REKLAMA

addition.txt

Zainfekowany komputer proszę o sprawdzenie logów frst

Witam, objawy powstały 08.05 Bardzo powolne działanie komputera, praktycznie brak możliwości korzystania z internetu. Comodo nie uruchamia się, mozilla tak samo. Na IE mam komunikat o nieważnym certyfikacie nawet przy wchodzeniu na google. (data poprawna). Nie da się przeinstalować Comodo ani Mozilli. FRST nie może zapisać plików logów na dysku (nawet zapisz jako, nie zapisuje plików na dysku). Musiałem skopiować tekst zaraz po skanowaniu.

Pobierz plik - link do postu

Rezultaty skanu uzupeÅ & #x201A;niajÄ & #x2026;cego Farbar Recovery Scan Tool (x86) Wersja: 08-05-2017
Uruchomiony przez Serwer (10-05-2017 15:40:17)
Uruchomiony z C:\Users\Serwer\Downloads
Windows 7 Home Premium Service Pack 1 (X86) (2012-03-03 20:25:01)
Tryb startu: Normal
==========================================================

==================== Konta uÅ¥ytkownikÃ³w: =============================

Administrator (S-1-5-21-2028680293-787590427-2810134661-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2028680293-787590427-2810134661-1037 - Limited - Enabled)
GoÅ & #x203A;Ä & #x2021; (S-1-5-21-2028680293-787590427-2810134661-501 - Limited - Enabled) = & gt; C:\Users\GoÅ & #x203A;Ä & #x2021;
HomeGroupUser$ (S-1-5-21-2028680293-787590427-2810134661-1004 - Limited - Enabled)
sa (S-1-5-21-2028680293-787590427-2810134661-1027 - Administrator - Enabled) = & gt; C:\Users\sa
Serwer (S-1-5-21-2028680293-787590427-2810134661-1000 - Administrator - Enabled) = & gt; C:\Users\Serwer

==================== Centrum zabezpieczeÅ & #x201E; ========================

(ZaÅ & #x201A;Ä & #x2026;czenie wejÅ & #x203A;cia w fixlist spowoduje jego usuniÄ & #x2122;cie.)

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko zaÅ & #x201A;Ä & #x2026;czanie programÃ³w adware z flagÄ & #x2026; " Hidden " w celu ich uwidocznienia. Programy adware powinny zostaÄ & #x2021; w poprawny sposÃ³b odinstalowane.)

Adobe Reader X (10.1.0) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
BILANS Gofin 2015 1.0.14.0 (HKLM\...\{BAD758AE-D816-49FD-94C5-828A60E5850E}) (Version: 1.0.14.0 - Wydawnictwo Podatkowe GOFIN sp. z o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
COMODO Internet Security Premium (HKLM\...\{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6}) (Version: 7.0.55655.4142 - COMODO Security Solutions Inc.)
CryptoCard Suite (HKLM\...\{cd66ccbb-c7a8-4845-9240-98f4892b88de}) (Version: 2.00.00034 - CryptoTech)
DRUKI Gofin 3.0.63.0 (HKLM\...\{DD40BC33-8180-42C2-B2A0-01CC3E91B96F}) (Version: 3.0.63.0 - Wydawnictwo Podatkowe GOFIN sp. z o.o.)
FAKTURY i Rachunki wersja 2.17 (HKLM\...\FAKTURY i Rachunki_is1) (Version: - )
fillUp Przyjazne formularze 3.5.9 (HKLM\...\{D4A8DDEF-CE67-4466-9A68-9C93D7322CEB}_is1) (Version: 3.5.9 - e-file sp. z o.o.)
GDR 4033 for SQL Server 2008 R2 (KB2977320) (HKLM\...\KB2977320) (Version: 10.52.4033.0 - Microsoft Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.33.5 - Google Inc.) Hidden
InsERT GT 1.47 SP1 HF1 (HKLM\...\{B1887B5C-E7E1-4D7A-A236-54E875C13CAB}) (Version: 1.47.10.1 - InsERT)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2279 - Intel Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.523.1 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{96327C3C-96BE-4C7A-A6F7-A71635E5949A}) (Version: 8.05.1054 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Command Line Utilities (HKLM\...\{5AA08D9F-3BE3-4A34-B53E-858A1895589E}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{54C78F26-C830-4FFC-AD4B-791B099A2C41}) (Version: 10.52.4033.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{DAB2D121-A8A3-4E92-A7E5-4319F928735F}) (Version: 10.52.4033.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{CEA86648-87FA-4775-8F3B-A57F720BAE85}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Management Studio Express (HKLM\...\{A4512736-8D63-4298-9271-5329931FA46B}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft WSE 3.0 (HKLM\...\{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}) (Version: 3.0.5305.0 - Microsoft Corporation)
Mozilla Firefox 53.0.2 (x86 pl) (HKLM\...\Mozilla Firefox 53.0.2 (x86 pl)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB97368 (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
OpenOffice.org 3.3 (HKLM\...\{EB87675F-5281-4767-A54B-31931794C23D}) (Version: 3.3.9567 - OpenOffice.org)
PÅ & #x201A;atnik 10.01.001 (HKLM\...\{05381030-963D-4779-BECA-0D7D49268EDB}) (Version: 10.01.001 - Asseco Poland S.A.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.)
Service Pack 2 for SQL Server 2008 R2 (KB263045 (HKLM\...\KB263045 (Version: 10.52.4000.0 - Microsoft Corporation)
SODiR Offline wersja 9.75 (HKLM\...\{70486E38-CDB8-49E4-A698-DA543A274009}_is1) (Version: 9.75 - PFRON)
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Synchronizator vendero (Version: 6.0.1003.0 - InsERT) Hidden
TeamViewer 12 (HKLM\...\TeamViewer) (Version: 12.0.77242 - TeamViewer)
TP-LINK USB Printer Controller (HKLM\...\{3EC900B5-28EE-4472-A9FF-B11A879EC838}) (Version: 1.12.0927 - TP-LINK)
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WRF (PÅ & #x201A;atnik) 1.03.002 (HKLM\...\{460BE803-88CF-4FD2-9082-2450A5959959}) (Version: 1.03.002 - Asseco Poland S.A.)
WRFKL 1.02.001 H (HKLM\...\{A98C53C1-D7D5-43FE-82F4-EACD66292004}) (Version: 1.02.001 H - Asseco Poland S.A.)
WRFSL 1.02.001 J (HKLM\...\{98A95680-71E0-4C6B-B3D0-384193FCA4F6}) (Version: 1.02.001 J - Asseco Poland S.A.)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(ZaÅ & #x201A;Ä & #x2026;czenie wejÅ & #x203A;cia w fixlist spowoduje jego usuniÄ & #x2122;cie z rejestru. PowiÄ & #x2026;zany plik nie zostanie przeniesiony, o ile nie zostanie zaÅ & #x201A;Ä & #x2026;czony z osobna.)

CustomCLSID: HKU\S-1-5-21-2028680293-787590427-2810134661-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 - & gt; Brak Å & #x203A;cieÅ¥ki do pliku
CustomCLSID: HKU\S-1-5-21-2028680293-787590427-2810134661-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 - & gt; Brak Å & #x203A;cieÅ¥ki do pliku
CustomCLSID: HKU\S-1-5-21-2028680293-787590427-2810134661-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 - & gt; Brak Å & #x203A;cieÅ¥ki do pliku
CustomCLSID: HKU\S-1-5-21-2028680293-787590427-2810134661-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 - & gt; Brak Å & #x203A;cieÅ¥ki do pliku
CustomCLSID: HKU\S-1-5-21-2028680293-787590427-2810134661-1000_Classes\CLSID\{72213061-C9BC-40BE-A916-A28F5FBA091E}\InprocServer32 - & gt; Brak Å & #x203A;cieÅ¥ki do pliku
CustomCLSID: HKU\S-1-5-21-2028680293-787590427-2810134661-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 - & gt; Brak Å & #x203A;cieÅ¥ki do pliku
CustomCLSID: HKU\S-1-5-21-2028680293-787590427-2810134661-1000_Classes\CLSID\{84465401-2886-4CE0-AF50-C0560226ED40}\InprocServer32 - & gt; Brak Å & #x203A;cieÅ¥ki do pliku
CustomCLSID: HKU\S-1-5-21-2028680293-787590427-2810134661-1000_Classes\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}\InprocServer32 - & gt; Brak Å & #x203A;cieÅ¥ki do pliku
CustomCLSID: HKU\S-1-5-21-2028680293-787590427-2810134661-1000_Classes\CLSID\{88D96A06-F192-11D4-A65F-0040963251E5}\InprocServer32 - & gt; Brak Å & #x203A;cieÅ¥ki do pliku
CustomCLSID: HKU\S-1-5-21-2028680293-787590427-2810134661-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 - & gt; Brak Å & #x203A;cieÅ¥ki do pliku
CustomCLSID: HKU\S-1-5-21-2028680293-787590427-2810134661-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 - & gt; Brak Å & #x203A;cieÅ¥ki do pliku
CustomCLSID: HKU\S-1-5-21-2028680293-787590427-2810134661-1000_Classes\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\InprocServer32 - & gt; Brak Å & #x203A;cieÅ¥ki do pliku
CustomCLSID: HKU\S-1-5-21-2028680293-787590427-2810134661-1000_Classes\CLSID\{C5621364-87CC-4731-8947-929CAE75323E}\InprocServer32 - & gt; Brak Å & #x203A;cieÅ¥ki do pliku
CustomCLSID: HKU\S-1-5-21-2028680293-787590427-2810134661-1000_Classes\CLSID\{E6D78900-BB40-4039-9C54-593A242B65DA}\InprocServer32 - & gt; Brak Å & #x203A;cieÅ¥ki do pliku

==================== Zaplanowane zadania (filtrowane) =============

(ZaÅ & #x201A;Ä & #x2026;czenie wejÅ & #x203A;cia w fixlist spowoduje jego usuniÄ & #x2122;cie z rejestru. PowiÄ & #x2026;zany plik nie zostanie przeniesiony, o ile nie zostanie zaÅ & #x201A;Ä & #x2026;czony z osobna.)

Task: {01AD4D49-17C3-458E-8BA6-97BFB3AD01E5} - System32\Tasks\GoogleUpdateTaskMachineCore = & gt; C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {030569E6-9011-430F-A838-2F36B6D7E1E4} - System32\Tasks\{49D738F0-15AC-4E9B-BE74-826FB266423E} = & gt; C:\Program Files\InsERT\InsERT GT\Rewizor.exe [2017-03-04] (InsERT S.A.)
Task: {2F0742DB-9911-40FF-8EE0-C2AF302FE7AA} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser = & gt; Rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {43F71193-D167-46D5-AD17-9F94B1937226} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} = & gt; C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-10-04] (COMODO)
Task: {46039A71-8448-492D-821E-408CA600ED5F} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} = & gt; C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-10-04] (COMODO)
Task: {5B012F6E-2F11-4F13-B42D-A80559A97B68} - System32\Tasks\GoogleUpdateTaskMachineUA = & gt; C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {621FD21C-488B-4A01-8FC2-8D53449B770D} - System32\Tasks\{C29C54B5-341C-46DF-8C04-7455E382BD7B} = & gt; C:\WFK\WM.EXE [2004-06-14] ()
Task: {684B8C8D-09FA-48A9-8CC4-FAF5A63ABE3F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B = & gt; schtasks
Task: {B6D99DBE-56ED-418D-9F7F-33932016E147} - System32\Tasks\{53FF9089-BE1F-418C-9659-D0EB3E8F2628} = & gt; C:\Program Files\InsERT\InsERT GT\Rewizor.exe [2017-03-04] (InsERT S.A.)
Task: {BB946516-DCAB-4E82-8917-7BCE6DDE14F8} - System32\Tasks\{8BA51B46-8745-481A-83EC-1517A085D48E} = & gt; C:\WFK\WM.EXE [2004-06-14] ()
Task: {C215F99B-DC83-4DDE-BFFB-DE93BFEFB781} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} = & gt; C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-10-04] (COMODO)
Task: {D4C47EB2-E746-4B05-B166-778F932E72FA} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} = & gt; C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-10-04] (COMODO)
Task: {DF0664CF-1A5A-4FA4-B764-AF55AF55B18F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} = & gt; C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-10-04] (COMODO)
Task: {F9CAA7EE-0399-4F51-B71A-00F53A4640D6} - System32\Tasks\CCleanerSkipUAC = & gt; C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)

(ZaÅ & #x201A;Ä & #x2026;czenie wejÅ & #x203A;cia w fixlist spowoduje przesuniÄ & #x2122;cie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\Windows\Tasks\Harmonogram archiwizacji podmiotu 'LEX_NOSTRA_SP__Z_O_O_'.job = & gt; C:\Program Files\InsERT\InsERT GT\Backup.exe

==================== SkrÃ³ty =============================

(Wybrane wejÅ & #x203A;cia mogÄ & #x2026; zostaÄ & #x2021; zaÅ & #x201A;Ä & #x2026;czone w celu ich zresetowania lub usuniÄ & #x2122;cia.)

==================== ZaÅ & #x201A;adowane moduÅ & #x201A;y (filtrowane) ==============

2012-03-03 18:54 - 2012-02-17 21:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2012-03-03 22:28 - 2011-01-07 10:57 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2012-05-08 16:26 - 2012-05-08 16:26 - 00524800 _____ () C:\Program Files\CryptoTech\CryptoCard\CCMonitor.exe
2015-07-17 19:34 - 2015-07-17 19:34 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll
2011-01-17 17:19 - 2012-03-03 18:26 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2017-04-04 09:05 - 2017-03-29 04:04 - 02187096 _____ () C:\Program Files\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-04-04 09:05 - 2017-03-29 04:04 - 00086360 _____ () C:\Program Files\Google\Chrome\Application\57.0.2987.133\libegl.dll

==================== Alternate Data Streams (filtrowane) =========

(ZaÅ & #x201A;Ä & #x2026;czenie wejÅ & #x203A;cia w fixlist spowoduje usuniÄ & #x2122;cie strumienia ADS.)

AlternateDataStreams: C:\Windows\system32\CCP11s.dllCmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CCP11s.x64.dllCmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CCP11s.x86.dllCmdTcID [64]
AlternateDataStreams: C:\Windows\system32\CCPkiP11.dllCmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pkcs11wrapper.dllCmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pkcs11wrapper.x64.dllCmdTcID [64]
AlternateDataStreams: C:\Windows\system32\pkcs11wrapper.x86.dllCmdTcID [64]
AlternateDataStreams: C:\Users\Serwer\Desktop\Generowanie nowego certyfikatu - PFRON - SYSTEM OBSÅUGI DOFINANSOWAÅ i REFUNDACJI.htmCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Desktop\TreÅ & #x203A;Ä & #x2021; orzeczenia V K 1915_12 - Portal OrzeczeÅ & #x201E; SÄ & #x2026;du Rejonowego dla WrocÅ & #x201A;awia-ÅrÃ³dmieÅ & #x203A;cia.htm IWONA.htmCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Desktop\Ustronie Morskie, Dom Wypoczynkowy Dworzysko.htmCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\000144899241 (1).pdfCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\000144899241.pdfCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\29291043_F_30045233_04_17_F.pdfCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\bilans-dla-jednostek-malych-wersja-i.gofinCmdTcID [64]
AlternateDataStreams: C:\Users\Serwer\Downloads\bilans-dla-jednostek-malych-wersja-i.gofinCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\cispremium_installer_6100_08.exeCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\DBC_zestawienie przelewÃ³w do Blue Bike od 01.07.2015 do 25.04.2017 (1).xlsCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\DBC_zestawienie przelewÃ³w do Blue Bike od 01.07.2015 do 25.04.2017.xlsCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\faktura-odwrotne-obciazenie (1).gofinCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\faktura-odwrotne-obciazenie (2).gofinCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\faktura-odwrotne-obciazenie.gofinCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\Firefox Setup 53.0.2.exeCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\Firefox Setup Stub 53.0.2.exeCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\FRST.exeCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\III_4-B__262_w_-_uk_322_ad_nerwowy.odtCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\paczka_2016_08 (1).zipCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\paczka_2016_08.zipCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\pk-polecenie-ksiegowania-10-pozycji.gofinCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\swiadectwo-pracy.gofinCmdTcID [64]
AlternateDataStreams: C:\Users\Serwer\Downloads\swiadectwo-pracy.gofinCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\TeamViewer_Setup.exeCmdZnID [26]
AlternateDataStreams: C:\Users\Serwer\Downloads\[pki@ex.com.pl-_dokumenty]_ALL.zipCmdZnID [26]

==================== Tryb awaryjny (filtrowane) ===================

(ZaÅ & #x201A;Ä & #x2026;czenie wejÅ & #x203A;cia w fixlist spowoduje jego usuniÄ & #x2122;cie z rejestru. WartoÅ & #x203A;Ä & #x2021; " AlternateShell " zostanie przywrÃ³cona.)

==================== PowiÄ & #x2026;zania plikÃ³w (filtrowane) ===============

(ZaÅ & #x201A;Ä & #x2026;czenie wejÅ & #x203A;cia w fixlist spowoduje usuniÄ & #x2122;cie obiektu z rejestru lub przywrÃ³cenie jego domyÅ & #x203A;lnej postaci.)

==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(ZaÅ & #x201A;Ä & #x2026;czenie wejÅ & #x203A;cia w fixlist spowoduje jego usuniÄ & #x2122;cie z rejestru.)

==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-2028680293-787590427-2810134661-1000\Control Panel\Desktop\\Wallpaper - & gt; C:\Users\Serwer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System = & gt; (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
mpsdrv = & gt; UsÅ & #x201A;uga " Zapora systemu Windows " nie jest uruchomiona.
MpsSvc = & gt; UsÅ & #x201A;uga " Zapora systemu Windows " nie jest uruchomiona.
bfe = & gt; UsÅ & #x201A;uga " Zapora systemu Windows " nie jest uruchomiona.

==================== MSCONFIG/TASK MANAGER - WyÅ & #x201A;Ä & #x2026;czone elementy ==

MSCONFIG\startupreg: cssys = & gt; C:\ProgramData\cssys.exe
MSCONFIG\startupreg: kernel module = & gt; " c:\programdata\kernel module\kernel module.exe "
MSCONFIG\startupreg: MS Word 2015 = & gt; " C:\ProgramData\MS Word 2015\3qwsi7mea19u.exe "
MSCONFIG\startupreg: NetWire = & gt; C:\Users\Serwer\AppData\Local\Temp\wyeygw9amy37qm.exe
MSCONFIG\startupreg: ntdll = & gt; " c:\programdata\ntdll\ntdll.exe "
MSCONFIG\startupreg: System = & gt; ã & #xA9;åæ½²ç & #x2030;§æ & #xB5;¡æ & #x2026; & #x201E;æ & #x2026;´æ
MSCONFIG\startupreg: windows process = & gt; " c:\programdata\windows process\windows process.exe "
MSCONFIG\startupreg: windows service = & gt; " c:\programdata\windows service\windows service.exe "
MSCONFIG\startupreg: windowsNT = & gt; " c:\programdata\windowsnt\windowsnt.exe "

==================== ReguÅ & #x201A;y Zapory systemu Windows (filtrowane) ===============

(ZaÅ & #x201A;Ä & #x2026;czenie wejÅ & #x203A;cia w fixlist spowoduje jego usuniÄ & #x2122;cie z rejestru. PowiÄ & #x2026;zany plik nie zostanie przeniesiony, o ile nie zostanie zaÅ & #x201A;Ä & #x2026;czony z osobna.)

FirewallRules: [{25397F0C-2E31-4A3F-BDDB-545F16F3291C}] = & gt; (Allow) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
FirewallRules: [{2ABA8BB2-0380-4BAB-A246-F203C2CD68C3}] = & gt; (Allow) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
FirewallRules: [{782488CB-2EA0-4245-97B1-7960E97EDC2E}] = & gt; (Allow) C:\Program Files\TP-LINK\USB Printer Controller\USB Printer Controller.exe
FirewallRules: [{63A52465-E21E-40F9-B031-6C9290C21948}] = & gt; (Allow) C:\Program Files\TP-LINK\USB Printer Controller\USB Printer Controller.exe
FirewallRules: [{3EFB07EC-17F7-4F7A-B697-34B79F63A591}] = & gt; (Allow) LPort=7437
FirewallRules: [TCP Query User{B6C85AB2-4BC0-41A5-9500-824AE14E378C}C:\program files\tp-link\usb printer controller\usb printer controller.exe] = & gt; (Block) C:\program files\tp-link\usb printer controller\usb printer controller.exe
FirewallRules: [UDP Query User{A3EC5FEC-55F9-47C5-925D-D3C62614BCEB}C:\program files\tp-link\usb printer controller\usb printer controller.exe] = & gt; (Block) C:\program files\tp-link\usb printer controller\usb printer controller.exe
FirewallRules: [{16A3B990-6EFB-4CE0-AB4B-35492992BA33}] = & gt; (Allow) LPort=1434
FirewallRules: [{09B202EC-3BB6-4879-B44E-855DAD4EDC39}] = & gt; (Allow) LPort=1434
FirewallRules: [{9A32CA75-D44D-4707-9163-497137389F57}] = & gt; (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{36206BFC-C7AB-435D-A096-B7AD030DD00E}] = & gt; (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Punkty Przywracania systemu =========================

Niepowodzenie przy listowaniu punktÃ³w przywracania
SprawdÅº usÅ & #x201A;ugÄ & #x2122; " winmgmt " lub napraw WMI.

==================== Wadliwe urzÄ & #x2026;dzenia w MenedÅ¥erze urzÄ & #x2026;dzeÅ & #x201E; =============

Niepowodzenie przy listowaniu urzÄ & #x2026;dzeÅ & #x201E;. SprawdÅº usÅ & #x201A;ugÄ & #x2122; " winmgmt " lub napraw WMI.

==================== BÅ & #x201A;Ä & #x2122;dy w Dzienniku zdarzeÅ & #x201E;: =========================

Niepowodzenie przy uruchamianiu usÅ & #x201A;ugi " eventlog " , nie moÅ¥na odczytaÄ & #x2021; zdarzeÅ & #x201E;.

Wyst¥pi b¥d systemu 123.

Nazwa pliku, nazwa katalogu lub skadnia etykiety woluminu jest niepoprawna.

==================== Statystyki pamiêci ===========================

Procesor: Intel(R) Pentium(R) CPU G840 @ 2.80GHz
Procent pamiêci w u¿yciu: 42%
Ca³kowita pamiêæ fizyczna: 3503.43 MB
Dostêpna pamiêæ fizyczna: 2003.53 MB
Ca³kowita pamiêæ wirtualna: 7005.17 MB
Dostêpna pamiêæ wirtualna: 5367.15 MB

==================== Dyski ================================

Drive c: () (Fixed) (Total:199.9 GB) (Free:74.8 GB) NTFS
Drive e: () (Removable) (Total:14.46 GB) (Free:14.45 GB) FAT32
Drive f: () (Fixed) (Total:265.76 GB) (Free:262.59 GB) NTFS
Drive z: () (Network) (Total:199.9 GB) (Free:74.8 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 465.8 GB) (Disk ID: FD50ED04)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=199.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=265.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 14.5 GB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.

==================== Koniec Addition.txt ============================