Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 01-10-2017 Uruchomiony przez Przemek (01-10-2017 21:31:21) Uruchomiony z C:\Users\Przemek\Downloads Windows 7 Professional Service Pack 1 (X64) (2017-08-08 14:50:44) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-4224411601-1902314495-2284845242-500 - Administrator - Disabled) Gość (S-1-5-21-4224411601-1902314495-2284845242-501 - Limited - Disabled) Przemek (S-1-5-21-4224411601-1902314495-2284845242-1000 - Administrator - Enabled) => C:\Users\Przemek ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) Adobe Reader 9.5.0 - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-A95000000001}) (Version: 9.5.0 - Adobe Systems Incorporated) ALLPlayer V7.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform) CodeBlocks (HKU\S-1-5-21-4224411601-1902314495-2284845242-1000\...\CodeBlocks) (Version: 16.01 - The Code::Blocks Team) Driver Booster 4.4 (HKLM-x32\...\Driver Booster_is1) (Version: 4.4.0 - IObit) foobar2000 v1.3.16 (HKLM-x32\...\foobar2000) (Version: 1.3.16 - Peter Pawlowski) Malwarebytes (wersja 3.2.2.2029) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 55.0.3 (x64 pl) (HKLM\...\Mozilla Firefox 55.0.3 (x64 pl)) (Version: 55.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla) Napisy24 (HKLM-x32\...\{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 1.9.1 - Napisy24.pl) Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM\...\{90160000-001F-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.1 - Notepad++ Team) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.) WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) XMind 8 (v3.7.0) (HKLM-x32\...\XMind_is1) (Version: 3.7.0.201611010032 - XMind Ltd.) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-4224411601-1902314495-2284845242-1000_Classes\CLSID\{1FF94622-64A5-2E70-AB57-A37AEF698354}\InprocServer32 -> Brak ścieżki do pliku CustomCLSID: HKU\S-1-5-21-4224411601-1902314495-2284845242-1000_Classes\CLSID\{2EF94622-64A5-2E70-AB57-A37AEF698354}\InprocServer32 -> Brak ścieżki do pliku ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [Offline FilesEx] -> {1FF94622-64A5-2E70-AB57-A37AEF698354} => C:\Windows\Microsoft.NET\authman\lua51.dll [2017-09-19] () ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-08-29] () ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-08-14] (Intel Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Brak pliku ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {004091C8-F07B-4396-AD95-F3FBBDE34E94} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => [Argument = /PBDADiscovery] Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => [Argument = start w32time task_started] Task: {08015B56-4636-421A-92F8-2FA4301FA926} - System32\Tasks\Driver Booster SkipUAC (Przemek) => [Argument = /skipuac] Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => [Argument = ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem] Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => [Argument = ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem] Task: {0AE90EF0-F2FD-4EAC-9D7B-9E693D95AFF7} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline => [Argument = /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"] Task: {0D0CFEF0-9362-4AD5-AE31-664487CD9297} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => [Argument = /DoReindexSearchRoot] Task: {1D29B571-BAF7-4E96-88F1-80FCB8777B52} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => [Argument = -pscn 0] Task: {2838D48D-5998-4274-84B3-39801DBC6388} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => [Argument = scan upload mininterval:2880] Task: {2D713777-ACC8-4396-A505-BEC64AC7971B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => [Argument = /wait:7 /PBDADiscovery] Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - System32\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification => [Argument = /CONFIGNOTIFICATION] Task: {375211E4-5003-42BE-8DA7-E3F7209B95C6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => [Argument = /DoUpdateRecordPath $(Arg0)] Task: {3FDCD5F0-B06C-4490-877D-672FB979D0BB} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => [Argument = Scan -ScheduleJob -WinTask -RestrictPrivilegesScan] Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => [Argument = config upnphost start= auto] Task: {5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => [Argument = -c] Task: {5F80CADF-6E15-45BE-91B1-6453B62E28BA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => [Argument = /InstallPlayReady $(Arg0)] Task: {5F8F5CC1-39A0-401F-8B01-D8D1A6CA3D01} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => [Argument = /OCURDiscovery $(Arg0)] Task: {629FC02C-E3F2-464A-81C0-B37F3F757534} - System32\Tasks\Adobe Flash Player Updater => Task: {68D1A8DA-3123-48B2-8C1D-EB1499DAD24E} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => [Argument = dfdts.dll,DfdGetDefaultPolicyAndSMART] Task: {699DE59F-A077-41DA-94CA-2ACB1A5F45A7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => [Argument = /OCURActivate] Task: {6C800CDE-EA1C-4855-87C1-53C563556D3F} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => [Argument = /run] Task: {6F5C90EA-9CFA-4FA4-B2D6-A5DDEA044172} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => [Argument = /DoConfigureInternetTimeService] Task: {6FE8DF90-5B2B-479C-B94F-1D98438C5499} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => [Argument = -SqlLiteRecoveryTask] Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => Task: {79D14868-14F4-4E2F-B408-94A1C0396AC5} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => [Argument = /DoRegisterSearch $(Arg0)] Task: {7AD3783B-F9A0-40BE-AF7F-72812490E095} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => Task: {81540B9F-B5BF-47EB-9C95-BE195BF2C664} - System32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo => Task: {8603731F-9DB1-4D29-BDFB-0D2A47AD0F56} - System32\Tasks\CCleanerSkipUAC => [Argument = $(Arg0)] Task: {8717A05B-5834-46BC-A414-E2288BCC4DB2} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => [Argument = /DoActivateWindowsSearch] Task: {8A558E06-C5C9-4E8B-AB5E-2F72E461EFE5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => [Argument = scan upload] Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => [Argument = /d srrstr.dll,ExecuteScheduledSPPCreation] Task: {9B2759B6-A1D3-45EA-9E72-57BD3187D65A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => Task: {9EC9BF5E-8370-432C-B331-F251E08F4EFD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => [Argument = /RestartRecording] Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => Task: {A51A845B-A771-49B5-8336-1617796DB9E1} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => [Argument = -PvrRecoveryTask] Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => [Argument = aepdu.dll,AePduRunUpdate] Task: {A8B0D582-AA75-411F-8F47-9E0EDD3505B7} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => [Argument = /DoRecoveryTasks $(Arg0)] Task: {ABC3FC4B-BF3A-483B-8200-65B377DA4F37} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => [Argument = -MediaCenterRecoveryTask] Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => Task: {AD919FAD-E473-456F-9D06-B43B0C44C03E} - System32\Tasks\AdobeAAMUpdater-1.0-Medium-Przemek => [Argument = -mode=scheduled] Task: {AFBD30A1-540C-48FB-9FBC-B030E09101C2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => [Argument = $(Arg0)] Task: {B31D637D-1A74-490D-AAEE-5A67FE15209E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => [Argument = start osppsvc] Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => Task: {CA59BBA6-04A7-47E4-ADA6-C4E9D64A1489} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => [Argument = /wait:90 /PBDADiscovery] Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => [Argument = /offerraupdate] Task: {CC96EAAC-2A4A-4F10-ADB0-2D287D29039D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => [Argument = -PvrSchedule] Task: {CF7E2DAC-5701-4D75-8F44-D201BCE1B896} - System32\Tasks\Trojan Remover => Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => [Argument = -queuereporting] Task: {D6072CB6-BB43-4962-892A-DA6F1601BCC6} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => [Argument = -ObjectStoreRecoveryTask] Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => [Argument = /d acproxy.dll,PerformAutochkOperations] Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => [Argument = start sppsvc] Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => [Argument = bfe.dll,BfeOnServiceStartTypeChange] Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => [Argument = $(Arg0)] Task: {E6B18FBB-BC00-4726-8388-940AC11B5771} - System32\Tasks\LaCieS => Task: {E87FD760-D970-4A27-9C78-6C28E0E812F2} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => Task: {EAD3448A-8EE5-4635-8199-2C55124F97E9} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => [Argument = /DRMInit] Task: {EB02381F-D652-4B1C-894A-712498C62C51} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => [Argument = -energy -auto] (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2017-09-19 16:45 - 2017-09-19 16:45 - 012431360 _____ () C:\Windows\Microsoft.NET\authman\lua51.dll 2017-08-14 17:19 - 2017-08-14 17:19 - 000384512 _____ () C:\Windows\system32\igfxTray.exe ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-4224411601-1902314495-2284845242-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 - 192.168.0.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupreg: RtsFT => RTFTrack.exe ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{F8C5CCB6-59E0-4F8E-AD0C-500B3804EC25}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe FirewallRules: [{755B9740-9021-44B9-97A6-44B3A5902D54}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe FirewallRules: [{0A4BA46A-1190-4513-9B35-4A2345D32C8E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe FirewallRules: [{A7FBC8B9-5506-4D3D-8F04-57B554D92890}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe FirewallRules: [{CCB7A7F0-B2E0-4A39-BEED-D00E82A48AF3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe FirewallRules: [{5B13A0DF-F1CE-41F2-95CE-4C11036576B0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe FirewallRules: [{0D819DAC-4C7A-4BFD-9512-DE218FB7BCCC}] => (Allow) %ProgramFiles%\Adobe\Adobe Photoshop CC 2015\Photoshop.exe FirewallRules: [{FBB72095-CB9A-4A61-91BB-5594C7639D40}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{A5533113-8EAD-40C6-BD3A-C3B676266F88}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Punkty Przywracania systemu ========================= 19-09-2017 16:40:00 Instalator modułów systemu Windows 19-09-2017 16:48:59 Windows Defender Checkpoint 19-09-2017 17:48:55 Removed Online Application 19-09-2017 18:11:56 Windows Update 26-09-2017 18:38:05 Zaplanowany punkt kontrolny 01-10-2017 12:08:05 ComboFix created restore point ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (10/01/2017 08:06:26 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000. Error: (10/01/2017 08:06:26 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 0x800401F9 Error: (10/01/2017 03:41:08 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000. Error: (10/01/2017 03:41:08 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 0x800401F9 Error: (10/01/2017 12:22:59 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000. Error: (10/01/2017 12:22:59 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 0x800401F9 Error: (10/01/2017 12:20:29 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Nie można zainicjować indeksu. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (10/01/2017 12:20:29 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Nie można zainicjować aplikacji. Kontekst: aplikacja Windows Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (10/01/2017 12:20:29 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Nie można zainicjować obiektu programu zbierającego. Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (10/01/2017 12:20:29 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Nie można zainicjować dodatku typu plug-in w . Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Nie można odnaleźć elementu. (HRESULT : 0x80070490) (0x80070490) Dziennik System: ============= Error: (10/01/2017 09:21:35 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (10/01/2017 09:06:30 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (10/01/2017 08:51:21 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (10/01/2017 08:36:34 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (10/01/2017 08:21:22 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (10/01/2017 08:07:35 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (10/01/2017 08:06:22 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (10/01/2017 08:06:20 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (10/01/2017 08:06:16 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (10/01/2017 08:05:47 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. CodeIntegrity: =================================== Date: 2017-08-31 13:48:17.324 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2017-08-31 12:35:24.236 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2017-08-31 12:29:34.324 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2017-08-31 12:05:09.381 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2017-08-31 01:47:55.492 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2017-08-31 00:28:01.552 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2017-08-31 00:26:54.677 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2017-08-30 08:49:04.474 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2017-08-29 12:05:27.552 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2017-08-29 10:53:17.034 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz Procent pamięci w użyciu: 46% Całkowita pamięć fizyczna: 8110.94 MB Dostępna pamięć fizyczna: 4307.09 MB Całkowita pamięć wirtualna: 16220.07 MB Dostępna pamięć wirtualna: 13127.21 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:97.4 GB) (Free:35.5 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: (Przemek) (Fixed) (Total:126.07 GB) (Free:112.44 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 74E4A430) Partition 1: (Active) - (Size=97.4 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=126.1 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================