Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:07-05-2016 Uruchomiony przez dom (2016-05-07 13:34:36) Uruchomiony z C:\Users\dom\Desktop\frst Windows 7 Professional Service Pack 1 (X64) (2014-05-24 09:57:23) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3796836612-2775900645-2379586109-500 - Administrator - Disabled) dom (S-1-5-21-3796836612-2775900645-2379586109-1000 - Administrator - Enabled) => C:\Users\dom Gość (S-1-5-21-3796836612-2775900645-2379586109-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3796836612-2775900645-2379586109-1002 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) "Euro Truck Simulator 2" (HKLM-x32\...\{0460D4FD-B599-4653-8E04-AA589BF97BF1}_is1) (Version: 1.8.2.5s - ) µTorrent (HKU\S-1-5-21-3796836612-2775900645-2379586109-1000\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated) Adobe Flash Player 10 ActiveX (HKLM-x32\...\{922E8525-AC7E-4294-ACAA-43712D4423C0}) (Version: 10.0.22.87 - Adobe Systems, Inc.) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.) Ahead Nero Burning ROM (HKLM-x32\...\Nero - Burning Rom!UninstallKey) (Version: - ) Aktualizacje NVIDIA 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software) AVG (HKLM\...\AvgZen) (Version: 1.51.2.3593 - AVG Technologies) AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.32.2.3320 - AVG Technologies) AVG PC TuneUp (x32 Version: 16.32.5 - AVG Technologies) Hidden AVG Zen (Version: 1.51.58 - AVG Technologies) Hidden BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden Copy (x32 Version: 130.0.366.000 - Hewlett-Packard) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd) Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden DJ_AIO_06_F4500_SW_MIN (x32 Version: 130.0.406.000 - Hewlett-Packard) Hidden Dropbox (HKU\S-1-5-21-3796836612-2775900645-2379586109-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.) EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts) F4500 (x32 Version: 130.0.406.000 - Hewlett-Packard) Hidden FIFA 12 (HKLM-x32\...\{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}) (Version: 1.6.0.0 - Electronic Arts) FMW 1 (Version: 1.73.2 - AVG Technologies) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Deskjet F4500 Printer Driver Software 13.0 Rel .6 (HKLM\...\{7F08A772-2816-4F46-84F1-49578502AD28}) (Version: 13.0 - HP) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP) HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Need for Speed™ Hot Pursuit version 1.0.0.0 (HKLM-x32\...\Need for Speed™ Hot Pursuit_is1) (Version: 1.0.0.0 - GTX Box Team) Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts) Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation) OpenOffice 4.0.1 (HKLM-x32\...\{DA0106A3-216E-48DE-9CF6-655DA8FC1D22}) (Version: 4.01.9714 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.11.5.17432 - Electronic Arts, Inc.) Panel sterowania NVIDIA 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) qksee (HKLM-x32\...\qksee) (Version: - Taiwan Shui Mu Chih Ching Technology Limited) <==== UWAGA Real Boxing (HKLM-x32\...\Real Boxing_is1) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.) Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.1.0.9134 - Microsoft Corporation) Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.21.18.4608 - Enigma Software Group, LLC) Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH) TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{67847964-08E2-4A8F-B09D-B08D5CE69250}) (Version: - Microsoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN) WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden WERSJA DEMO FIFA 16 (HKLM-x32\...\{D09AD1AE-6AAC-45EB-B9F6-C1F223DD8481}) (Version: 1.0.0.0 - Electronic Arts) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinZip (HKLM-x32\...\WinZip) (Version: 2.0.29 - Winzipper Pvt Ltd.) <==== UWAGA WRC 5 FIA World Rally Championship wersja 1.0.2.0 (HKLM-x32\...\WRC 5 FIA World Rally Championship_is1) (Version: 1.0.2.0 - GTX Box Team) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3796836612-2775900645-2379586109-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\dom\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-3796836612-2775900645-2379586109-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\dom\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3796836612-2775900645-2379586109-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\dom\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3796836612-2775900645-2379586109-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\dom\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3796836612-2775900645-2379586109-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\dom\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0A4B075C-A744-4E9B-ABA1-067701898AB4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {0DFED3A3-CEEC-441D-B23F-A7A4CB1A9D24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {1743F810-1A9C-471B-B74D-CA9966785846} - System32\Tasks\jIxmRfRBrowserUpdateCore => C:\Program Files (x86)\jIxmRfR\jIxmRfR\bin\jIxmRfR_server.exe [2016-04-21] () <==== UWAGA Task: {35AEE0FA-202C-46DA-8B93-FA3B362B551E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) Task: {3D9F0A60-D7FC-4A9A-8C4F-F0C9BE9A6F4E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {4C8325B8-270A-4543-8D3B-B50A39DC191C} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-03-29] (AVG Technologies CZ, s.r.o.) Task: {59E97FAE-1437-4EA7-B3C3-353956F5BFE1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-09] (Adobe Systems Incorporated) Task: {7A58338A-42A6-4E31-B1BC-FE5D4DFCF8F6} - System32\Tasks\{78EF3320-0F40-4E0E-90D0-D8F74DD11686} => pcalua.exe -a "D:\DIVIX\Battlefield 3\Uninstall.exe" Task: {874CDD0C-7704-4038-81FB-0788337DF707} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-20] (AVAST Software) Task: {88E740C1-C0DF-487F-B8FE-F58DA3973EAB} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2016-05-06] (Enigma Software Group USA, LLC.) Task: {8BD9B5FB-3410-43D6-A994-F59A3E743512} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {999A0294-4B19-41DF-BFA9-6172C1059DE5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {99A884C8-FFB2-43E4-9583-FB07C0E42635} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software) Task: {BF64BA00-7BE6-4A0D-BAB3-9022CC73459F} - System32\Tasks\jIxmRfRBrowserUpdateUA => C:\Program Files (x86)\jIxmRfR\jIxmRfR\bin\jIxmRfR_server.exe [2016-04-21] () <==== UWAGA Task: {C56C7E10-6EB4-49AE-A3B6-0574F75276C7} - System32\Tasks\{1B431ECE-D3AB-4D8F-90E9-77EBB2811F6E} => pcalua.exe -a D:\sterowniki\Intel_RST_MB\iata_cd.exe -d D:\sterowniki\Intel_RST_MB Task: {CD413636-A128-4353-8B17-5E38313A3B34} - System32\Tasks\jIxmRfRCheckTask => C:\Program Files (x86)\jIxmRfR\jIxmRfR\bin\jIxmRfR_server.exe [2016-04-21] () <==== UWAGA Task: {E47FFE7E-6A6A-4DA5-9648-5793E5F8087A} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-24] (Microsoft Corporation) Task: {EB31AB58-2C5B-4592-829F-6C4954BDBC8D} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\QQBrowser\Update\F5EE5C1372915DBD060FB9D94DD04E0C\Update\BrowserUpdate.exe [2016-04-08] (Tencent) <==== UWAGA Task: {F30DE50F-6E5C-447C-B745-900EC9A2ADB7} - \WinTaske -> Brak pliku <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\dom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\jIxmRfR\jIxmRfR\chrome.exe () -> hxxp://www.yahoososo.com/?type=ll&uid=fa553e1b-adf4-43d8-a2fe-cc23380ad8ec ShortcutWithArgument: C:\Users\dom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://start.qone8.com/?type=sc&ts=1400942713&from=smt&uid=WDCXWD5000AZRX-00A8LB0_WD-WMC1U360611406114 ShortcutWithArgument: C:\Users\dom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://start.qone8.com/?type=sc&ts=1400942713&from=smt&uid=WDCXWD5000AZRX-00A8LB0_WD-WMC1U360611406114 ShortcutWithArgument: C:\Users\dom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\jIxmRfR\jIxmRfR\chrome.exe () -> hxxp://www.yahoososo.com/?type=ll&uid=fa553e1b-adf4-43d8-a2fe-cc23380ad8ec ShortcutWithArgument: C:\Users\dom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\jIxmRfR\jIxmRfR\chrome.exe () -> hxxp://www.yahoososo.com/?type=ll&uid=fa553e1b-adf4-43d8-a2fe-cc23380ad8ec ShortcutWithArgument: C:\Users\dom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\jIxmRfR\jIxmRfR\chrome.exe () -> hxxp://www.yahoososo.com/?type=ll&uid=fa553e1b-adf4-43d8-a2fe-cc23380ad8ec ShortcutWithArgument: C:\Users\dom\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Google Chrome.lnk -> C:\Program Files (x86)\jIxmRfR\jIxmRfR\chrome.exe () -> hxxp://www.yahoososo.com/?type=ll&uid=fa553e1b-adf4-43d8-a2fe-cc23380ad8ec ==================== Załadowane moduły (filtrowane) ============== 2014-05-24 12:51 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-07-20 16:27 - 2015-07-20 16:27 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-07-20 16:27 - 2015-07-20 16:27 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-05-07 10:22 - 2016-05-07 10:22 - 02892288 _____ () C:\Program Files\AVAST Software\Avast\defs\16050601\algo.dll 2016-05-07 13:21 - 2016-05-07 13:21 - 02892800 _____ () C:\Program Files\AVAST Software\Avast\defs\16050700\algo.dll 2015-07-20 16:27 - 2015-07-20 16:27 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-03-16 19:59 - 2016-04-08 14:55 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll 2014-05-24 12:23 - 2013-01-15 02:25 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2016-02-02 12:35 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3796836612-2775900645-2379586109-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\dom\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{0722F180-14CB-4C3A-89DB-D96B81AF5CD0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{EEE2246A-02F4-425E-A003-48B29D9C1538}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{2EDBE9B0-5233-4BA6-A28A-35B3B87E65A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{6495C9FB-3313-4FC8-854A-764DF1213D52}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{C8D2CB14-A61C-476C-BFFF-53F14BAA36A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{EB648503-D308-4775-A50D-406564E2B566}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{377A579C-DBD0-427D-BCE8-E2DB1ECABE96}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{6233EE61-8F47-4D5F-8F5C-9027285F796B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{C461ECE3-BA49-44C3-86A0-122AEE7E68BD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{4204969E-1F66-4115-9E6D-6F5E07EB52E3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{93B42285-B792-4684-986C-9F93E0345B96}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{EEE853B9-8E3F-4655-A6E3-AC467BC17945}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{EA2DCA9C-A2B5-4FEC-917F-E25A13103594}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{BA994679-C411-489D-A934-D2527B4386CC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{E86BDFDD-491B-4C28-8F47-14A18F9AF017}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{45114395-594B-4EE1-9DB7-EEB195D2CEC2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{8B084AC9-C318-439E-A7D0-4F161A894AB8}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe FirewallRules: [{87186124-699D-4DD9-A947-3FD5F2A4D0D6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{04A78B76-8B61-4481-A08B-A22D6E2984F0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{3243DC9E-5EAB-4C8B-94FC-888DB147A6B2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{41686738-D1A9-4377-B7DF-C2D95FEA3DD8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{62451606-F969-4951-BB16-C43336CC73B7}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{569F4F23-8A68-4C4A-9046-663C1C00AA2D}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [TCP Query User{2F82353D-8E10-46A7-8FAB-D4A31791012B}D:\divix\need for speed most wanted\nfs13.exe] => (Allow) D:\divix\need for speed most wanted\nfs13.exe FirewallRules: [UDP Query User{5D339483-D057-492C-A442-2940127E3347}D:\divix\need for speed most wanted\nfs13.exe] => (Allow) D:\divix\need for speed most wanted\nfs13.exe FirewallRules: [{AADE7F9A-2E47-4E51-8A94-7F32C69AD42B}] => (Allow) C:\Users\dom\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8F98EFCF-CDC2-4B9F-A05F-2CDC09F28277}] => (Allow) C:\Users\dom\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{02DE1E69-3B9B-4B6A-883B-E9E97A426485}C:\users\dom\appdata\local\apps\2.0\yz7djjq4.zha\32vmdvlo.n3m\laun...app_59711684aa47878d_0001.0023_dcb11edce2780610\launcher.exe] => (Block) C:\users\dom\appdata\local\apps\2.0\yz7djjq4.zha\32vmdvlo.n3m\laun...app_59711684aa47878d_0001.0023_dcb11edce2780610\launcher.exe FirewallRules: [UDP Query User{D4896D6B-B132-4043-87B9-3C900F1FC4AC}C:\users\dom\appdata\local\apps\2.0\yz7djjq4.zha\32vmdvlo.n3m\laun...app_59711684aa47878d_0001.0023_dcb11edce2780610\launcher.exe] => (Block) C:\users\dom\appdata\local\apps\2.0\yz7djjq4.zha\32vmdvlo.n3m\laun...app_59711684aa47878d_0001.0023_dcb11edce2780610\launcher.exe FirewallRules: [TCP Query User{92173E48-C2E9-400E-B191-BAD35C149ECF}D:\divix\enemy front\bin32\enemyfront.exe] => (Block) D:\divix\enemy front\bin32\enemyfront.exe FirewallRules: [UDP Query User{7BB5A045-E40D-4FF7-B673-FBC5602CEB5B}D:\divix\enemy front\bin32\enemyfront.exe] => (Block) D:\divix\enemy front\bin32\enemyfront.exe FirewallRules: [{1EB8210B-95D0-42A1-9348-E8EBD836A674}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{F8158D05-3D88-4AC2-B74E-AD382A2E2D1E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{3C0FA1E4-AC01-4D0C-9CBC-3A9616F9D416}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{91A2DFFC-7827-42B6-9BFA-06ED8B807740}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{78926CAA-B984-4660-969E-223656EB139E}D:\r.g. catalyst\call of duty black ops ii\t6sp.exe] => (Allow) D:\r.g. catalyst\call of duty black ops ii\t6sp.exe FirewallRules: [UDP Query User{50657CB4-B1EB-4C59-A3D8-94598964BCE8}D:\r.g. catalyst\call of duty black ops ii\t6sp.exe] => (Allow) D:\r.g. catalyst\call of duty black ops ii\t6sp.exe FirewallRules: [TCP Query User{4D9E8EC4-6435-488E-848E-5DA93888D0E5}D:\real boxing\binaries\win32\realboxing.exe] => (Allow) D:\real boxing\binaries\win32\realboxing.exe FirewallRules: [UDP Query User{10BD1EBA-4E80-4DB9-B43D-B1539731D4AC}D:\real boxing\binaries\win32\realboxing.exe] => (Allow) D:\real boxing\binaries\win32\realboxing.exe FirewallRules: [TCP Query User{1FDD3337-51B3-4918-A7E4-2B658D489F8B}D:\real boxing\binaries\win32\realboxing.exe] => (Allow) D:\real boxing\binaries\win32\realboxing.exe FirewallRules: [UDP Query User{23C6C02C-DC54-4BF2-927C-2396426D46CA}D:\real boxing\binaries\win32\realboxing.exe] => (Allow) D:\real boxing\binaries\win32\realboxing.exe FirewallRules: [TCP Query User{65807820-1DA6-4FD3-A97B-4859E1120E95}D:\r.g. catalyst\call of duty black ops ii\t6sp.exe] => (Block) D:\r.g. catalyst\call of duty black ops ii\t6sp.exe FirewallRules: [UDP Query User{B1E422E3-2570-4A87-BBA9-B57BF51E9D99}D:\r.g. catalyst\call of duty black ops ii\t6sp.exe] => (Block) D:\r.g. catalyst\call of duty black ops ii\t6sp.exe FirewallRules: [TCP Query User{9A8EA597-3C1B-4EBE-B970-FCD1B2A7D2F1}D:\divix\wolfenstein - the new order\wolfneworder_x64.exe] => (Allow) D:\divix\wolfenstein - the new order\wolfneworder_x64.exe FirewallRules: [UDP Query User{D050D668-0231-430E-A033-553C830EEE62}D:\divix\wolfenstein - the new order\wolfneworder_x64.exe] => (Allow) D:\divix\wolfenstein - the new order\wolfneworder_x64.exe FirewallRules: [TCP Query User{6970D4B4-6F65-43B1-B40A-AEB6E1FBD081}D:\divix\wolfenstein - the new order\wolfneworder_x64.exe] => (Block) D:\divix\wolfenstein - the new order\wolfneworder_x64.exe FirewallRules: [UDP Query User{207F210E-A976-4455-B616-5750209E3446}D:\divix\wolfenstein - the new order\wolfneworder_x64.exe] => (Block) D:\divix\wolfenstein - the new order\wolfneworder_x64.exe FirewallRules: [TCP Query User{11BAEAF0-2E0C-4391-AA87-1A88AD43AF89}D:\divix\transformers - rise of the dark spark\binaries\transgame.exe] => (Allow) D:\divix\transformers - rise of the dark spark\binaries\transgame.exe FirewallRules: [UDP Query User{7B841DBF-A92D-4ABB-B54F-4D97DCA535BE}D:\divix\transformers - rise of the dark spark\binaries\transgame.exe] => (Allow) D:\divix\transformers - rise of the dark spark\binaries\transgame.exe FirewallRules: [TCP Query User{FBB0C136-D097-4A0A-B21C-7A983A713EAF}D:\divix\transformers - rise of the dark spark\binaries\transgame.exe] => (Block) D:\divix\transformers - rise of the dark spark\binaries\transgame.exe FirewallRules: [UDP Query User{1EA942CA-367C-425E-99D2-8C81B6CBF42A}D:\divix\transformers - rise of the dark spark\binaries\transgame.exe] => (Block) D:\divix\transformers - rise of the dark spark\binaries\transgame.exe FirewallRules: [{38EFB054-699E-4B73-AF43-EAB451398A8D}] => (Allow) D:\DIVIX\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{E177BDF9-8C4A-452F-B801-673FF830FC54}] => (Allow) D:\DIVIX\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [TCP Query User{A81D555C-8DFC-4F1B-A2F7-06AA31D0DA2B}D:\divix\quantum of solace - the game\jb_liveengine_s.exe] => (Allow) D:\divix\quantum of solace - the game\jb_liveengine_s.exe FirewallRules: [UDP Query User{FF3C24B8-3100-4461-AB18-BD68BC455DBE}D:\divix\quantum of solace - the game\jb_liveengine_s.exe] => (Allow) D:\divix\quantum of solace - the game\jb_liveengine_s.exe FirewallRules: [TCP Query User{E2A79D4C-6A2F-490E-B321-3C8F7DB16BEA}D:\divix\wheelman\binaries\wheelman.exe] => (Allow) D:\divix\wheelman\binaries\wheelman.exe FirewallRules: [UDP Query User{BED2C5D9-20D1-4B1B-A822-090AAAD092D9}D:\divix\wheelman\binaries\wheelman.exe] => (Allow) D:\divix\wheelman\binaries\wheelman.exe FirewallRules: [TCP Query User{0F4F385F-6082-409B-A5B7-0912287AF351}D:\divix\wheelman\binaries\wheelman.exe] => (Block) D:\divix\wheelman\binaries\wheelman.exe FirewallRules: [UDP Query User{C6799F58-7EA5-4998-BC36-31B703E8D54D}D:\divix\wheelman\binaries\wheelman.exe] => (Block) D:\divix\wheelman\binaries\wheelman.exe FirewallRules: [TCP Query User{ECF0CCBE-8737-4F96-A5E6-0DDB22E62990}D:\divix\tom clancy`s ghost recon future soldier\future soldier dx11.exe] => (Allow) D:\divix\tom clancy`s ghost recon future soldier\future soldier dx11.exe FirewallRules: [UDP Query User{1EAA161C-3A70-45CD-931E-D5DB3B6D25E8}D:\divix\tom clancy`s ghost recon future soldier\future soldier dx11.exe] => (Allow) D:\divix\tom clancy`s ghost recon future soldier\future soldier dx11.exe FirewallRules: [TCP Query User{7D220D97-BD9F-4985-B32D-7FAA9C5C90BD}D:\divix\tom clancy`s ghost recon future soldier\future soldier dx11.exe] => (Block) D:\divix\tom clancy`s ghost recon future soldier\future soldier dx11.exe FirewallRules: [UDP Query User{D21D453E-0F78-4CB7-A321-8B734BE0FE49}D:\divix\tom clancy`s ghost recon future soldier\future soldier dx11.exe] => (Block) D:\divix\tom clancy`s ghost recon future soldier\future soldier dx11.exe FirewallRules: [TCP Query User{7EF21CF2-CE48-4E69-8A3D-D283FE691D35}D:\divix\london 2012 the official video game of the olympic games\london2012.exe] => (Allow) D:\divix\london 2012 the official video game of the olympic games\london2012.exe FirewallRules: [UDP Query User{1B06ACF6-A678-40C8-BBBA-52BB2DA35960}D:\divix\london 2012 the official video game of the olympic games\london2012.exe] => (Allow) D:\divix\london 2012 the official video game of the olympic games\london2012.exe FirewallRules: [TCP Query User{956810FE-6F70-4072-9D2E-48E50E4D3F58}D:\divix\london 2012. olympic games\london2012.exe] => (Allow) D:\divix\london 2012. olympic games\london2012.exe FirewallRules: [UDP Query User{E9A27F66-7CED-480A-A062-9F456FF44725}D:\divix\london 2012. olympic games\london2012.exe] => (Allow) D:\divix\london 2012. olympic games\london2012.exe FirewallRules: [TCP Query User{2621FF2C-8FFC-42D8-B045-9F2A2FD4D350}D:\divix\london 2012. olympic games\london2012.exe] => (Block) D:\divix\london 2012. olympic games\london2012.exe FirewallRules: [UDP Query User{D4FF49F2-3C1E-4DC0-9659-5A97BB1D0102}D:\divix\london 2012. olympic games\london2012.exe] => (Block) D:\divix\london 2012. olympic games\london2012.exe FirewallRules: [TCP Query User{5506B3AC-CC40-44F9-89C0-CCAD3EAC8369}D:\divix\tom clancy’s rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Block) D:\divix\tom clancy’s rainbow six vegas 2\binaries\r6vegas2_game.exe FirewallRules: [UDP Query User{DCD0BA1B-74B8-4483-88CF-DD7CC5A1E39D}D:\divix\tom clancy’s rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Block) D:\divix\tom clancy’s rainbow six vegas 2\binaries\r6vegas2_game.exe FirewallRules: [TCP Query User{29314DA3-AEBA-400D-9421-851C59428B98}D:\divix\tom clancy’s rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Block) D:\divix\tom clancy’s rainbow six vegas 2\binaries\r6vegas2_game.exe FirewallRules: [UDP Query User{D6B86259-DB0B-4564-98A0-087802C6B765}D:\divix\tom clancy’s rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Block) D:\divix\tom clancy’s rainbow six vegas 2\binaries\r6vegas2_game.exe FirewallRules: [TCP Query User{D6C0B2AE-1449-4C56-999A-95ECB8EE3EAA}D:\divix\soldier of fortune payback\sof3.exe] => (Block) D:\divix\soldier of fortune payback\sof3.exe FirewallRules: [UDP Query User{4F7F40A2-C0EE-4479-847E-EB2FCF3F433D}D:\divix\soldier of fortune payback\sof3.exe] => (Block) D:\divix\soldier of fortune payback\sof3.exe FirewallRules: [TCP Query User{23EC7CE3-D7ED-42B4-856B-1AEBF7DC2924}D:\divix\call of duty - black ops ii\t6sp.exe] => (Block) D:\divix\call of duty - black ops ii\t6sp.exe FirewallRules: [UDP Query User{C2E82086-80F0-47AD-8F70-983EAA617C9F}D:\divix\call of duty - black ops ii\t6sp.exe] => (Block) D:\divix\call of duty - black ops ii\t6sp.exe FirewallRules: [{7152F6FF-E6F6-4DB4-AE32-7924724683CC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{D8C8C7A4-4E60-49D7-AC5F-2955AD2E7DFE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{53ABB76D-3D30-44F2-83F4-3CB85247447D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{15D31B46-CE1C-4B47-BDBA-54F471FBB9A8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{935FD0D9-FFCF-4BA9-AC6B-0CBA50BF7117}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{14266B8C-1A86-49AB-B0E0-80D82246EF36}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{CE3FEFB6-CB6F-4D28-9CF0-58680E4943DC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{C7A2F143-4126-479C-9B7C-557C21D2E854}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{F6D85A4E-1CBC-427A-AC04-A2B089D3BDE5}D:\need for speed™ hot pursuit\nfs11.exe] => (Block) D:\need for speed™ hot pursuit\nfs11.exe FirewallRules: [UDP Query User{2327276D-C70F-4E52-8205-581265822BF1}D:\need for speed™ hot pursuit\nfs11.exe] => (Block) D:\need for speed™ hot pursuit\nfs11.exe FirewallRules: [TCP Query User{C0F1B9AA-6B35-406C-8CFD-87B2511D8876}D:\far cry 4\bin\farcry4.exe] => (Block) D:\far cry 4\bin\farcry4.exe FirewallRules: [UDP Query User{0487E6D3-59D6-4D66-99FC-D93DFF9A4ED4}D:\far cry 4\bin\farcry4.exe] => (Block) D:\far cry 4\bin\farcry4.exe FirewallRules: [{07DA92E5-1AB6-42ED-8C3D-F5161EA7EE8D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{C1BB4EE3-20B7-47A6-ABF7-D75DF6D972E8}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{49CA94C2-30C0-4751-B0A8-4F78C709FC14}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{A5087682-06CD-4966-8EF8-E3A2EF32BC45}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{7CC7D61A-36F1-49A2-AD1F-79BD8ADF5CFB}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{C6998DB4-C598-457D-A037-9AA16D4E6C1E}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 12\Game\fifa.exe FirewallRules: [{E6F9815A-FE40-4770-8458-244A6B321704}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 12\Game\fifa.exe FirewallRules: [TCP Query User{04472EA5-9301-4D2D-97FE-50D4E17D763D}C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe] => (Block) C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe FirewallRules: [UDP Query User{24BCE339-ACEA-4E17-BE15-31D57981F1D1}C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe] => (Block) C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe FirewallRules: [TCP Query User{74F3D8B2-3C21-43AE-B134-3BE8B7510BDB}C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe] => (Block) C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe FirewallRules: [UDP Query User{214CDAFD-20EB-4A07-93F6-59211C71751E}C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe] => (Block) C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe FirewallRules: [TCP Query User{D780D8FE-96E1-4235-92D2-631D7FB73B9E}D:\torrent\call of duty 1 and call of duty united offence\codmp.exe] => (Allow) D:\torrent\call of duty 1 and call of duty united offence\codmp.exe FirewallRules: [UDP Query User{BCA4353A-E285-47EE-A825-CCAA260D77E1}D:\torrent\call of duty 1 and call of duty united offence\codmp.exe] => (Allow) D:\torrent\call of duty 1 and call of duty united offence\codmp.exe FirewallRules: [{14F71527-4532-4FBE-B011-6C37F94A84C2}] => (Allow) C:\Program Files (x86)\GTX Box Team\WRC 5 FIA World Rally Championship\Launcher.exe FirewallRules: [{8786F5EB-CCF8-4B1A-A661-1E80159777A1}] => (Allow) C:\Program Files (x86)\GTX Box Team\WRC 5 FIA World Rally Championship\Launcher.exe FirewallRules: [{AE752784-560F-4827-A154-DD2844D6EC2B}] => (Allow) C:\Program Files (x86)\GTX Box Team\WRC 5 FIA World Rally Championship\WRC5.exe FirewallRules: [{B9B03EA0-AB07-41A8-B2AB-E2A693DB2360}] => (Allow) C:\Program Files (x86)\GTX Box Team\WRC 5 FIA World Rally Championship\WRC5.exe FirewallRules: [TCP Query User{70F70EA6-A816-4E5A-A908-990B8E39C637}C:\program files (x86)\gtx box team\wrc 5 fia world rally championship\wrc5.exe] => (Allow) C:\program files (x86)\gtx box team\wrc 5 fia world rally championship\wrc5.exe FirewallRules: [UDP Query User{FB9DD430-7125-460A-9F21-84278ACA9FF0}C:\program files (x86)\gtx box team\wrc 5 fia world rally championship\wrc5.exe] => (Allow) C:\program files (x86)\gtx box team\wrc 5 fia world rally championship\wrc5.exe FirewallRules: [{ADA829D3-0690-4774-8A5C-CF6DBA3F59DC}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15 DEMO\fifasetup\fifaconfig.exe FirewallRules: [{51224EC7-3A7D-448B-96C5-AF9759AA8E72}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15 DEMO\fifasetup\fifaconfig.exe FirewallRules: [{2A191300-13D6-4CB8-B121-FE694FF46C6A}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe FirewallRules: [{322096A8-4702-4F3C-ADA3-3A68B2BABD11}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe FirewallRules: [{881D3680-7999-4736-95A0-2F7C439E45E5}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16 DEMO\fifasetup\fifaconfig.exe FirewallRules: [{4BD41AAF-4A74-423A-BC98-BFD962D0B5CA}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16 DEMO\fifasetup\fifaconfig.exe FirewallRules: [{8E4B445C-784E-4FF4-AB7D-7EFAB086C3BC}] => (Allow) C:\Program Files (x86)\jIxmRfR\jIxmRfR\chrome.exe FirewallRules: [{CCA75702-8350-41E6-8BA1-3DB1EFCB030A}] => (Allow) C:\Program Files (x86)\jIxmRfR\jIxmRfR\bin\jIxmRfR_server.exe FirewallRules: [{7A40E390-F995-46E2-BCFC-B97B7C9584B3}] => (Allow) C:\ProgramData\jIxmRfR\protect\protect.exe FirewallRules: [{98BDE9F9-6154-473F-9020-B4075841895B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= 30-04-2016 15:30:46 avast! antivirus system restore point 30-04-2016 17:04:39 Windows Update 30-04-2016 20:13:45 Windows Update 01-05-2016 15:15:33 Windows Update 02-05-2016 15:15:36 Windows Update 02-05-2016 19:27:03 Windows Update 04-05-2016 19:37:34 Windows Update 06-05-2016 17:14:41 Windows Update 07-05-2016 11:38:36 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (05/07/2016 01:27:30 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418225 Error: (05/07/2016 01:22:37 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: Wystąpił błąd harmonogramu aktywacji licencji (sppuinotify.dll), kod błędu: 0x80070005 Error: (05/07/2016 01:17:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/07/2016 01:16:42 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (05/07/2016 10:46:55 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: Wystąpił błąd harmonogramu aktywacji licencji (sppuinotify.dll), kod błędu: 0x80070005 Error: (05/07/2016 10:22:02 AM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: Wystąpił błąd harmonogramu aktywacji licencji (sppuinotify.dll), kod błędu: 0x80070005 Error: (05/07/2016 10:20:20 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Skype.exe, wersja: 7.21.85.100, sygnatura czasowa: 0x56d60a29 Nazwa modułu powodującego błąd: Skype.exe, wersja: 7.21.85.100, sygnatura czasowa: 0x56d60a29 Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x00320065 Identyfikator procesu powodującego błąd: 0xef4 Godzina uruchomienia aplikacji powodującej błąd: 0xSkype.exe0 Ścieżka aplikacji powodującej błąd: Skype.exe1 Ścieżka modułu powodującego błąd: Skype.exe2 Identyfikator raportu: Skype.exe3 Error: (05/07/2016 10:17:18 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/07/2016 10:16:03 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (05/06/2016 04:48:26 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: Wystąpił błąd harmonogramu aktywacji licencji (sppuinotify.dll), kod błędu: 0x80070005 Dziennik System: ============= Error: (05/07/2016 01:22:37 PM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (05/07/2016 01:22:22 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Windows Update zawiesiła się podczas uruchamiania. Error: (05/07/2016 01:19:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Update Service(jIxmRfR_update) z powodu następującego błędu: %%216 Error: (05/07/2016 01:19:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Protect Service(jIxmRfR_protect) z powodu następującego błędu: %%216 Error: (05/07/2016 01:18:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error: (05/07/2016 01:18:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error: (05/07/2016 01:18:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Protokół rozpoznawania nazw równorzędnych zakończyła działanie; wystąpił następujący błąd: %%-2140993535 Error: (05/07/2016 01:18:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Grupowanie sieci równorzędnej zależy od usługi Protokół rozpoznawania nazw równorzędnych, której nie można uruchomić z powodu następującego błędu: %%-2140993535 Error: (05/07/2016 01:18:34 PM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 Error: (05/07/2016 01:18:34 PM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 CodeIntegrity: =================================== Date: 2016-02-02 11:34:48.753 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-02 11:34:48.706 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-02 11:34:48.644 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-02 11:34:48.581 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-09-11 18:15:30.637 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-09-11 18:15:30.591 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-09-11 18:15:30.544 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-09-11 18:15:30.497 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-07-24 17:56:34.217 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-07-24 17:56:34.170 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz Procent pamięci w użyciu: 49% Całkowita pamięć fizyczna: 4059.89 MB Dostępna pamięć fizyczna: 2046.07 MB Całkowita pamięć wirtualna: 8117.98 MB Dostępna pamięć wirtualna: 5826.18 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:171.72 GB) (Free:57.59 GB) NTFS Drive d: () (Fixed) (Total:293.94 GB) (Free:253.94 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 24150CFB) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=171.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=293.9 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================