Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 15-03-2017 Uruchomiony przez Tom (08-04-2017 00:10:00) Uruchomiony z C:\Users\Tom\Downloads\Fix Windows 8.1 Pro (X64) (2015-03-06 16:24:15) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3585312160-345975134-3153727662-500 - Administrator - Disabled) Gość (S-1-5-21-3585312160-345975134-3153727662-501 - Limited - Disabled) Tom (S-1-5-21-3585312160-345975134-3153727662-1001 - Administrator - Enabled) => C:\Users\Tom ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-3585312160-345975134-3153727662-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 16.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) AutoCAD 2013 – Polski (Polish) (HKLM\...\AutoCAD 2013 – Polski (Polish)) (Version: 19.0.55.0 - Autodesk) AutoCAD 2013 – Polski (Polish) (Version: 19.0.55.0 - Autodesk) Hidden AutoCAD 2013 Language Pack – Polski (Polish) (Version: 19.0.55.0 - Autodesk) Hidden Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk) Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.) Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\Dodatek Autodesk Inventor Fusion dla programu AutoCAD 2013) (Version: 0.2.0.230 - Autodesk) Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk) Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk) Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.3.2291 - AVAST Software) BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform) Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{8616305F-122C-4341-9C37-47A9CD322AB2}) (Version: 17.1.0.572 - Corel Corporation) Corel Graphics - Windows Shell Extension (x32 Version: 17.1.572 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 64 Bit (Version: 17.1.572 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x32 Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x32 Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x32 Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x32 Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x32 Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x32 Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x32 Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x32 Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x32 Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x32 Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x32 Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PL (x32 Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x32 Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x32 Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x32 Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x32 Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x32 Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (HKLM-x32\...\_{C5D9CECB-A66F-473F-B406-5C8C2DCA4DF0}) (Version: 17.1.0.572 - Corel Corporation) CorelDRAW Graphics Suite X7 (x32 Version: 17.1 - Corel Corporation) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd) Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden Dodatek Autodesk Inventor Fusion dla programu AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden Dodatek Autodesk Inventor Fusion Language Pack dla programu AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden Dodatek Zapisywanie jako PDF lub XPS firmy Microsoft dla programów pakietu Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0415-0000-0000000FF1CE}) (Version: 12.0.4518.1020 - Microsoft Corporation) e-pity 7.0.19 za rok 2015 (HKLM-x32\...\{80D8170E-5590-218-B9ED-E24E4C99A18D}_is1) (Version: 7.0.19 - e-file sp. z o.o.) e-pity 8.0.12 za rok 2016 (HKLM-x32\...\{80D8170E-5590-218-B9ED-E24E4C99A11D}_is1) (Version: 8.0.12 - e-file sp. z o.o. sp.k.) EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 6.05 - Astonsoft Ltd) F4500 (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden FLIR Tools (HKLM-x32\...\{8764f915-c20a-48ad-b612-97cb3f569444}) (Version: 5.11.16357.2007 - FLIR Systems) FLIR Tools (x32 Version: 5.11.16357.2007 - FLIR Systems) Hidden FLIR Tools English Documentation (x32 Version: 5.11.16357.2007 - FLIR Systems) Hidden foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu) HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{FD126052-310E-4364-937B-6B5564F24578}) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{E1480805-A72D-4AE2-B24B-74599CD52915}) (Version: 4.2.40.2418 - Intel Corporation) Kels' Win7 CPL PacK! (HKLM\...\CPL Pack) (Version: 5.2 - Kelsenellenelvian EverDawn) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Max Payne 3 Complete Edition (HKLM\...\bWF4cGF5bmUz_is1) (Version: 1 - ) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 52.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 pl)) (Version: 52.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden NVIDIA Oprogramowanie systemu PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.25 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation) NVIDIA Sterownik graficzny 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation) NVIDIA Wirtualny dźwięk Miracast 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.25 - NVIDIA Corporation) OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden Panel sterowania NVIDIA 347.25 (Version: 347.25 - NVIDIA Corporation) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Pro Evolution Soccer 2017 (HKLM-x32\...\{A3C10274-808C-4ADC-A13D-D94911180B58}_is1) (Version: - KONAMI) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7399 - Realtek Semiconductor Corp.) SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.) SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden SopCast 3.9.6 (HKLM-x32\...\SopCast) (Version: 3.9.6 - www.sopcast.com) Spotify (HKU\S-1-5-21-3585312160-345975134-3153727662-1001\...\Spotify) (Version: 1.0.51.693.g6ea1e7f6 - Spotify AB) Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden TakeOwnershipEx (HKLM-x32\...\TakeOwnershipEx) (Version: 1.2.0.1 - hxxp://winaero.com) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 2.2.0.0 - Manuel Hoefs (Zottel)) UnHackMe 8.70 (HKLM-x32\...\UnHackMe_is1) (Version: - Greatis Software, LLC.) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3585312160-345975134-3153727662-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3585312160-345975134-3153727662-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3585312160-345975134-3153727662-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2013\pl-PL\acadficn.dll (Autodesk, Inc.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {17912EB4-1993-47B9-902F-EE408300E8E9} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [2017-03-15] (Greatis Software) Task: {44434FC1-D078-458B-98D3-21EBA6B49CD7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-07] (Google Inc.) Task: {456248F5-144D-46C3-8419-CE632000E739} - System32\Tasks\SafeZone scheduled Autoupdate 1490380310 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software) Task: {4E88E4C0-8714-4586-8A62-A705599E1F9E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-07] (Google Inc.) Task: {5980A562-67CF-496F-8EB1-3583B901D39F} - System32\Tasks\e-pity2016a_kwiecien => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [2017-02-14] (e-file sp. z o.o. sp. k.) Task: {5F988D13-F333-40D5-A9CC-C10FE008E1E6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd) Task: {80F3AE6A-4863-4BCE-8E34-3573AC2CCC0E} - System32\Tasks\e-pity2015a_kwiecien => C:\Program Files (x86)\e-file\e-pity2015\Assets\signxml.exe [2016-02-24] (e-file sp. z o.o.) Task: {9C3C9A9B-E013-47B4-B6D5-8B23DE3C25AD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software) Task: {9E3AEDD2-3A8D-43BC-84AA-6E1866760E9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {AA45BD95-7C16-403A-807D-5FC9C6F08966} - System32\Tasks\e-pity2015a_styczen => C:\Program Files (x86)\e-file\e-pity2015\Assets\signxml.exe [2016-02-24] (e-file sp. z o.o.) Task: {C8E6F3A9-D2E7-4CCC-A6A0-F3D585C4D6AA} - \CreateChoiceProcessTask -> Brak pliku <==== UWAGA Task: {E6EE270E-1A8B-4D9D-A967-594C4874938D} - System32\Tasks\e-pity2016a_styczen => C:\Program Files (x86)\e-file\e-pity\Assets\signxml.exe [2017-02-14] (e-file sp. z o.o. sp. k.) Task: {EE114762-C16F-443F-A1AC-5D27DBDC7158} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-04-03] (AVAST Software) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Tom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Tom\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Tom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Tom\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Tom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\abcc729f78f1532b\Tomasz - Chrome.lnk -> C:\Program Files (x86)\Moncar\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Tom\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Tom\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ==================== Załadowane moduły (filtrowane) ============== 2015-03-06 19:16 - 2015-01-10 01:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-03-23 23:15 - 2017-03-23 23:15 - 00524696 _____ () C:\Program Files\żěŃą\X64\KZipShell.dll 2013-08-01 18:31 - 2013-08-01 18:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2013-08-01 18:31 - 2013-08-01 18:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2013-08-01 18:31 - 2013-08-01 18:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll 2017-04-07 23:28 - 2017-03-29 10:47 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll 2017-04-07 23:28 - 2017-03-29 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll 2017-04-03 20:03 - 2017-04-03 20:03 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-03-24 20:29 - 2017-03-24 20:29 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-04-03 20:03 - 2017-04-03 20:03 - 00176480 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-04-03 20:03 - 2017-04-03 20:03 - 00293936 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-04-03 20:03 - 2017-04-03 20:03 - 00653520 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2015-03-06 19:34 - 2013-09-17 04:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939 [114] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) HKU\S-1-5-21-3585312160-345975134-3153727662-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 15:25 - 2017-03-23 23:14 - 00000918 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 clients2.google.com 127.0.0.1 v1.ff.avast.com 127.0.0.1 vlcproxy.ff.avast.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3585312160-345975134-3153727662-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Resources\Themes\8Plus\Wallpaper\Terra\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\Services: wscsvc => 2 MSCONFIG\Services: wuauserv => 3 HKLM\...\StartupApproved\StartupFolder: => "ISCTSystray.lnk" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "Autodesk Sync" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "IAStorIcon" HKLM\...\StartupApproved\Run32: => "Autodesk Sync" HKLM\...\StartupApproved\Run32: => "vProt" HKU\S-1-5-21-3585312160-345975134-3153727662-1001\...\StartupApproved\Run: => "AdobeBridge" HKU\S-1-5-21-3585312160-345975134-3153727662-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-3585312160-345975134-3153727662-1001\...\StartupApproved\Run: => "CMD" HKU\S-1-5-21-3585312160-345975134-3153727662-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-3585312160-345975134-3153727662-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-3585312160-345975134-3153727662-1001\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-3585312160-345975134-3153727662-1001\...\StartupApproved\Run: => "AceStream" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{71DBCBE9-077F-442F-B3EA-36BC14056C84}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{114AB9AD-99E8-46D4-9F37-CF82D97BEBC1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{963885D4-91E4-4DBE-8883-06E996417DB4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{4B54189E-FFD1-4B2D-B8EC-52957299F104}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{A4E59F0D-5C4A-4370-9612-50A66F77A10B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{2D49CAF0-A62D-4695-B15E-31F34A6FA763}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{0A53C42A-36AA-4126-8D41-C9CB02D5C9FB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{0E1944A5-FFA7-4128-A45B-A05850264362}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{29A6DADD-FC91-4FF5-B282-5AAC6CC3CD3A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{544F5048-7FCB-4E2D-8DBC-9E7BD9738B1E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{B90763EB-C960-4B4D-AC02-3001DBEA065D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{E70E8E36-0407-4551-8985-A8AEE264CAC6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{4E2BA301-7FDD-4748-81EF-976E2A318799}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [TCP Query User{91FB5E9C-B504-4393-8066-2EAAB803A6AA}C:\users\tom\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tom\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{B4DA8146-8BE8-45CD-B765-E4A0163D5E75}C:\users\tom\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tom\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{A57C9AA7-82EF-4D1A-B600-DB71D770D14A}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [UDP Query User{308ACAA3-C395-493C-B2A2-F4FA8A923FC4}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [TCP Query User{0E05BFDE-F948-4180-BA4A-DC36A719023C}C:\users\tom\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\tom\appdata\roaming\acestream\engine\ace_engine.exe FirewallRules: [UDP Query User{09F2286B-674A-4FF3-8B50-E4240DE3A9E1}C:\users\tom\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\tom\appdata\roaming\acestream\engine\ace_engine.exe FirewallRules: [TCP Query User{9464F95B-4192-4336-A3CD-02E4D1DB394E}C:\program files (x86)\essentialpim\essentialpim.exe] => (Allow) C:\program files (x86)\essentialpim\essentialpim.exe FirewallRules: [UDP Query User{47C9F833-D3FF-4398-B491-D7915692BB68}C:\program files (x86)\essentialpim\essentialpim.exe] => (Allow) C:\program files (x86)\essentialpim\essentialpim.exe FirewallRules: [TCP Query User{96A88CEB-3AA1-413D-A9BF-1144BABBAB8A}C:\program files (x86)\essentialpim\essentialpim.exe] => (Allow) C:\program files (x86)\essentialpim\essentialpim.exe FirewallRules: [UDP Query User{BB6FC4B4-817B-4F19-8013-8EA6586BB88E}C:\program files (x86)\essentialpim\essentialpim.exe] => (Allow) C:\program files (x86)\essentialpim\essentialpim.exe FirewallRules: [TCP Query User{C7AE5733-F145-4F5B-B017-F256D2C67F26}C:\users\tom\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tom\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{7D11E581-34FA-4D1D-9FAE-C7CF14A2EC96}C:\users\tom\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tom\appdata\roaming\spotify\spotify.exe FirewallRules: [{95504CD2-D4C0-4239-BA87-D37C98C33F01}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{3D9DDBD8-EE63-4C22-B1B7-9845DBBBE155}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{C1BA8763-8CD9-4172-9240-68B33A4ED37E}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{834E9597-7298-42BA-9F51-7F71486725AB}] => (Allow) C:\Program Files (x86)\Hp\Digital Imaging\{FD126052-310E-4364-937B-6B5564F24578}\setup\hpznui40.exe FirewallRules: [TCP Query User{2FB82EFE-5661-4B69-851E-BBC50A799EA0}C:\users\tom\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tom\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{1BAF2D58-CAF4-4CC5-82E0-6C5A490D45C8}C:\users\tom\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tom\appdata\roaming\spotify\spotify.exe FirewallRules: [{20A33649-5EDF-4161-B6F7-28B5CB848A62}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X7\Programs\CorelDrw.exe FirewallRules: [{22BC20ED-BD85-4D5E-8D72-2C1617CD5B8C}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X7\Programs\CorelPP.exe FirewallRules: [TCP Query User{007FC49A-F38E-478B-B4A4-14283133ADF5}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [UDP Query User{565F9C09-D20D-43B1-9CEF-A1486E3778D8}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [{E08A34BF-3A77-4756-99B6-19B318DAD2CC}] => (Allow) LPort=50248 FirewallRules: [{4CAEFC65-F363-4703-BBC9-683A34A52A63}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{0A61BB6E-A95D-4F66-91D6-240D1C4CBA8E}] => (Allow) LPort=2869 FirewallRules: [{1AE218C0-929D-4CE6-925B-4D8E10B8ABDF}] => (Allow) LPort=1900 FirewallRules: [{1597434A-7F18-4FC8-94B2-167E3D9F3468}] => (Allow) C:\Users\Tom\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6B28532A-6836-4288-97A8-F5072F452DAA}] => (Allow) C:\Users\Tom\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6C45A888-775A-42EA-9801-297CC0447ECD}] => (Allow) C:\Users\Tom\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C0FC8188-695D-41ED-B496-03F2DA1D81D0}] => (Allow) C:\Users\Tom\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{110B9680-888E-4E43-B56A-CCC7DDFD9D3A}] => (Allow) C:\Users\Tom\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6EE4EAED-1116-41F7-AB3D-E6AA8EC3EF67}] => (Allow) C:\Users\Tom\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E20C55D2-9C5A-42EF-8C6B-B7A747064569}] => (Allow) C:\Users\Tom\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{EDEC541D-6D42-42B9-B861-E09EDD37894F}] => (Allow) C:\Users\Tom\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{21CAC77A-0E6F-4BB0-B64F-243D3E701FC5}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{FFC95B86-9659-40BC-A02F-AB2BD90E69A4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{E8E0EEC4-2B60-4FD1-B129-81BA13219E99}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{000FC078-8E4B-4CE9-A643-0CC9D56EDFAA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [TCP Query User{3338091E-DA4D-443F-929F-4C438B1EE4E5}C:\gry\max payne 3\max payne 3\maxpayne3.exe] => (Allow) C:\gry\max payne 3\max payne 3\maxpayne3.exe FirewallRules: [UDP Query User{49F0ACD5-D642-479E-90A8-151C7B07512F}C:\gry\max payne 3\max payne 3\maxpayne3.exe] => (Allow) C:\gry\max payne 3\max payne 3\maxpayne3.exe FirewallRules: [{18B36126-BDAE-4D08-9EE9-19F5C968FF31}] => (Allow) C:\ProgramData\FLIR Systems\FLIR Tools\Updates\FLIR Tools Updater.exe FirewallRules: [{2AE4C54A-660C-48BD-8E22-1D1D1F19F19B}] => (Allow) C:\Users\Tom\AppData\Roaming\ACEStream\engine\ace_engine.exe FirewallRules: [{214C3F8F-E783-4128-8FBC-0591028A7161}] => (Allow) C:\Users\Tom\AppData\Roaming\ACEStream\engine\ace_engine.exe FirewallRules: [{EF9FD338-BA20-4DEC-B7EC-9C5C2213FF42}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe FirewallRules: [{EBA57789-2627-4D88-AC72-16E3F225E6E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{BF1B4F1D-7B77-485C-88B6-ACB9B2345383}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7D829D0A-6291-4281-AF47-475AB615EA2C}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe FirewallRules: [{36E6C067-B585-4933-8F42-56EC0B8DD22A}] => (Allow) C:\Program Files (x86)\MIO\loader\m4-ct128m4ssd2_00000000115003259954.dat FirewallRules: [{B10F6C31-2C5A-4DE9-AFF5-F61CCB1DF483}] => (Allow) C:\Program Files (x86)\MIO\loader\m4-ct128m4ssd2_00000000115003259954.dat FirewallRules: [{4C4FB2F8-393A-4F10-BE3C-BC090EDA8AFA}] => (Allow) C:\Program Files (x86)\Moncar\Application\chrome.exe FirewallRules: [{1B4A268F-23CF-4AB9-910F-059F2AB33131}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe FirewallRules: [{170D7E3D-731D-48ED-918D-F5416C38E394}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe FirewallRules: [{68365D25-7C0A-4374-8873-0311A49120E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= 16-03-2017 21:52:19 Zaplanowany punkt kontrolny 23-03-2017 23:47:16 Removed Ghostscript GPL 8.64 (Msi Setup). 02-04-2017 19:27:00 Zaplanowany punkt kontrolny 05-04-2017 17:01:47 Removed WINSNARE 07-04-2017 22:49:39 UnHackMe Malware Removal ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Deskjet F4500 series Description: Deskjet F4500 series Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Deskjet F4500 series Description: Deskjet F4500 series Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: HP Service: StillCam Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (04/07/2017 10:49:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service clean since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (04/07/2017 10:49:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Dziennik System: ============= Error: (04/07/2017 10:56:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Update Service(FirefoxU) z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (04/07/2017 10:56:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi ed2k idle service z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (04/07/2017 10:54:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa WinSAPSvc zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego modułu. Error: (04/07/2017 10:54:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi vToolbarUpdater40.3.7 z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (04/07/2017 10:54:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi KuaiZipDrive z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (04/07/2017 10:54:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi GoogleChromeUpService z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (04/07/2017 10:54:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi WtuSystemSupport z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (04/07/2017 10:53:45 PM) (Source: DCOM) (EventID: 10010) (User: COMPUTER) Description: Serwer {8CEC58AE-07A1-11D9-B15E-000D56BFE6EE} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (04/07/2017 10:53:45 PM) (Source: DCOM) (EventID: 10010) (User: COMPUTER) Description: Serwer {3EB3C877-1F16-487C-9050-104DBCD66683} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (04/07/2017 10:53:45 PM) (Source: DCOM) (EventID: 10010) (User: COMPUTER) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. CodeIntegrity: =================================== Date: 2017-01-31 19:06:57.210 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-31 19:06:56.653 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-31 19:06:52.526 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-31 19:06:51.445 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-31 19:06:51.398 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-31 19:06:51.141 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-31 19:06:46.685 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-31 19:03:44.832 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-31 19:03:44.676 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-31 19:03:44.520 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz Procent pamięci w użyciu: 23% Całkowita pamięć fizyczna: 8157.92 MB Dostępna pamięć fizyczna: 6270.43 MB Całkowita pamięć wirtualna: 9181.92 MB Dostępna pamięć wirtualna: 7227.86 MB ==================== Dyski ================================ Drive c: (SYSTEM) (Fixed) (Total:118.9 GB) (Free:31.37 GB) NTFS Drive d: (Nowy) (Fixed) (Total:298.09 GB) (Free:200.16 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 734DCFF1) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=118.9 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: CC99F6F0) Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================