Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:12-12-2015 01 Uruchomiony przez Ewa (2015-12-13 12:51:50) Uruchomiony z C:\Users\Ewa\Downloads Windows 8.1 (X64) (2014-07-08 21:06:15) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2327504602-676731766-3640145769-500 - Administrator - Disabled) Ewa (S-1-5-21-2327504602-676731766-3640145769-1002 - Administrator - Enabled) => C:\Users\Ewa Gość (S-1-5-21-2327504602-676731766-3640145769-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2327504602-676731766-3640145769-1004 - Limited - Enabled) Jerzy (S-1-5-21-2327504602-676731766-3640145769-1005 - Limited - Enabled) => C:\Users\Jerzy UpdatusUser (S-1-5-21-2327504602-676731766-3640145769-1040 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-2327504602-676731766-3640145769-1002\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated) Adobe Reader 8.1.0 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated) Aktualizacje NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.8.42.71502 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 3.8.42.71502 - Alcor Micro Corp.) Hidden ALLConverter PRO 1.3 (HKLM-x32\...\{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1) (Version: - ALLCinema, Inc.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ArtistScope Plugin FX (HKLM-x32\...\ArtistScope Plugin FX) (Version: 4.7.2.2 - ArtistScope) ASUS RT-N10E Wireless Router Utilities (HKLM-x32\...\{580CA891-08DB-4B6F-B0C1-DF1D149671D7}) (Version: 4.2.3.5 - ASUS) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.4.2233 - AVAST Software) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.44.50 - Conexant) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.16 - Dolby Laboratories Inc) Dropbox (HKU\S-1-5-21-2327504602-676731766-3640145769-1002\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.20 - Lenovo) Energy Management (x32 Version: 8.0.2.20 - Lenovo) Hidden Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited) Foxtab (HKLM-x32\...\foxtab) (Version: - FoxTab) <==== UWAGA Galeria fotografii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) Google+ Auto Backup (HKLM-x32\...\{D4C4A751-F7F3-4DCA-B825-9AC391BFFC3F}) (Version: 1.0.19.76 - Google) Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3277 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.) Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7800 - Broadcom Corporation) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.167 - Realtek Semiconductor Corp.) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.10.2 - ELAN Microelectronic Corp.) Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4310.52 - CyberLink Corp.) Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.) Hidden Lenovo Solution Center (HKLM\...\{1E939186-B443-4262-A278-3C82949EA7AC}) (Version: 1.1.009.00 - Lenovo Group Limited) Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.) Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.5926 - Lenovo) MaturaRom - Biologia (HKLM-x32\...\{FB9E4364-AED8-4D4A-BBDF-70E772AD8C1E}) (Version: 1.10.0006 - YDP) MaturaRom2 - Chemia (HKLM-x32\...\{513735F3-BD67-4934-B29D-CAEC57B7B9DE}) (Version: 1.10.0006 - YDP SA) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-2327504602-676731766-3640145769-1002\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 42.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 pl)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) NVIDIA Oprogramowanie systemu PhysX 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA Sterownik graficzny 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation) Obsługa programów Apple (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) OpenOffice 4.1.1 (HKLM-x32\...\{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo) Pakiet sterowników systemu Windows - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.) Panel sterowania NVIDIA 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Podręcznik użytkownika (x32 Version: 1.0.0.9 - Lenovo) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.) Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.) SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.) The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts) UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2327504602-676731766-3640145769-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ewa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2327504602-676731766-3640145769-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Ewa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2327504602-676731766-3640145769-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ewa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2327504602-676731766-3640145769-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ewa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2327504602-676731766-3640145769-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ewa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2327504602-676731766-3640145769-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ewa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2327504602-676731766-3640145769-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ewa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2327504602-676731766-3640145769-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ewa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2327504602-676731766-3640145769-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ewa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2327504602-676731766-3640145769-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ewa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2327504602-676731766-3640145769-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Ewa\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) ==================== Punkty Przywracania systemu ========================= 15-11-2015 11:41:40 Windows Update 23-11-2015 22:56:47 Zaplanowany punkt kontrolny 03-12-2015 17:07:03 Zaplanowany punkt kontrolny 09-12-2015 23:28:48 Windows Update ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2012-07-26 06:26 - 2014-07-08 19:56 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {140914F1-0215-47FE-86F6-2DDA94AEBC6F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-09-17] (AVAST Software) Task: {1BFD7F35-B51C-4B45-AA12-EB5731A0D484} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\lsc.exe [2012-08-08] () Task: {274FE31F-3629-4321-A203-9D9D5B78C65A} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2012-08-08] () Task: {2EAB01EC-9C9E-4501-B3A8-EF8931E0E83B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {3B6BF931-C898-4CB0-B13B-AE85E5AC92D9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-04] (AVAST Software) Task: {4CA63102-C4A8-45B3-AC19-3E6DE5E5EAA6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {63AAD6E3-A9EF-4CA7-A643-02D10D35DD52} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-10] (Microsoft Corporation) Task: {6BC2108D-74A9-4CDC-9D48-C44715A76B1D} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink) Task: {834A0344-28D1-4FBC-BA56-963E3008AB6E} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2012-08-08] () Task: {DABEF629-817A-4521-B855-77953A073099} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2012-08-08] () Task: {ECBAC623-128D-4A22-9F2C-AEEC22DED856} - System32\Tasks\{0498070D-BAFC-4810-A897-941CA9DF4329} => pcalua.exe -a E:\setup.exe -d E:\ Task: {EDE3F314-82DA-4369-B7FD-FDB2816AB2C8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2012-08-08] (Lenovo) Task: {FA02ED9A-7689-44F5-84D4-04A8945D1467} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-08] (Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2327504602-676731766-3640145769-1002Core1d0c238a133989d.job => C:\Users\Ewa\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2327504602-676731766-3640145769-1002Core.job => C:\Users\Ewa\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Ewa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449841938&z=7667727bff88ece2d1a980cg0z7z0tdb7z7gdtazez&from=ient07021&uid=ST1000LM024XHN-M101MBB_S2U5J9CD163202 <==== UWAGA ShortcutWithArgument: C:\Users\Ewa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449841938&z=7667727bff88ece2d1a980cg0z7z0tdb7z7gdtazez&from=ient07021&uid=ST1000LM024XHN-M101MBB_S2U5J9CD163202 <==== UWAGA ShortcutWithArgument: C:\Users\Ewa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449841938&z=7667727bff88ece2d1a980cg0z7z0tdb7z7gdtazez&from=ient07021&uid=ST1000LM024XHN-M101MBB_S2U5J9CD163202 <==== UWAGA ShortcutWithArgument: C:\Users\Ewa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449841938&z=7667727bff88ece2d1a980cg0z7z0tdb7z7gdtazez&from=ient07021&uid=ST1000LM024XHN-M101MBB_S2U5J9CD163202 <==== UWAGA ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449841938&z=7667727bff88ece2d1a980cg0z7z0tdb7z7gdtazez&from=ient07021&uid=ST1000LM024XHN-M101MBB_S2U5J9CD163202 <==== UWAGA ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449841938&z=7667727bff88ece2d1a980cg0z7z0tdb7z7gdtazez&from=ient07021&uid=ST1000LM024XHN-M101MBB_S2U5J9CD163202 <==== UWAGA ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449841938&z=7667727bff88ece2d1a980cg0z7z0tdb7z7gdtazez&from=ient07021&uid=ST1000LM024XHN-M101MBB_S2U5J9CD163202 <==== UWAGA ==================== Załadowane moduły (filtrowane) ============== 2013-12-26 18:42 - 2013-12-26 18:42 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2013-08-19 15:03 - 2013-08-19 15:03 - 00049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll 2015-02-13 18:54 - 2015-02-13 18:53 - 00008192 _____ () C:\WINDOWS\SysWOW64\srvany.exe 2015-02-13 18:54 - 2015-02-13 18:53 - 00151552 _____ () C:\WINDOWS\KMService.exe 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2012-08-14 09:56 - 2012-08-03 17:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-09-17 22:51 - 2015-09-17 22:51 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-09-17 22:51 - 2015-09-17 22:51 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-12-12 21:40 - 2015-12-12 21:40 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15121202\algo.dll 2015-12-13 10:47 - 2015-12-13 10:47 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15121300\algo.dll 2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-07-08 22:32 - 2013-08-09 03:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-12-12 16:40 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\faulthandler.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd 2015-12-12 16:40 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\pywintypes27.dll 2015-12-12 16:40 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\_ctypes.pyd 2015-12-12 16:40 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\select.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\win32api.pyd 2015-12-12 16:40 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\pythoncom27.dll 2015-12-12 16:40 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd 2015-12-12 16:40 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\unicodedata.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\fastpath.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\win32event.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\mmapfile.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\win32security.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\win32file.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\win32pipe.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\win32process.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\win32gui.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\win32ts.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\win32clipboard.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\win32service.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\librsync.dll 2015-12-12 16:40 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\win32profile.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd 2015-12-12 16:40 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\_elementtree.pyd 2015-12-12 16:40 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\pyexpat.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\jpegtran.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\winxpgui.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL 2015-12-12 16:40 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd 2015-12-12 16:40 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\sip.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd 2015-12-12 16:40 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd 2015-10-20 11:47 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-10-20 11:47 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-10-20 11:47 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-10-20 11:47 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\Ewa\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2013-03-07 21:08 - 2012-07-12 13:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll 2013-03-07 21:08 - 2012-07-12 13:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll 2013-03-07 21:08 - 2012-07-12 13:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll 2013-03-07 21:08 - 2012-07-12 13:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll 2013-03-07 21:08 - 2012-07-12 13:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll 2013-03-07 21:08 - 2012-07-12 13:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll 2013-03-07 21:08 - 2012-07-12 13:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll 2013-03-07 21:08 - 2012-07-12 13:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll 2013-03-07 21:08 - 2012-07-12 13:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll 2013-03-07 21:08 - 2012-07-12 13:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll 2013-03-07 21:08 - 2012-07-12 13:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll 2013-03-07 21:08 - 2012-07-12 13:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll 2015-09-17 22:51 - 2015-09-17 22:51 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-12-10 08:39 - 2015-12-04 22:32 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\libglesv2.dll 2015-12-10 08:39 - 2015-12-04 22:32 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\libegl.dll 2015-12-10 08:39 - 2015-12-04 22:32 - 16573256 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2327504602-676731766-3640145769-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Ewa\Desktop\2015-04-29 00.35.10.jpg DNS Servers: 78.152.23.66 - 78.152.23.67 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "YouCam Tray" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "RemoteControl10" HKLM\...\StartupApproved\Run32: => "YouCam Mirage" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{1C426AF4-4DD4-4FAA-971C-AFE535561FC8}] => (Block) C:\program files (x86)\tp-link\usb printer controller\usb printer controller.exe FirewallRules: [{46673552-EDC2-4530-99E2-8CE066B84192}] => (Block) C:\program files (x86)\tp-link\usb printer controller\usb printer controller.exe FirewallRules: [UDP Query User{FFB79AD2-2C76-44F3-A907-4C1C56484315}C:\program files (x86)\tp-link\usb printer controller\usb printer controller.exe] => (Allow) C:\program files (x86)\tp-link\usb printer controller\usb printer controller.exe FirewallRules: [TCP Query User{072ABE90-F9CF-4DBE-98F6-BD43D64EEA53}C:\program files (x86)\tp-link\usb printer controller\usb printer controller.exe] => (Allow) C:\program files (x86)\tp-link\usb printer controller\usb printer controller.exe FirewallRules: [UDP Query User{CE9BD42F-E3B7-4DDD-9947-BAF9CFFA0906}C:\users\ewa\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ewa\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{F0658D1E-2EB4-43A1-A154-3D21D5DB8880}C:\users\ewa\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ewa\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{5E54B75A-2301-44B6-BBD8-832649F8B921}] => (Allow) C:\Users\Ewa\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{E04A2889-AFD3-4DDB-891C-A5A1215F6611}] => (Allow) C:\Users\Ewa\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{25D3E081-7EA3-4BF8-93DC-3A46313D8A55}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{8048283B-CCCB-4079-AEC9-0344FF582F78}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [UDP Query User{7B02B8E7-37C3-43B0-ABD4-DC03C3D7E6C4}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{F6B50D6D-81E2-4016-8D46-C62B54069B78}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{DE231E81-AB7D-45B7-AE5E-101A87AFF011}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\QISWizard.exe FirewallRules: [{A5975958-632A-4BEF-89DD-14EBB0BCC1D0}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\QISWizard.exe FirewallRules: [{39728FCD-64F3-4568-8ECF-B6995C4F4A97}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\LiveUpdate.exe FirewallRules: [{4607B6F9-E8CE-4D08-9BF2-09326FBE26A3}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\LiveUpdate.exe FirewallRules: [{5E35834F-1792-4311-A1F6-BEF63A27D11A}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Rescue.exe FirewallRules: [{160ACA8E-F2B5-4428-8044-2C9E8DB115B7}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Rescue.exe FirewallRules: [{92B78AE5-8347-469C-B48B-75CEDACCE5AB}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Discovery.exe FirewallRules: [{B2157D9A-4A59-4EB1-90BB-4CA7DC8BDB1E}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10E Wireless Router Utilities\Discovery.exe FirewallRules: [UDP Query User{CC837BC4-4B73-45CC-840C-FC4693E7C759}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe FirewallRules: [TCP Query User{8F275BBF-6DC9-4995-9F6E-D69DC9727896}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe FirewallRules: [{7FC81969-12F2-45E2-AC13-0ECA72B68617}] => (Allow) C:\Users\Ewa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B41E4860-852C-4A30-8A6B-AB64801AF25B}] => (Allow) C:\Users\Ewa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7A323767-3672-4D83-AFAC-8B9EEE4D0268}] => (Allow) C:\Users\Ewa\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{7126CBC7-0488-45AB-90EC-EBC23F3C1098}] => (Allow) C:\Users\Ewa\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [UDP Query User{D48E0848-9EB7-4E83-BDC7-6718C52E8CAB}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{C2A636D4-8219-4BE0-82F2-CCEEE6B69B9C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{AE9928EE-664C-491C-AD2A-B79E9375BF0D}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Allow) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe FirewallRules: [TCP Query User{BAC73F58-A215-49F0-8150-D6E446FCC4D7}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Allow) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe FirewallRules: [{CA88D2B5-6A5A-465A-B3A9-14D7F2E9E727}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{66712924-9FCD-4438-A60D-CC940E4EF96C}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{22CF5A58-FE15-450B-A4DE-00852B0ACEBA}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{A7B5162F-2650-4C1C-A617-F67D876B5E24}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{10D15A69-C042-4E1E-B7B6-83A939D7CBFE}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe FirewallRules: [{10E6A5CA-C02E-4DD7-97AA-9D4E66987084}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{7785E127-BC09-4656-A8BC-9A708672FCDC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{F8C4CA2A-4199-4F13-A36E-F55770620F9B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{D81132BE-36A8-417E-B5AC-2E3E180AED9A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{A6824CE2-E022-4F2F-BD93-5CA967EF18C7}] => (Allow) LPort=1900 FirewallRules: [{C4554751-A04F-470C-8F31-E3A430C8E224}] => (Allow) LPort=2869 FirewallRules: [{952FEEC1-FB82-4E35-980E-B908D92A378F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{1FCE7991-B028-4B1B-B2D0-04E89A4CDF7F}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{9F93D53C-599D-4788-A5E7-C510C20D76B3}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{44906DD3-734D-439E-AD4C-69834CC9F8E2}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE FirewallRules: [{51A6CF5C-6770-4676-8AFA-5C769E9FA4B9}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{04E89E36-B54C-49AA-88DF-DD029EAD2469}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{F0856A0E-C813-46CC-A691-287BE1502CA0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{3D6546B5-D7E0-42B9-98EF-40F6AFA86CE7}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe FirewallRules: [{3FA7D5C1-335D-4767-AD56-CF1C734D2DEB}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe FirewallRules: [{F6CA84A8-D56D-4D3E-9FF4-9E5D8247BE01}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe FirewallRules: [{5AD6C4CE-140D-428D-8E93-0937FA1A021E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7CF84107-0E4E-439E-8431-12A77C5328E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{58C1BFFC-B329-49D2-A0E0-8C4DB950E74D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{810C0C98-0550-4A27-AEDD-222C96A56C12}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{C21F63CB-31A2-4A9D-B940-C8262415750E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{04EF2D95-F2FD-4842-B328-8604F4A639DE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E6C4B214-FE3E-4F33-A6AF-305C58993B6C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/13/2015 12:29:58 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: ZARZĄDZANIE NT) Description: There was an error with the Windows Location Provider database Error: (12/13/2015 12:29:43 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program SpyHunter-installer.exe w wersji 1.0.298.372 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 4a0 Godzina rozpoczęcia: 01d135994e97ffd4 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Users\Ewa\Desktop\SpyHunter-installer.exe Identyfikator raportu: cd2832cb-a18c-11e5-befb-208984474759 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (12/12/2015 10:03:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 7594 Error: (12/12/2015 10:03:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 7594 Error: (12/12/2015 10:03:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/12/2015 10:03:32 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2594 Error: (12/12/2015 10:03:32 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2594 Error: (12/12/2015 10:03:32 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/12/2015 02:07:10 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 49484 Error: (12/12/2015 02:07:10 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 49484 Dziennik System: ============= Error: (12/13/2015 12:21:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa SSFK niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/13/2015 10:47:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi VBoxAsw Support Driver z powodu następującego błędu: %%2 Error: (12/13/2015 10:47:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Util Solution Real z powodu następującego błędu: %%2 Error: (12/13/2015 10:47:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Update Solution Real z powodu następującego błędu: %%2 Error: (12/12/2015 09:45:06 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa NVIDIA Update Service Daemon zawiesiła się podczas uruchamiania. Error: (12/12/2015 09:40:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi VBoxAsw Support Driver z powodu następującego błędu: %%2 Error: (12/12/2015 09:40:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Util Solution Real z powodu następującego błędu: %%2 Error: (12/12/2015 09:40:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Update Solution Real z powodu następującego błędu: %%2 Error: (12/10/2015 04:47:26 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa NVIDIA Update Service Daemon zawiesiła się podczas uruchamiania. Error: (12/10/2015 04:41:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi VBoxAsw Support Driver z powodu następującego błędu: %%2 CodeIntegrity: =================================== Date: 2015-09-18 01:36:20.688 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-18 01:35:57.123 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-18 01:35:42.105 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-18 01:35:39.054 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-18 01:35:37.917 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-18 01:35:36.544 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-18 01:35:35.374 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-18 01:35:34.652 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-18 01:35:33.408 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-18 01:35:32.423 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz Procent pamięci w użyciu: 29% Całkowita pamięć fizyczna: 8057.77 MB Dostępna pamięć fizyczna: 5717.34 MB Całkowita pamięć wirtualna: 9337.77 MB Dostępna pamięć wirtualna: 7144.03 MB ==================== Dyski ================================ Drive c: (Windows8_OS) (Fixed) (Total:883.74 GB) (Free:693.2 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.36 GB) NTFS Drive f: (KINGSTON) (Removable) (Total:7.31 GB) (Free:1.82 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: B7DA6FBF) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 7.3 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=7.3 GB) - (Type=0C) ==================== Koniec Addition.txt ============================