02/17/2017 11:42:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: UvConvInst.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x5899a635 Nazwa modułu powodującego błąd: UvConvInst.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x5899a635 Kod wyjątku: 0x40000015 Przesunięcie błędu: 0x00008458 Identyfikator procesu powodującego błąd: 0xf98 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2896f11a43d2a Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\cvbs6\UvConvInst.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\cvbs6\UvConvInst.exe Identyfikator raportu: 502703e3-f562-11e6-875e-0c5b8f279a64 Error: (02/17/2017 09:09:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: UvConvInst.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x5899a635 Nazwa modułu powodującego błąd: UvConvInst.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x5899a635 Kod wyjątku: 0x40000015 Przesunięcie błędu: 0x00008458 Identyfikator procesu powodującego błąd: 0x17e8 Godzina uruchomienia aplikacji powodującej błąd: 0x01d28959c29cd710 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\cvbs5\UvConvInst.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\cvbs5\UvConvInst.exe Identyfikator raportu: 04f41f68-f54d-11e6-875e-0c5b8f279a64 Error: (02/16/2017 09:19:35 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Nie można zainicjować indeksu. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (02/16/2017 09:19:35 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Nie można zainicjować aplikacji. Kontekst: aplikacja Windows Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (02/16/2017 09:19:35 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Nie można zainicjować obiektu programu zbierającego. Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Dziennik System: ============= Error: (02/21/2017 12:10:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi RóżneFotolia z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (02/21/2017 12:10:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi RóżneDokumenty z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (02/21/2017 12:10:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi MOJEMOJE z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (02/21/2017 12:08:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: ESProtectionDriver Error: (02/21/2017 12:07:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi SSServiceComponent z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (02/21/2017 12:07:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Highlighted Ink z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (02/21/2017 12:07:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi MBAMChameleon z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (02/21/2017 09:07:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi RóżneFotolia z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (02/21/2017 09:07:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi RóżneDokumenty z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (02/21/2017 09:07:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi MOJEMOJE z powodu następującego błędu: Nie można odnaleźć określonego pliku. CodeIntegrity: =================================== Date: 2017-01-20 20:54:27.659 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-01-20 20:54:27.472 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-01-20 20:52:10.231 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-20 20:52:10.204 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-20 20:52:10.176 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-20 20:52:10.149 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-20 20:20:09.606 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-01-20 20:20:09.325 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-15 17:43:51.012 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-15 17:43:50.985 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz Procent pamięci w użyciu: 20% Całkowita pamięć fizyczna: 32719.71 MB Dostępna pamięć fizyczna: 26069.76 MB Całkowita pamięć wirtualna: 65737.61 MB Dostępna pamięć wirtualna: 59137.55 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:292.87 GB) (Free:109.88 GB) NTFS Drive d: (Praca_Projekty) (Fixed) (Total:320.18 GB) (Free:248.55 GB) NTFS Drive e: (INNE) (Fixed) (Total:318.36 GB) (Free:211.94 GB) NTFS Drive h: (TOSHIBA PUSZEK) (Fixed) (Total:931.51 GB) (Free:738.14 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 56C0A98E) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=292.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=318.4 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=320.2 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DEB68564) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================