Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:27-09-2015 Uruchomiony przez pawel.dziopa (2015-09-27 16:58:33) Uruchomiony z C:\Users\pawel.dziopa\Downloads\trjan Windows 7 Professional Service Pack 1 (X64) (2013-09-12 20:28:22) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-930231334-1107020953-2465206175-500 - Administrator - Disabled) Gość (S-1-5-21-930231334-1107020953-2465206175-501 - Limited - Disabled) x (S-1-5-21-930231334-1107020953-2465206175-1000 - Administrator - Enabled) => C:\Users\x ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET Endpoint Security 5.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Endpoint Security 5.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated) BlackBerry 10 Desktop Software (HKLM-x32\...\{ddaa6aab-c1ec-45ea-a8f2-a95d10f57295}) (Version: 1.1.0.21 - BlackBerry) BlackBerry Blend (x32 Version: 1.1.0.17 - BlackBerry Ltd.) Hidden BlackBerry Communication Drivers (x32 Version: 8.0.0.118 - BlackBerry Ltd.) Hidden BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.) BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden BlackBerry Device Drivers (x32 Version: 8.0.0.118 - BlackBerry Ltd.) Hidden BlackBerry Link (x32 Version: 1.2.4.27 - BlackBerry) Hidden BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform) Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.) Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.48.0 - Conexant) Configuration Manager Client (x32 Version: 4.00.6487.2000 - Microsoft Corporation) Hidden CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5119.52 - CyberLink Corp.) DataLoad (HKLM-x32\...\DataLoad) (Version: 5.4.1.0 - JD Stuart Ltd) dbNotowania 4 MAX (HKLM-x32\...\{674437BF-213A-4810-B7A8-22B10AF059FD}) (Version: 4.1.74.0 - Statica) ESET Endpoint Security (HKLM\...\{D46D6E91-6AAE-43F2-BAB4-569589D0C809}) (Version: 5.0.2229.1 - ESET, spol. s r.o.) Fiat eco:Drive (HKLM-x32\...\com.fiat.convergence.385E4263E7379A5D22A7076E99B02868EFF10711.1) (Version: 2.0.4 - Fiat Group Automobiles) Fiat eco:Drive (x32 Version: 2.0.4 - Fiat Group Automobiles) Hidden FileZilla Client 3.8.1 (HKU\S-1-5-21-123836412-2427045690-4114815500-2297\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse) foobar2000 v1.2.9 (HKLM-x32\...\foobar2000) (Version: 1.2.9 - Peter Pawlowski) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.0.429 - Foxit Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.) Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden HaoZip (HKLM\...\HaoZip_is1) (Version: 3.2.1.9263 - Ruichuang Network Technology Co.,Ltd) Integrated Camera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 5.13.430.3 - Vimicro) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{90F00673-A276-4A58-B675-B426D39D1E09}) (Version: 15.3.0.0398 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{A10B1524-63B5-40F2-B272-D841CF671C16}) (Version: 2.2.0.0266 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) Intel(R) WiDi (HKLM\...\{23D486D4-FBE0-40F3-A245-E4D56D094764}) (Version: 3.5.41.0 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) Java DB 10.3.1.4 (HKLM-x32\...\{CD49361E-3FE6-457E-90A1-9C59E29B5D02}) (Version: 10.3.1.4 - Sun Microsystems, Inc) Java(TM) SE Development Kit 6 Update 35 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160350}) (Version: 1.6.0.350 - Oracle) Java(TM) SE Development Kit 6 Update 7 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.) Komunikator WTW 0.9.14.3742 (HKLM\...\{1DF5019A-68B5-4ba1-8E59-E185C7B7FF11}) (Version: 0.9.14.3742 - K2T.eu) Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.02 - ) Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited) Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.03.13 - ) Lenovo Solution Center (HKLM\...\{E92E1FF1-B188-43FE-BECA-2248E227E67D}) (Version: 2.8.005.00 - Lenovo Group Limited) Lenovo Solutions for Small Business (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.0.32.7350 - Intel(R) Corporation) Lenovo Solutions for Small Business Customizations (HKLM-x32\...\{AFD7B869-3B70-40C7-8983-769256BA3BD2}) (Version: 2.0.0004.00 - Lenovo Group Limited) Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0008 - Lenovo) Lotus Notes 8.5.2 (Basic) pl (HKLM-x32\...\{DF63871A-FE22-4A08-9A38-55A3773B3AA2}) (Version: 8.52.10297 - IBM) Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office 2013 dla Użytkowników Domowych i Małych Firm - pl-pl (HKLM\...\HomeBusinessRetail - pl-pl) (Version: 15.0.4753.1003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team) Notowania OnLine 3 BM Alior Bank (HKLM-x32\...\Notowania OnLine 3 BM Alior Bank_is1) (Version: - COMARCH S.A.) Office 15 Click-to-Run Extensibility Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.42.20 - ) Oprogramowanie Intel® PROSet/Wireless WiFi (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation) Pakiet sterowników systemu Windows - Intel (iaStor) hdc (06/12/2012 11.1.5.1001) (HKLM\...\46121420FA2D792F90F1449A0ED0EB2746A379C9) (Version: 06/12/2012 11.1.5.1001 - Intel) Pakiet sterowników systemu Windows - Lenovo 1.66.00.22 (11/30/2012 1.66.00.22) (HKLM\...\16E722986C4293F5D6BF43595DFFD631398D5F21) (Version: 11/30/2012 1.66.00.22 - Lenovo) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.62.10 - Lenovo Group Limited) PowerDVD Create (HKLM-x32\...\InstallShield_{DE485075-8CD3-4A1E-9ABC-6412EBA44872}) (Version: 10.0 - CyberLink Corp.) PowerDVD Create 10 (x32 Version: 10.0.1.2704 - CyberLink Corp.) Hidden RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 1.0.5.11 - Lenovo) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek) Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.29052 - Realtek Semiconductor Corp.) Screenpresso (HKU\S-1-5-21-123836412-2427045690-4114815500-2297\...\Screenpresso) (Version: 1.5.6.0 - Learnpulse) SeoLight wersja 1.26 (HKLM-x32\...\{78609D6C-890F-41EA-B1E4-5D053965DD56}_is1) (Version: 1.26 - Complay) Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.38475 - TeamViewer) ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.34 - Synaptics Incorporated) ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.25.65 - Lenovo) ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.11 - Lenovo) ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.0.42.0 - Lenovo) TortoiseSVN 1.8.2.24708 (64 bit) (HKLM\...\{D0DC3918-460D-4229-811E-41F22D0CD7E9}) (Version: 1.8.24708 - TortoiseSVN) Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH) Tropico 4 1.02 (HKU\S-1-5-21-123836412-2427045690-4114815500-2297\...\Tropico 4) (Version: 1.02 - Kalypso Media) UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.0.962 - uvnc bvba) WaveEditor (x32 Version: 1.0.1.4514 - CyberLink Corp.) Hidden WinSCP 5.5.4 (HKLM-x32\...\winscp3_is1) (Version: 5.5.4 - Martin Prikryl) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-123836412-2427045690-4114815500-2297_Classes\CLSID\{51E7F170-5955-638A-ED52-B9FD401B18CE}\InprocServer32 -> Brak ścieżki do pliku ==================== Punkty Przywracania systemu ========================= 25-09-2015 10:59:32 Usunięto: ChomikBox 25-09-2015 11:01:48 Removed Lenovo Fingerprint Manager 25-09-2015 11:04:00 Removed Lenovo User Guide. 25-09-2015 11:04:19 Removed Lenovo Warranty Information. 25-09-2015 11:04:37 Removed Lenovo Welcome. 25-09-2015 14:02:08 Removed IIS Search Engine Optimization Toolkit 1.0 ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2015-03-13 13:58 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {12D3AC38-4D29-41AA-BD2E-3E4684C08570} - System32\Tasks\Intel(R) Small Business Advantage\Notifier => C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\SBA_Notifier.exe [2013-04-10] (Intel Corporation) Task: {1675A70A-38B5-4EE5-8C0E-01C7244E8ABE} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2015-08-17] (Lenovo) Task: {22E2538F-BCD0-46C0-91DC-4516F429F664} - System32\Tasks\{DE929FB8-B297-4F1D-8412-247A62B37DBF} => Chrome.exe http://ui.skype.com/ui/0/7.3.0.101/pl/abandoninstall?page=tsMain Task: {287451EE-7753-435B-B8BA-BA357C02CC8C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo) Task: {5A548C66-944F-4DC4-979F-F6FD877F8963} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation) Task: {5CF81640-F7E2-449D-87ED-935D6B6BF62A} - System32\Tasks\StartPowerDVDService => C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [2013-03-19] (CyberLink Corp.) Task: {6F1E81C9-8887-412A-95D5-246B2CA56669} - System32\Tasks\Intel\Intel Service Manager => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe Task: {880D2D46-490F-4711-9E39-F7EF0FDA33EE} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] () Task: {A8361C18-E94F-4F61-BAE1-2CF519B2345A} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-09-10] () Task: {D82272B3-AC69-492A-8D4A-C49FCDA4BE9D} - System32\Tasks\CLMLSvc => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2013-03-06] (CyberLink) Task: {E8CAD1C8-B999-48C3-B440-48F37CA5A1B9} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-17] () Task: {EBE651FE-DE78-4C48-8C09-EEA38046A30C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation) Task: {EFB5AD85-9910-4F4A-A991-C008C1D22D9F} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-17] (Lenovo) Task: {FF03B6D2-1BCF-4ECF-9ADE-A1A3BFFCB91B} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-17] (Lenovo) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Załadowane moduły (filtrowane) ============== 2014-03-20 09:18 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-08-27 23:00 - 2013-08-27 23:00 - 00075504 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll 2013-08-27 22:59 - 2013-08-27 22:59 - 00088304 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll 2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll 2013-07-17 03:41 - 2012-08-25 10:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-07-17 03:51 - 2013-08-01 06:02 - 00104448 _____ () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL 2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll 2013-07-17 03:53 - 2012-11-21 11:49 - 00033072 _____ () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll 2013-07-17 03:51 - 2011-08-02 20:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll 2013-07-17 03:51 - 2011-08-02 20:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll 2014-11-28 12:18 - 2014-11-28 12:18 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll 2013-03-06 21:49 - 2013-03-06 21:49 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2013-03-06 21:52 - 2013-03-06 21:52 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2015-09-27 16:26 - 2015-09-27 16:26 - 00098816 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\win32api.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00110080 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\pywintypes27.dll 2015-09-27 16:26 - 2015-09-27 16:26 - 00364544 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\pythoncom27.dll 2015-09-27 16:26 - 2015-09-27 16:26 - 00045568 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\_socket.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 01161216 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\_ssl.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00320512 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\win32com.shell.shell.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00713216 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\_hashlib.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 01176576 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\wx._core_.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00806400 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\wx._gdi_.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00816128 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\wx._windows_.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 01067008 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\wx._controls_.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00733184 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\wx._misc_.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00682496 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\pysqlite2._sqlite.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00087552 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\_ctypes.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00119808 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\win32file.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00108544 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\win32security.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00007168 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\hashobjs_ext.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00068096 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\usb_ext.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00167936 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\win32gui.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00018432 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\win32event.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00128512 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\_elementtree.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00127488 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\pyexpat.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00013824 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\common.time34.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00036864 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\_psutil_windows.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00038912 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\win32inet.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00011264 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\win32crypt.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00077312 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\wx._html2.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00027136 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\_multiprocessing.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00020480 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\_yappi.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00035840 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\win32process.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00686080 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\unicodedata.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00123392 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\wx._wizard.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00024064 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\win32pipe.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00010240 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\select.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00025600 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\win32pdh.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00525640 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\windows._lib_cacheinvalidation.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00017408 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\win32profile.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00022528 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\win32ts.pyd 2015-09-27 16:26 - 2015-09-27 16:26 - 00078848 _____ () C:\Users\PAWEL~1.DZI\AppData\Local\Temp\_MEI54642\wx._animate.pyd 2013-07-17 03:40 - 2012-07-18 20:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-123836412-2427045690-4114815500-2297\...\tzmo.torun -> hxxps://pap4.tzmo.torun ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-123836412-2427045690-4114815500-2297\Control Panel\Desktop\\Wallpaper -> C:\Users\pawel.dziopa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 - 10.10.8.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows - funkcja włączona. ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupfolder: C:^Users^pawel.dziopa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Wysyłanie do programu OneNote.lnk => C:\Windows\pss\Wysyłanie do programu OneNote.lnk.Startup MSCONFIG\startupreg: 331BigDog => "C:\Program Files (x86)\USB Camera\VM331STI.EXE" MSCONFIG\startupreg: AcWin7Hlpr => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe MSCONFIG\startupreg: ALLPlayer WiFi Remote => C:\Program Files (x86)\ALLPlayer Remote\ALLPlayerRemoteControl.exe MSCONFIG\startupreg: ALLUpdate => "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: BLEServicesCtrl => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: ForteConfig => C:\Program Files\Conexant\ForteConfig\fmapp.exe MSCONFIG\startupreg: GoogleChromeAutoLaunch_3B99D86D7C723769BD8E666828044265 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window MSCONFIG\startupreg: Lenovo App Shop => "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 MSCONFIG\startupreg: Lenovo Registration => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot MSCONFIG\startupreg: LENOVO.TPKNRRES => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe MSCONFIG\startupreg: RIM PeerManager => "C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe" MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe MSCONFIG\startupreg: TpShocks => TpShocks.exe ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{AE40B1EA-9B0D-413C-AB7F-D3DCF5675476}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{550A76D2-3EC2-467B-929D-95D1B5AD6E21}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{FC112230-8EC0-42CA-8C17-9962E7D26EE7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{56FD0E6F-0728-47EF-BD1D-000335B83604}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{5ABD3F90-ADA8-487F-B651-DA55E0E5932E}] => (Allow) LPort=5900 FirewallRules: [{C98625ED-D366-4D65-868C-6A910E743E00}] => (Allow) LPort=5800 FirewallRules: [{B7BE30FC-48E1-492C-B494-E0536AD2C1C3}] => (Allow) C:\Program Files\UltraVNC\vncviewer.exe FirewallRules: [{99A88C6A-BD6F-401B-AB36-8B9D1B7BB055}] => (Allow) C:\Program Files\UltraVNC\vncviewer.exe FirewallRules: [{468429E0-CF95-4640-8717-0DCD4D6BA8A8}] => (Allow) C:\Users\dserwis\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{4521E27E-EB47-47E6-9FB2-EDFCB4448FA5}] => (Allow) C:\Program Files\K2T\WTW\wtw.exe FirewallRules: [{19B9A75F-944D-42F2-B1D1-F22B43F39EAB}] => (Allow) C:\Program Files\K2T\WTW\wtw.exe FirewallRules: [{61C36150-B73B-48AC-8076-9F53CADD3C3F}] => (Allow) C:\Program Files\K2T\WTW\wtw.exe FirewallRules: [{49EFE53B-09CF-4022-92DC-4997E9897808}] => (Allow) C:\Program Files\K2T\WTW\wtw.exe FirewallRules: [{65F32159-692D-43E4-B1F9-4DD3F1ED22EA}] => (Allow) C:\Program Files\K2T\WTW\wtw.exe FirewallRules: [{DDCECA52-5A52-47C4-B47B-CA751C9E56BF}] => (Allow) C:\Program Files\K2T\WTW\wtw.exe FirewallRules: [{F2D2DEB7-D06C-44A3-B971-8402D16A1532}] => (Allow) LPort=80 FirewallRules: [{8FFF5DB9-3023-4CE9-A6AC-3E1C37D72C2F}] => (Allow) LPort=443 FirewallRules: [{3E55354A-BA22-402C-87ED-4C67D8ADBED7}] => (Allow) LPort=20010 FirewallRules: [{E867AC49-0049-4B02-A58E-35A9503E7138}] => (Allow) LPort=3478 FirewallRules: [{2431938D-CCBD-47F0-BACC-182F085ACA2B}] => (Allow) LPort=7850 FirewallRules: [{0AB3032E-19E2-4EFB-8886-581C7E42D274}] => (Allow) LPort=27022 FirewallRules: [{6F843C97-CAA4-4245-B597-F39401ED3397}] => (Allow) LPort=6881 FirewallRules: [{682015AD-8CE5-4D05-9B65-AC19FB877F07}] => (Allow) LPort=33333 FirewallRules: [{6DF1BBF2-3DCE-47AE-B519-AF6BDBBF3AC8}] => (Allow) LPort=20443 FirewallRules: [{7717019E-70C3-4FE7-9FEF-B7B96CE3BCC3}] => (Allow) LPort=8090 FirewallRules: [{5048CE60-AB60-49F6-8B1B-3E9FD593C39C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{A93FC228-0517-496E-A6CD-A3C51A8E877A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{48875866-3F3F-4042-A29C-63C2F33A4ADF}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{90BE58FB-12D6-4515-B97F-61B95879B532}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{427F8DEA-3681-45D8-8394-C86F364C5625}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe FirewallRules: [{A8A78501-44F4-48EB-A510-94A84FECB420}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe FirewallRules: [{D6779062-9626-44FA-8FFF-85363553A748}] => (Allow) LPort=4481 FirewallRules: [{6094598E-9AD9-409B-A3CF-E21955D9C993}] => (Allow) LPort=4481 FirewallRules: [{3E924201-6D4B-4DFF-A94F-12B2945AE75F}] => (Allow) LPort=4482 FirewallRules: [{49C6EB8B-F582-43C9-9E48-33F02DD1C74D}] => (Allow) LPort=4482 FirewallRules: [{4FD0B3BC-0658-4B62-B73C-1A2CFAFCD377}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E2C10ACA-BF95-4F28-9A1A-BD7966E37151}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{F63C7049-E7E6-442D-A8F3-6BA926A298D3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{2E5F3E75-B19C-4AE4-87CE-0701F40932AE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{D5FEDDD9-603C-45F9-B8E6-8A8407EAAD29}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{76A436EC-C250-43E1-867D-49F7E60BFD2D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{A992B7E0-6627-4FFD-968E-CA3D86D56D43}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{5B18E5E6-E81E-400C-9373-2644BA73CC71}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{4D464296-A80D-4F01-BE43-3C3C47AC4892}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe FirewallRules: [{B53EE4BE-96F5-44EB-89DF-3C7DEC5F95A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe FirewallRules: [TCP Query User{0B9E6591-8516-4349-B25D-52EEA1973A64}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [UDP Query User{C66FBA0C-F603-4D4A-894E-EF238D464BB4}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe FirewallRules: [{B8E8C6CE-9C61-4F0A-AE3C-64B1BC9C01B3}] => (Allow) tunmgr.exe FirewallRules: [{39AFB9C0-FBAC-4CAE-AF30-BE4480904A7E}] => (Allow) tunmgr.exe FirewallRules: [{3B4B4CA7-2403-4A94-9260-EF4F48D93541}] => (Allow) mDNSResponder.exe FirewallRules: [{E1F4FD67-BF61-4CD3-B586-6143526904B4}] => (Allow) mDNSResponder.exe FirewallRules: [{CCD2AB38-547F-4342-B922-2FB3445AA4EE}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe FirewallRules: [{1788AECA-670A-44AC-957B-9DB58C38557E}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe FirewallRules: [TCP Query User{1F0F319E-56C7-4BEB-914B-225F9267DDAA}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe FirewallRules: [UDP Query User{9A7D7546-77E7-4715-9C70-7090DF8BE53E}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe FirewallRules: [TCP Query User{8A9611BD-30D4-4B64-9A87-F56F3D9037CE}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe FirewallRules: [UDP Query User{452E4C11-312A-497F-A826-F6CD694CA4EF}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe FirewallRules: [TCP Query User{DEB040B0-5233-4CA4-9BEF-C03C9512A7CD}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe FirewallRules: [UDP Query User{69CCE920-E7AD-4B39-86EC-00D1FBC73F00}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe FirewallRules: [TCP Query User{0CBC87A4-5C14-4E09-A765-D5B0DC8388CB}D:\world_of_warships\wowslauncher.exe] => (Allow) D:\world_of_warships\wowslauncher.exe FirewallRules: [UDP Query User{63118D9D-D9C0-48A9-B819-E8441342A8F7}D:\world_of_warships\wowslauncher.exe] => (Allow) D:\world_of_warships\wowslauncher.exe FirewallRules: [TCP Query User{EBF9698B-6E1B-436F-B330-0A1FB24801C3}D:\world_of_warships\wowslauncher.exe] => (Allow) D:\world_of_warships\wowslauncher.exe FirewallRules: [UDP Query User{0DFB601F-75C3-4FAF-A3DB-B34572D08C03}D:\world_of_warships\wowslauncher.exe] => (Allow) D:\world_of_warships\wowslauncher.exe FirewallRules: [TCP Query User{031B365B-26B1-4FCD-819B-817B215A729E}C:\program files (x86)\java\jre1.8.0_60\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\jp2launcher.exe FirewallRules: [UDP Query User{30E9C410-8BD5-4F0A-AFFD-E2055C6621E0}C:\program files (x86)\java\jre1.8.0_60\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\jp2launcher.exe FirewallRules: [{23E646F3-FFBD-4E5F-AFDF-E5540E384173}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe FirewallRules: [{8C2B014C-57EA-40AA-A2C8-8C66F63A20DD}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe FirewallRules: [{F0E469AD-9CDF-43AE-A315-6112A9A3881A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Karta wirtualnego miniportu WiFi firmy Microsoft Description: Karta wirtualnego miniportu WiFi firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Microsoft Virtual WiFi Miniport Adapter #2 Description: Karta wirtualnego miniportu WiFi firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Cisco Systems VPN Adapter for 64-bit Windows Description: Cisco Systems VPN Adapter for 64-bit Windows Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: CVirtA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (09/27/2015 04:25:54 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/26/2015 07:38:14 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/26/2015 07:38:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: ZeroConfigService.exe, wersja: 15.3.0.0, sygnatura czasowa: 0x5036b2a4 Nazwa modułu powodującego błąd: MurocApi.dll, wersja: 15.3.0.0, sygnatura czasowa: 0x5036b1ea Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000020b2b Identyfikator procesu powodującego błąd: 0xf44 Godzina uruchomienia aplikacji powodującej błąd: 0xZeroConfigService.exe0 Ścieżka aplikacji powodującej błąd: ZeroConfigService.exe1 Ścieżka modułu powodującego błąd: ZeroConfigService.exe2 Identyfikator raportu: ZeroConfigService.exe3 Error: (09/26/2015 06:10:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: ZeroConfigService.exe, wersja: 15.3.0.0, sygnatura czasowa: 0x5036b2a4 Nazwa modułu powodującego błąd: MurocApi.dll, wersja: 15.3.0.0, sygnatura czasowa: 0x5036b1ea Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000020b2b Identyfikator procesu powodującego błąd: 0xc30 Godzina uruchomienia aplikacji powodującej błąd: 0xZeroConfigService.exe0 Ścieżka aplikacji powodującej błąd: ZeroConfigService.exe1 Ścieżka modułu powodującego błąd: ZeroConfigService.exe2 Identyfikator raportu: ZeroConfigService.exe3 Error: (09/26/2015 06:10:12 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/25/2015 02:09:15 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: Client application bug: DNSServiceResolve(2364fde1b312f482818190ef8eb354._tunnel._tcp.local.) active for over two minutes. This places considerable burden on the network. Error: (09/25/2015 02:09:15 PM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: Client application bug: DNSServiceResolve(1cb64f78433550252b9eaba33ec5e6._tunnel._tcp.local.) active for over two minutes. This places considerable burden on the network. Error: (09/25/2015 02:07:36 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Nie można zainicjować indeksu. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/25/2015 02:07:36 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Nie można zainicjować aplikacji. Kontekst: aplikacja Windows Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/25/2015 02:07:36 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Nie można zainicjować obiektu programu zbierającego. Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Dziennik System: ============= Error: (09/27/2015 04:28:53 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyUruchom{24FF4FDC-1D9F-4195-8C79-0DA39248FF48}{B292921D-AF50-400C-9B75-0C57A7F29BA1}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC) Error: (09/27/2015 04:26:51 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyUruchom{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC) Error: (09/27/2015 04:26:23 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyUruchom{1CCB96F4-B8AD-4B43-9688-B273F58E0910}{AD65A69D-3831-40D7-9629-9B0B50A93843}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC) Error: (09/27/2015 04:26:19 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: TZMOSA) Description: Przetwarzanie zasad grupy nie powiodło się z powodu braku łączności sieciowej z kontrolerem domeny. To może być stan przejściowy. Po połączeniu komputera z kontrolerem domeny i pomyślnym przetworzeniu zasad grupy powinien zostać wygenerowany komunikat o powodzeniu. Jeśli komunikat o powodzeniu nie zostanie wyświetlony w ciągu kilku godzin, skontaktuj się z administratorem. Error: (09/27/2015 04:25:25 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1055) (User: ZARZĄDZANIE NT) Description: Przetwarzanie zasad grupy nie powiodło się. System Windows nie mógł rozpoznać nazwy komputera. Może to być spowodowane jedną z następujących przyczyn: a) Problem z rozpoznawaniem nazw na bieżącym kontrolerze domeny. b) Opóźnienie replikacji usługi Active Directory (konto utworzone w innym kontrolerze domeny nie zostało jeszcze zreplikowane w bieżącym kontrolerze domeny). Error: (09/27/2015 04:25:23 PM) (Source: NETLOGON) (EventID: 5719) (User: ) Description: Ten komputer nie może skonfigurować zabezpieczonej sesji z kontrolerem domeny w domenie TZMOSA z następującego powodu: %%1311 To może powodować problemy z uwierzytelnianiem. Upewnij się, że ten komputer jest podłączony do sieci. Jeżeli problem się nie rozwiąże, skontaktuj się z administratorem domeny. INFORMACJE DODATKOWE Jeżeli ten komputer jest kontrolerem domeny dla określonej domeny, konfiguruje zabezpieczoną sesję z emulatorem podstawowego kontrolera domeny w określonej domenie. W przeciwnym przypadku komputer może skonfigurować zabezpieczoną sesję z dowolnym kontrolerem domeny w określonej domenie. Error: (09/26/2015 07:40:10 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyUruchom{24FF4FDC-1D9F-4195-8C79-0DA39248FF48}{B292921D-AF50-400C-9B75-0C57A7F29BA1}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC) Error: (09/26/2015 07:38:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) PROSet/Wireless Zero Configuration Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (09/26/2015 07:38:14 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyUruchom{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC) Error: (09/26/2015 07:37:17 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyUruchom{1CCB96F4-B8AD-4B43-9688-B273F58E0910}{AD65A69D-3831-40D7-9629-9B0B50A93843}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC) CodeIntegrity: =================================== Date: 2015-03-13 12:54:12.255 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-03-13 12:54:12.224 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz Procent pamięci w użyciu: 45% Całkowita pamięć fizyczna: 3661.68 MB Dostępna pamięć fizyczna: 2012.14 MB Całkowita pamięć wirtualna: 13321.56 MB Dostępna pamięć wirtualna: 11403.61 MB ==================== Dyski ================================ Drive c: (Windows7_OS) (Fixed) (Total:230.9 GB) (Free:167.22 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive d: (PRV) (Fixed) (Total:219.72 GB) (Free:43.6 GB) NTFS Drive e: (WMH DVD 74) (CDROM) (Total:5.86 GB) (Free:0 GB) UDF Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:1.91 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 86AB8275) Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=230.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=219.7 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================