Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 05-03-2017 Uruchomiony przez oem (05-03-2017 18:47:15) Uruchomiony z C:\Users\oem\Documents\Favorites\Desktop Windows 7 Professional Service Pack 1 (X64) (2012-12-20 08:37:23) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-642869367-1592473142-3323770084-500 - Administrator - Disabled) Gość (S-1-5-21-642869367-1592473142-3323770084-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-642869367-1592473142-3323770084-1006 - Limited - Enabled) oem (S-1-5-21-642869367-1592473142-3323770084-1000 - Administrator - Enabled) => C:\Users\oem ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.16 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated) Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.1.1 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated) Adobe Creative Suite 5.5 Design Premium (HKLM-x32\...\{60E59A6C-7399-495A-B85C-C829F4E59602}) (Version: 5.5 - Adobe Systems Incorporated) Adobe Creative Suite 6 Production Premium (HKLM-x32\...\{045D4EDF-8DC1-43D7-BAFC-7AAEF99C7168}) (Version: 6 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated) AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.02.28 - ASUSTeK Computer Inc.) Aktualizacje NVIDIA 2.10.2.40 (Version: 2.10.2.40 - NVIDIA Corporation) Hidden amuleC (HKLM-x32\...\{0F7B5011-72EC-493D-A7BF-546591047E8E}) (Version: 1.0.2 - amuleC) <==== UWAGA Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) BikaQ Rss (HKLM-x32\...\{78A2D999-4673-4FCC-818E-57B0AF8F3B70}) (Version: 2.0.16 - BikaQ) <==== UWAGA cleaner 1.0.1 (HKLM-x32\...\cleaner) (Version: - cleaner) <==== UWAGA Corel Graphics - Windows Shell Extension (HKLM\...\_{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}) (Version: 16.0.0.707 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 16.0.707 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.0.707 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - CZ (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - EN (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - IPM (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - PL (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - SU (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - SV (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.0.0.707 - Corel Corporation) CorelDRAW Graphics Suite X6 (x64) (Version: 16.0 - Corel Corporation) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) EXPERTool v9.8 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 9.8.2.0 - Gainward Co. Ltd.) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation) Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Malwarebytes (wersja 3.0.6.1469) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes) marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1051 - Marvell) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.27.00.264 - Huawei Technologies Co.,Ltd) nexusfont 2.6 (ver 2.6.2.1870) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version: - xiles) NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.91 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Sterownik graficzny 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.91 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) Obsługa programów Apple (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) OpenOffice 4.1.3 (HKLM-x32\...\{4D71C348-C964-442D-B2DB-5160E46FB664}) (Version: 4.13.9783 - Apache Software Foundation) Panel sterowania NVIDIA 361.91 (Version: 361.91 - NVIDIA Corporation) Hidden PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PlayMemories Home (HKLM-x32\...\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}) (Version: 6.0.02.14151 - Sony Corporation) Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.101 - Skype Technologies S.A.) Sp5 (x32 Version: 5.1.4324.0 - Microsoft) Hidden Sp5Intl (x32 Version: 5.1.4324.0 - Microsoft) Hidden Sp5TTInt (x32 Version: 5.1.4324.0 - Microsoft) Hidden SpCommon (x32 Version: 5.1.4324.0 - Microsoft) Hidden SpPhones (x32 Version: 6.0.3122.0 - Microsoft) Hidden Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Tablet Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.4-3 - Wacom Technology Corp.) WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.) WinRAR 4.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WinSnare (HKLM-x32\...\{A71B6796-662E-4FBD-BB43-A870F2EF514C}) (Version: 4.2.3 - WinSnare) <==== UWAGA ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) HKU\S-1-5-21-642869367-1592473142-3323770084-1000\...\ChromeHTML: -> C:\Program Files (x86)\Birdjob\Application\chrome.exe (Google Inc.) <==== UWAGA CustomCLSID: HKU\S-1-5-21-642869367-1592473142-3323770084-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-642869367-1592473142-3323770084-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) CustomCLSID: HKU\S-1-5-21-642869367-1592473142-3323770084-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-642869367-1592473142-3323770084-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-642869367-1592473142-3323770084-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-642869367-1592473142-3323770084-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-642869367-1592473142-3323770084-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-642869367-1592473142-3323770084-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1D96106F-9CD2-447F-8A69-8F52B5A79F9D} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2011-12-30] (ASUSTeK Computer Inc.) Task: {37F2CD65-2099-41C0-924A-A16C16C2234B} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-01-30] (ASUSTeK Computer Inc.) Task: {3BAE867E-0239-4F85-A10D-3555F9787F6B} - System32\Tasks\AdobeAAMUpdater-1.0-DAMIAN-oem => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated) Task: {5595ADF0-07B1-490D-B9BD-A40B98F660FB} - System32\Tasks\Zuzach Engine => C:\Program Files (x86)\Aterishwerwi\tizoch.exe [2017-01-20] (Glarysoft Ltd) Task: {57539305-5284-4E18-AE79-764D662001BF} - System32\Tasks\Gipareedese Reports => C:\Program Files (x86)\Jerqetainrutodom\prerjght.exe [2017-01-22] (Glarysoft Ltd) Task: {684BCED2-1990-4340-80CD-3349BB188254} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe Task: {6BAF7544-DC5A-4A76-AE29-A87B3023C133} - System32\Tasks\Stkersethafige Verfier => C:\Program Files (x86)\Pharudom\cokaward.exe [2017-01-22] (Glarysoft Ltd) Task: {8E351DEF-D0E4-4FBD-82A4-0032A609A7B8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-18] (Google Inc.) Task: {9C8E0227-701C-4A75-8088-67DBD297D4F4} - System32\Tasks\Clokisevuboly Reports => C:\Program Files (x86)\Momicultckerticult\nobent.exe [2017-01-20] (Glarysoft Ltd) Task: {B5A9EDC5-3BDA-45A0-B9D6-BCEA10C8B7E8} - System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel => C:\Program Files (x86)\BikaQRss\BikaQ.exe [2017-02-23] (IEC) <==== UWAGA Task: {F13C1D7F-56F6-422A-B995-CB9D8EEABA15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-18] (Google Inc.) Task: {F8BA78F2-1D10-4010-9A5B-545E11229BF0} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.) Task: {FFC91440-7D0D-4D56-8BD5-C74EC7B7AF47} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] () (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\oem\Documents\Favorites\Desktop\Google Keep – notatki i listy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.startpageing123.com/?type=sc&ts=1488454904&z=f22d6b7acce70682b4c2487gcz8b0b1zaw2z1tfg0e&from=pr0302&uid=WDCXWD10EURX-73FH1Y0_WD-WMC1U763552535525 ShortcutWithArgument: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_hmjkmjkepdijhoojdojkdfohbdgmmhki\Google Keep – notatki i listy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki ShortcutWithArgument: C:\Users\oem\AppData\Local\Birdjob\User Data\Default\Web Applications\_crx_hmjkmjkepdijhoojdojkdfohbdgmmhki\Google Keep – notatki i listy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1488454904&z=f22d6b7acce70682b4c2487gcz8b0b1zaw2z1tfg0e&from=pr0302&uid=WDCXWD10EURX-73FH1Y0_WD-WMC1U763552535525 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1488454904&z=f22d6b7acce70682b4c2487gcz8b0b1zaw2z1tfg0e&from=pr0302&uid=WDCXWD10EURX-73FH1Y0_WD-WMC1U763552535525 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Birdjob\Application\chrome.exe (Google Inc.) -> hxxp://www.startpageing123.com/?type=sc&ts=1488454904&z=f22d6b7acce70682b4c2487gcz8b0b1zaw2z1tfg0e&from=pr0302&uid=WDCXWD10EURX-73FH1Y0_WD-WMC1U763552535525 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Keep – notatki i listy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.startpageing123.com/?type=sc&ts=1488454904&z=f22d6b7acce70682b4c2487gcz8b0b1zaw2z1tfg0e&from=pr0302&uid=WDCXWD10EURX-73FH1Y0_WD-WMC1U763552535525 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1488454904&z=f22d6b7acce70682b4c2487gcz8b0b1zaw2z1tfg0e&from=pr0302&uid=WDCXWD10EURX-73FH1Y0_WD-WMC1U763552535525 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Birdjob\Application\chrome.exe (Google Inc.) -> hxxp://www.startpageing123.com/?type=sc&ts=1488454904&z=f22d6b7acce70682b4c2487gcz8b0b1zaw2z1tfg0e&from=pr0302&uid=WDCXWD10EURX-73FH1Y0_WD-WMC1U763552535525 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Keep – notatki i listy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.startpageing123.com/?type=sc&ts=1488454904&z=f22d6b7acce70682b4c2487gcz8b0b1zaw2z1tfg0e&from=pr0302&uid=WDCXWD10EURX-73FH1Y0_WD-WMC1U763552535525 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Birdjob\Application\chrome.exe (Google Inc.) -> hxxp://www.startpageing123.com/?type=sc&ts=1488454904&z=f22d6b7acce70682b4c2487gcz8b0b1zaw2z1tfg0e&from=pr0302&uid=WDCXWD10EURX-73FH1Y0_WD-WMC1U763552535525 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7eacadfa43776aec\Google Chrome.lnk -> C:\Program Files (x86)\Birdjob\Application\chrome.exe (Google Inc.) -> hxxp://www.startpageing123.com/?type=sc&ts=1488454904&z=f22d6b7acce70682b4c2487gcz8b0b1zaw2z1tfg0e&from=pr0302&uid=WDCXWD10EURX-73FH1Y0_WD-WMC1U763552535525 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6dc87d5b8be063a4\Google Chrome.lnk -> C:\Program Files (x86)\Birdjob\Application\chrome.exe (Google Inc.) -> hxxp://www.startpageing123.com/?type=sc&ts=1488454904&z=f22d6b7acce70682b4c2487gcz8b0b1zaw2z1tfg0e&from=pr0302&uid=WDCXWD10EURX-73FH1Y0_WD-WMC1U763552535525 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Birdjob\Application\chrome.exe (Google Inc.) -> hxxp://www.startpageing123.com/?type=sc&ts=1488454904&z=f22d6b7acce70682b4c2487gcz8b0b1zaw2z1tfg0e&from=pr0302&uid=WDCXWD10EURX-73FH1Y0_WD-WMC1U763552535525 ShortcutWithArgument: C:\Users\oem\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\361178be4aa3110f\Google Chrome.lnk -> C:\Program Files (x86)\Birdjob\Application\chrome.exe (Google Inc.) -> hxxp://www.startpageing123.com/?type=sc&ts=1488454904&z=f22d6b7acce70682b4c2487gcz8b0b1zaw2z1tfg0e&from=pr0302&uid=WDCXWD10EURX-73FH1Y0_WD-WMC1U763552535525 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Birdjob\Application\chrome.exe (Google Inc.) -> hxxp://www.startpageing123.com/?type=sc&ts=1488454904&z=f22d6b7acce70682b4c2487gcz8b0b1zaw2z1tfg0e&from=pr0302&uid=WDCXWD10EURX-73FH1Y0_WD-WMC1U763552535525 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) -> hxxp://www.startpageing123.com/?type=sc&ts=1488454904&z=f22d6b7acce70682b4c2487gcz8b0b1zaw2z1tfg0e&from=pr0302&uid=WDCXWD10EURX-73FH1Y0_WD-WMC1U763552535525 ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Birdjob\Application\chrome.exe (Google Inc.) -> hxxp://www.startpageing123.com/?type=sc&ts=1488454904&z=f22d6b7acce70682b4c2487gcz8b0b1zaw2z1tfg0e&from=pr0302&uid=WDCXWD10EURX-73FH1Y0_WD-WMC1U763552535525 ==================== Załadowane moduły (filtrowane) ============== 2016-01-20 09:13 - 2015-09-28 02:50 - 00026120 _____ () C:\Windows\System32\KOI1070_mfp.dll 2011-06-23 15:18 - 2011-06-23 15:18 - 00015360 _____ () C:\Windows\System32\KOI1200_mfp.dll 2011-10-29 02:59 - 2011-10-29 02:59 - 00918448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe 2016-01-22 13:55 - 2016-01-22 13:55 - 00553136 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2017-03-01 13:07 - 2017-03-04 00:02 - 00115200 _____ () C:\Users\oem\AppData\Roaming\Kyubey\Kyubey.exe 2016-03-22 14:36 - 2015-09-23 03:24 - 00242264 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2016-02-26 07:44 - 2016-02-17 07:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-02-26 07:44 - 2016-02-17 07:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-02-23 13:02 - 2016-02-17 07:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-02-20 16:03 - 2016-02-20 16:03 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2012-12-22 12:14 - 2012-10-29 08:14 - 01184640 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll 2017-02-24 22:07 - 2017-02-24 06:24 - 00167600 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe 2017-02-23 18:05 - 2017-02-23 10:02 - 00112640 _____ () c:\programdata\apple\apple application support\support.dll 2012-12-21 19:48 - 2017-03-05 18:19 - 00029184 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.18\PEbiosinterface32.dll 2012-12-21 19:48 - 2010-06-29 03:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.18\ATKEX.dll 2012-12-21 19:56 - 2011-12-28 18:13 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll 2012-12-21 19:56 - 2011-09-07 23:23 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll 2016-12-26 20:58 - 2016-12-26 04:45 - 00635392 _____ () c:\programdata\vmware\vmware workstation\uninstaller\instutil.dll 2016-10-28 22:41 - 2016-10-28 22:41 - 00275968 _____ () c:\program files (x86)\thibeward\wifertcache.dll 2013-03-25 12:49 - 2013-03-25 12:49 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\8b857add6394c98128874eb2579534e5\IsdiInterop.ni.dll 2012-12-20 09:51 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-12-21 19:49 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll 2012-12-21 19:49 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll 2012-12-21 19:51 - 2011-09-26 19:36 - 00869376 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll 2012-12-21 19:49 - 2011-09-20 18:11 - 00985600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll 2012-12-21 19:54 - 2012-03-01 14:20 - 01296384 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll 2012-12-21 19:54 - 2012-02-09 17:09 - 01118208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll 2012-12-21 19:49 - 2012-02-13 09:53 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll 2012-12-21 19:49 - 2011-09-26 18:37 - 01616384 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll 2012-12-21 19:49 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll 2012-12-21 19:49 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll 2012-12-21 19:49 - 2011-10-14 20:03 - 00885248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll 2012-12-21 19:48 - 2010-08-23 03:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll 2012-12-21 19:49 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll 2012-12-21 19:57 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll 2012-12-21 19:57 - 2010-09-23 11:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll 2012-12-21 19:57 - 2010-02-25 14:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\Aszip.dll 2017-02-23 18:05 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Birdjob\Application\libglesv2.dll 2017-02-23 18:05 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Birdjob\Application\libegl.dll 2012-12-21 19:54 - 2012-02-15 13:42 - 00150528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll 2012-12-21 19:54 - 2012-02-02 15:12 - 00786432 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll 2012-12-21 19:54 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll 2012-12-21 19:49 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll 2016-02-23 13:02 - 2016-02-17 08:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2017-01-22 21:57 - 2017-01-22 21:57 - 00225280 ____H () C:\Program Files (x86)\INet\INetcomastgmir.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2017-02-21 16:57 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-642869367-1592473142-3323770084-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\oem\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\oem\AppData\Local\Akamai\netsession_win.exe" MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: RAPBOUGKZ2 => "C:\Program Files\R24ILDVVAV\R24ILDVVA.exe" MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun MSCONFIG\startupreg: URFGLXTDWT => "C:\Program Files\LXI4ITSVJC\YMPJQTYWI.exe" MSCONFIG\startupreg: WidgetPodatnikInfo => "C:\Program Files (x86)\Podatnik.info\PIT pro 2015\Widget.exe" MSCONFIG\startupreg: WINCOMEIM => "C:\Program Files (x86)\mpck\wincom_EIM.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [TCP Query User{EBFD28C5-1D1C-4181-BDE5-60F2C369CB8B}C:\program files (x86)\birdjob\application\chrome.exe] => (Allow) C:\program files (x86)\birdjob\application\chrome.exe FirewallRules: [UDP Query User{CC27FC5B-16C6-4166-A170-C2C4709D2E0E}C:\program files (x86)\birdjob\application\chrome.exe] => (Allow) C:\program files (x86)\birdjob\application\chrome.exe FirewallRules: [{F4B03212-0F9E-41BF-9458-D10F184E3CC2}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe FirewallRules: [{60C58351-972E-44B1-88BA-08B15CAB5959}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe FirewallRules: [TCP Query User{AD69AC05-5F71-43BA-9F51-0D3C440622B5}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{8B42F9DB-6CEC-4C56-8400-36C90EFC9F2F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [TCP Query User{3D4D3835-D575-40B7-A95A-32ADD2CF2204}C:\program files (x86)\birdjob\application\chrome.exe] => (Allow) C:\program files (x86)\birdjob\application\chrome.exe FirewallRules: [UDP Query User{20ABD473-AF06-48AA-99C2-38E9D6FB62F5}C:\program files (x86)\birdjob\application\chrome.exe] => (Allow) C:\program files (x86)\birdjob\application\chrome.exe FirewallRules: [{EDC7CBEC-5940-4ED4-9177-6D1ADBB1311F}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe FirewallRules: [{949AE83D-CB21-45CA-9379-449D4E2948F8}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe ==================== Punkty Przywracania systemu ========================= 11-02-2017 22:32:28 Removed amuleC 11-02-2017 22:38:59 Removed WinSnare 17-02-2017 23:37:55 Removed amuleC 17-02-2017 23:38:33 Removed WinSnare 21-02-2017 16:53:41 Removed amuleC 21-02-2017 16:54:05 Removed BikaQ Rss Reader 21-02-2017 16:55:04 Removed WinSnare 21-02-2017 16:57:09 Restore Point Created by FRST 21-02-2017 18:01:47 Removed WinSnare 23-02-2017 20:53:34 Restore Point Created by FRST 24-02-2017 22:52:48 Removed BikaQ Rss 24-02-2017 22:53:30 Removed amuleC 24-02-2017 22:54:16 Removed WinSnare 28-02-2017 20:26:38 Removed BikaQ Rss 28-02-2017 20:27:02 Removed amuleC 28-02-2017 20:27:23 Removed WinSnare ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Kontroler Uniwersalnej magistrali szeregowej (USB) Description: Kontroler Uniwersalnej magistrali szeregowej (USB) Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/28/2017 08:27:12 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DAMIAN) Description: Nie można ponownie uruchomić aplikacji lub usługi ed2k idle service. Error: (02/24/2017 10:53:40 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DAMIAN) Description: Nie można ponownie uruchomić aplikacji lub usługi ed2k idle service. Error: (02/23/2017 09:13:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: mbam.exe, wersja: 3.0.0.912, sygnatura czasowa: 0x58811df5 Nazwa modułu powodującego błąd: Qt5Core.dll, wersja: 5.6.2.0, sygnatura czasowa: 0x5849a177 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00192df1 Identyfikator procesu powodującego błąd: 0xd00 Godzina uruchomienia aplikacji powodującej błąd: 0x01d28e112ab96348 Ścieżka aplikacji powodującej błąd: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe Ścieżka modułu powodującego błąd: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll Identyfikator raportu: 87286f4e-fa04-11e6-8703-0c5b8f279a64 Error: (02/23/2017 08:53:30 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {e59d7fce-2c60-4565-872f-f2b2948849c9} Error: (02/21/2017 04:57:09 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {dd18434d-7beb-407a-86e4-a4344f7312da} Error: (02/21/2017 04:54:01 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DAMIAN) Description: Nie można ponownie uruchomić aplikacji lub usługi ed2k idle service. Error: (02/21/2017 04:08:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: UvConvInst.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x58a692df Nazwa modułu powodującego błąd: UvConvInst.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x58a692df Kod wyjątku: 0x40000015 Przesunięcie błędu: 0x000080b4 Identyfikator procesu powodującego błąd: 0x12c4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d28c546d5624cb Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\cvbs9\UvConvInst.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\cvbs9\UvConvInst.exe Identyfikator raportu: ab4b1403-f847-11e6-97c9-0c5b8f279a64 Error: (02/21/2017 12:08:56 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: UvConvInst.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x58a692df Nazwa modułu powodującego błąd: UvConvInst.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x58a692df Kod wyjątku: 0x40000015 Przesunięcie błędu: 0x000080b4 Identyfikator procesu powodującego błąd: 0x11b4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d28c32e3ec4278 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\cvbs8\UvConvInst.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\cvbs8\UvConvInst.exe Identyfikator raportu: 22a3e84a-f826-11e6-97c9-0c5b8f279a64 Error: (02/20/2017 10:36:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: InDesign.exe, wersja: 7.5.3.333, sygnatura czasowa: 0x4f6b9e72 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0038cbd8 Identyfikator procesu powodującego błąd: 0x13f8 Godzina uruchomienia aplikacji powodującej błąd: 0x01d28bbc5a163297 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Adobe\Adobe InDesign CS5.5\InDesign.exe Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 9a15cd98-f7b4-11e6-8490-0c5b8f279a64 Error: (02/20/2017 04:44:34 PM) (Source: MsiInstaller) (EventID: 1013) (User: DAMIAN) Description: Product: WinSnare -- Unable to install because a newer version of this product is already installed. Dziennik System: ============= Error: (02/28/2017 08:27:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi ed2k idle service z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (02/28/2017 07:51:47 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2. Error: (02/28/2017 07:51:47 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2. Error: (02/28/2017 07:51:46 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2. Error: (02/28/2017 07:51:46 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2. Error: (02/28/2017 07:51:45 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2. Error: (02/27/2017 04:20:15 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \...\DR1. Error: (02/27/2017 03:41:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi ed2k idle service z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (02/26/2017 03:20:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi ed2k idle service z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (02/25/2017 10:24:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi ed2k idle service z powodu następującego błędu: Nie można odnaleźć określonego pliku. CodeIntegrity: =================================== Date: 2017-01-20 20:54:27.659 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-01-20 20:54:27.472 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-01-20 20:52:10.231 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-20 20:52:10.204 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-20 20:52:10.176 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-20 20:52:10.149 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-01-20 20:20:09.606 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-01-20 20:20:09.325 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-15 17:43:51.012 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-15 17:43:50.985 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz Procent pamięci w użyciu: 20% Całkowita pamięć fizyczna: 32719.71 MB Dostępna pamięć fizyczna: 26085.86 MB Całkowita pamięć wirtualna: 65737.61 MB Dostępna pamięć wirtualna: 59105.19 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:292.87 GB) (Free:106.57 GB) NTFS Drive d: (Praca_Projekty) (Fixed) (Total:320.18 GB) (Free:245.16 GB) NTFS Drive e: (INNE) (Fixed) (Total:318.36 GB) (Free:211.94 GB) NTFS Drive h: (TOSHIBA PUSZEK) (Fixed) (Total:931.51 GB) (Free:738.14 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 56C0A98E) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=292.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=318.4 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=320.2 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DEB68564) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================