Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 10-07-2016 01 Uruchomiony przez Szymon (2016-07-13 14:51:56) Uruchomiony z C:\Users\Szymon\Desktop\FRST Windows 10 Home Wersja 1511 (X64) (2016-04-20 05:15:56) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2601524567-363776497-1936036780-500 - Administrator - Disabled) Gość (S-1-5-21-2601524567-363776497-1936036780-501 - Limited - Disabled) Konto domyślne (S-1-5-21-2601524567-363776497-1936036780-503 - Limited - Disabled) Szymon (S-1-5-21-2601524567-363776497-1936036780-1001 - Administrator - Enabled) => C:\Users\Szymon ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-2601524567-363776497-1936036780-1001\...\uTorrent) (Version: 3.4.8.42400 - BitTorrent Inc.) 360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 8.6.0.1140 - 360 Security Center) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems) Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.16) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1713, 27.04.2016 - AIMP DevTeam) Anki (HKLM-x32\...\Anki) (Version: - ) ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS) ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.1 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.11.0001 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0039 - ASUS) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.91 - ICEpower a/s) Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software) Bruker CMC-a 1.1 (HKLM-x32\...\Bruker CMC-a 1.1) (Version: 1.1 - Bruker BioSpin GmbH) Bruker Daltonics DataAnalysis 3.4 (HKLM-x32\...\{BDA1DA33-0192-1000-8123-00E081205B98}) (Version: 3.4.192 - Bruker Daltonik GmbH) Bruker FLEXlm 9.5.0.p1 (HKLM-x32\...\Bruker FLEXlm 9.5.0.p1) (Version: 9.5.0.p1 - Bruker BioSpin GmbH) Bruker NMR-Sim 5.4 (HKLM-x32\...\Bruker NMR-Sim 5.4) (Version: 5.4 - Bruker BioSpin GmbH) Bruker TopSpin 3.1 (HKLM-x32\...\Bruker TopSpin 3.1) (Version: 3.1 - Bruker BioSpin GmbH) CambridgeSoft ChemBioOffice 2014 (HKLM-x32\...\{9023F95E-737F-4343-BC57-B6217E3091CB}) (Version: 14.0 - CambridgeSoft Corporation) CambridgeSoft ChemScript 14.0 (HKLM-x32\...\{6053D436-AF21-4D67-A458-04C2B969A865}) (Version: 14.0 - CambridgeSoft Corporation) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0154 - Disc Soft Ltd) Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.) Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.39.1 - Dropbox, Inc.) Hidden Gaming Assistant (HKLM-x32\...\{C27B0A7C-BD18-46EF-984A-CCD2799F4CD4}) (Version: 1.0.2 - ASUS) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.106 - Google Inc.) Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.) Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden HuaweiUpdateExtractor (HKLM-x32\...\{DA8738CA-93A6-4910-A264-53DF7686F397}) (Version: 0.9.9.3 - worstenbrood) Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation) Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10602.174 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4256 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Mercury (HKLM-x32\...\Mercury 3.7) (Version: 3.7 - CCDC) MestReNova LITE 5.2.5-5780 (HKLM-x32\...\MestReNova LITE) (Version: 5.2.5-5780 - Mestrelab Research S.L.) Microsoft Office Professional Plus 2016 - pl-pl (HKLM\...\ProPlusRetail - pl-pl) (Version: 16.0.7070.2022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) NVIDIA Graphics Driver 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7030.1012 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7030.1012 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7030.1012 - Microsoft Corporation) Hidden Olex2-1.2 (HKLM-x32\...\olex2-1.2.exe) (Version: - OlexSys) Panel sterowania NVIDIA 353.84 (Version: 353.84 - NVIDIA Corporation) Hidden PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.2 - Qualcomm Atheros) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.) Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-2601524567-363776497-1936036780-1001\...\Spotify) (Version: 1.0.29.92.g67727800 - Spotify AB) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer) Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH) Uninstall WinGX (HKLM-x32\...\WinGX_is1) (Version: 2014.1 - Louis Farrugia, University of Glasgow) Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent) Windows Driver Package - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS) Windows Script V5.6 Documentation (HKLM-x32\...\Scriptdoc) (Version: - ) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS) WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) wsearch32 (HKLM-x32\...\{8E39073D-1D7D-4D6E-A9A8-235975E8E226}) (Version: 1.06.2005 - Wsearch Software) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2601524567-363776497-1936036780-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Szymon\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {09E8E859-A392-4BF7-830C-F0F7B4F3D6FD} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-szumi17@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated) Task: {10248758-8E6D-4221-BE07-6D292DA0C505} - System32\Tasks\ceQeekgCheckTask => C:\Program Files (x86)\ceQeekg\ceQeekg\bin\ceQeekg_server.exe [2016-04-28] () <==== UWAGA Task: {153023CB-809B-4D9F-9665-3116813544B0} - System32\Tasks\Ariqockatidge Agent => Rundll32.exe "C:\Program Files (x86)\Ariqockatidge\AriqockatidgeAgn.dll",w <==== UWAGA Task: {1D576A87-12B3-444D-966D-2C7E1B808494} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-23] (Microsoft Corporation) Task: {25CC91E3-C0C3-43CF-8CEF-5215FFC459C6} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-06-09] (ASUS) Task: {278E6D1F-9B79-4255-8D6B-3826070B3E77} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-04-20] (AVAST Software) Task: {27E769F1-FDDA-4955-A046-3317B24CD130} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-06-24] (Microsoft Corporation) Task: {297519E9-73D1-47DE-89C4-0B5D161F9BC2} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-06-30] (AsusTek) Task: {2CD80B19-1AF0-45D6-97D7-E40D9B73E035} - System32\Tasks\ceQeekgBrowserUpdateUA => C:\Program Files (x86)\ceQeekg\ceQeekg\bin\ceQeekg_server.exe [2016-04-28] () <==== UWAGA Task: {32AB846E-6D79-4FA8-9C87-D05181117E60} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {35D7972E-A4F2-4A52-979F-C0122BA5BF51} - System32\Tasks\{9902414B-C298-4DD2-B046-D346A5F789EE} => Chrome.exe hxxp://ui.skype.com/ui/0/7.21.0.100/pl/abandoninstall?source=lightinstaller&page=tsInstall Task: {4C2F8374-1523-4450-9BE8-4C68AFFB5B3C} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.) Task: {547E1716-2ED6-4B83-9E29-4BE637BC6730} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-13] (Adobe Systems Incorporated) Task: {5A184D2F-A4F0-47E8-8C95-75220DB481BD} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-20] (Dropbox, Inc.) Task: {67F32AA4-08CB-4C5C-AF54-EE0FFA01CE0F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-23] (Microsoft Corporation) Task: {7466DE2C-F0A5-4842-AA0E-4799AB58CE91} - System32\Tasks\ceQeekgBrowserUpdateCore => C:\Program Files (x86)\ceQeekg\ceQeekg\bin\ceQeekg_server.exe [2016-04-28] () <==== UWAGA Task: {763D07A6-6656-47BD-A258-3DE8EC7C6EFB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-20] (Google Inc.) Task: {85125B58-1B09-419A-B299-01373DEC6E39} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-20] (Dropbox, Inc.) Task: {8D9DA4E3-E945-4864-A0E7-E7586D4BD0C0} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {9EAF6F56-BEA6-4C28-9A0A-FA5240907CE7} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {A4EC2853-6847-4173-89C0-14627AB345D8} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.) Task: {AF7E7051-3CE0-41A5-B41C-4932AF0F5638} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.) Task: {BA158323-28A9-4193-B23C-B2DE1D2DC2E4} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.) Task: {C488251E-3407-4EEE-A3A2-CF863BAFB409} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-30] (Realtek Semiconductor) Task: {CC56B873-6337-4430-A8B9-36016C867CF2} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-07-30] (Realtek Semiconductor) Task: {CC5B9619-344E-4695-A651-A406453C406C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-06-24] (Microsoft Corporation) Task: {E471E181-665F-43C4-981B-87A7D9A93E40} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {F4C2BE87-9FE5-447E-A1C0-419B362911B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-20] (Google Inc.) Task: {F635D068-2736-4823-864B-269F86091D64} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-20 05:34 - 2015-08-07 19:18 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-05-24 11:42 - 2016-05-24 11:42 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe 2016-06-07 09:51 - 1996-08-31 00:00 - 00013312 _____ () C:\flexlm\Bruker\srvany.exe 2016-06-07 09:51 - 2009-01-30 14:48 - 00966656 _____ () c:\flexlm\Bruker\bruker_ls.exe 2016-07-12 20:58 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-07-12 20:58 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-05-18 20:40 - 2016-05-18 20:40 - 00959168 _____ () C:\Users\Szymon\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-04-20 23:54 - 2016-04-20 23:55 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-02-13 19:32 - 2016-02-13 19:32 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-12 21:00 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-08-14 03:30 - 2015-07-30 05:13 - 00405432 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-07-12 20:58 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-07-12 20:58 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-07-12 20:58 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-07-12 20:58 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-06-25 15:14 - 2016-06-23 15:26 - 02336584 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\libglesv2.dll 2016-06-25 15:14 - 2016-06-23 15:25 - 00107336 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\libegl.dll 2016-04-28 14:11 - 2016-04-28 11:22 - 00303000 _____ () C:\ProgramData\ceQeekg\protect\protect.exe 2016-06-03 01:00 - 2016-06-03 01:01 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-06-03 01:00 - 2016-06-03 01:01 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-06-03 01:00 - 2016-06-03 01:01 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2016-04-20 19:20 - 2016-04-20 19:22 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2016-05-30 19:41 - 2016-06-29 05:21 - 00098736 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll 2015-06-09 21:25 - 2015-06-09 21:25 - 00035376 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2015-06-09 21:25 - 2015-06-09 21:25 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2016-04-20 23:54 - 2016-04-20 23:55 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-20 23:54 - 2016-04-20 23:55 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-09-19 00:48 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-05-18 20:39 - 2016-05-18 20:39 - 00679624 _____ () C:\Users\Szymon\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll 2016-04-20 08:06 - 2016-06-07 03:58 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2016-07-12 00:27 - 2016-06-07 03:58 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2016-07-12 00:27 - 2016-06-07 03:59 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2016-07-12 00:27 - 2016-06-07 03:58 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2016-04-20 08:06 - 2016-06-07 03:58 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2016-04-20 08:06 - 2016-06-07 03:58 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2016-04-20 08:06 - 2016-07-05 20:00 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2016-04-20 08:06 - 2016-06-07 04:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2016-07-12 00:27 - 2016-06-07 03:58 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2016-04-20 08:06 - 2016-07-05 20:00 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2016-04-20 08:06 - 2016-06-07 03:58 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2016-07-12 00:27 - 2016-07-05 19:59 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-04-20 08:06 - 2016-06-07 03:59 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2016-07-12 00:27 - 2016-07-05 19:59 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2016-07-12 00:27 - 2016-07-05 19:59 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2016-04-20 08:06 - 2016-07-05 20:00 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2016-07-12 00:27 - 2016-07-05 20:00 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2016-07-12 00:27 - 2016-07-05 20:00 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2016-07-12 00:27 - 2016-06-07 04:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2016-04-20 08:06 - 2016-06-07 04:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2016-04-20 08:06 - 2016-06-07 04:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2016-04-20 08:06 - 2016-06-07 04:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-04-20 08:06 - 2016-07-05 20:00 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd 2016-04-20 08:06 - 2016-06-07 04:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2016-04-20 08:06 - 2016-06-07 04:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2016-04-20 08:06 - 2016-06-07 04:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2016-04-20 08:06 - 2016-06-07 04:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2016-04-20 08:06 - 2016-06-07 04:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-04-20 08:06 - 2016-07-05 20:00 - 00023872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd 2016-07-12 00:27 - 2016-07-05 20:00 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-04-20 08:06 - 2016-06-07 04:00 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2016-04-20 08:06 - 2016-06-07 04:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2016-07-12 00:27 - 2016-07-05 19:59 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2016-04-20 08:06 - 2016-06-07 04:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2016-04-20 08:06 - 2016-07-05 20:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-04-20 08:06 - 2016-07-05 20:00 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd 2016-04-20 08:06 - 2016-07-05 20:00 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd 2016-04-20 08:06 - 2016-06-07 03:58 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd 2016-07-12 00:27 - 2016-06-07 03:59 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd 2016-07-12 00:27 - 2016-07-05 19:59 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2016-04-20 08:06 - 2016-07-05 20:00 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2016-04-20 08:06 - 2016-06-07 04:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2016-04-20 08:06 - 2016-07-05 20:00 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2016-07-12 00:27 - 2016-07-05 20:00 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2016-07-12 00:27 - 2016-06-07 04:01 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2016-07-12 00:27 - 2016-07-05 20:00 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2016-07-12 00:27 - 2016-03-12 02:46 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2016-07-12 00:27 - 2016-07-05 20:00 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2016-07-12 00:27 - 2016-07-05 20:00 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2016-04-20 08:06 - 2016-06-07 03:59 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2016-07-12 00:27 - 2016-07-05 20:00 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2016-07-12 00:27 - 2016-07-05 20:00 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2016-07-12 00:27 - 2016-07-05 20:00 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2016-07-12 00:27 - 2016-07-05 20:00 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2016-07-12 00:27 - 2016-07-05 20:00 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2016-07-12 00:27 - 2016-07-05 20:00 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-04-20 08:06 - 2016-06-07 04:00 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2016-04-20 08:06 - 2016-07-05 20:00 - 00025928 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2016-04-20 08:06 - 2016-07-05 20:00 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2016-07-12 00:27 - 2016-07-05 20:00 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2016-07-12 00:27 - 2016-07-05 20:00 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2016-05-30 19:41 - 2016-06-29 05:21 - 00519080 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll 2012-09-23 20:44 - 2012-09-23 20:44 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\pl_pl\acrotray.pol 2015-06-24 02:07 - 2015-06-24 02:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll 2016-04-29 06:52 - 2016-06-06 19:17 - 47503472 _____ () C:\Users\Szymon\AppData\Roaming\Spotify\libcef.dll 2016-04-29 06:52 - 2016-06-06 19:17 - 01584240 _____ () C:\Users\Szymon\AppData\Roaming\Spotify\libglesv2.dll 2016-04-29 06:52 - 2016-06-06 19:17 - 00082032 _____ () C:\Users\Szymon\AppData\Roaming\Spotify\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2015-07-10 13:04 - 2016-04-29 21:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2601524567-363776497-1936036780-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Szymon\Pictures\Tapety\167693.jpg DNS Servers: 37.8.214.2 - 31.11.202.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{3C15D98F-B97A-4666-A43A-2E276540FDC4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{6B9F660A-3F69-4F99-A28A-B0DD04796E79}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{3E8D5866-F225-41E9-BF91-EA165EEAC025}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{A4622DEF-21D6-412D-BB71-0527E9324F70}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{C4085D7F-2259-4C67-AE07-47A47AF59CD6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{10910638-24F8-4E7C-A30A-4AB0EA015367}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{1F11BA79-DE41-4105-8C1D-83A212343ABC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{C9D5A2B0-25A2-47C3-B97A-3E6B40F10CB1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{76E76B22-932A-47F1-8BB6-60A3DAE2FD6F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{4256BD53-98CB-474F-BE57-974329F8E535}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe FirewallRules: [{927F2BA6-DEFF-4A63-9527-A0EDE0CB64B7}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe FirewallRules: [{978EAA51-D8F8-4A75-B976-17CFE8D90A41}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe FirewallRules: [{4FB406B5-5D67-4544-879A-562888E3B4E1}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe FirewallRules: [TCP Query User{313A8F80-EF90-4AA1-8CBB-4A285702A16C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{AB7B37C4-DB87-4168-9C47-B66B5C9EFABB}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{B9ABE858-B2B7-49FD-AA36-FBF34AD77316}C:\users\szymon\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\szymon\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{21E09735-1098-420E-B0AC-AD7E8E93407C}C:\users\szymon\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\szymon\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{90F488F6-516C-42F6-9693-3059EC693DF6}C:\users\szymon\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\szymon\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{0E330107-4056-4065-A61A-9EB83DF4133B}C:\users\szymon\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\szymon\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{3A5799E0-E5D7-4089-A4C1-D4FB7F8C8C00}C:\bruker\topspin3.1\prog\mod\cprclient.exe] => (Allow) C:\bruker\topspin3.1\prog\mod\cprclient.exe FirewallRules: [UDP Query User{AFE72E4E-E1BC-43DF-9E72-927B9E730709}C:\bruker\topspin3.1\prog\mod\cprclient.exe] => (Allow) C:\bruker\topspin3.1\prog\mod\cprclient.exe FirewallRules: [TCP Query User{D0184C09-F0C0-442D-BC93-366E0605A063}C:\bruker\topspin3.1\jre\bin\java.exe] => (Allow) C:\bruker\topspin3.1\jre\bin\java.exe FirewallRules: [UDP Query User{633EA85F-746E-451F-A410-00491A998BAB}C:\bruker\topspin3.1\jre\bin\java.exe] => (Allow) C:\bruker\topspin3.1\jre\bin\java.exe FirewallRules: [TCP Query User{A00BB16A-4597-4CA8-B69C-955D7BCDD0D5}D:\program files (x86)\cambridgesoft\chemoffice2014\chemdraw\chemdraw.exe] => (Allow) D:\program files (x86)\cambridgesoft\chemoffice2014\chemdraw\chemdraw.exe FirewallRules: [UDP Query User{5AFBB87D-7A84-4AE3-800B-8C052D3217AA}D:\program files (x86)\cambridgesoft\chemoffice2014\chemdraw\chemdraw.exe] => (Allow) D:\program files (x86)\cambridgesoft\chemoffice2014\chemdraw\chemdraw.exe FirewallRules: [{4153EE0A-FDAD-473F-BA5C-F045DE0C3A0B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{F1EB9B50-E755-4ED9-91AC-C13E26CC080C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{A7491D4C-710E-483C-B658-A36C07FE22EB}] => (Allow) C:\ProgramData\ceQeekg\protect\protect.exe FirewallRules: [{912A615B-0254-43AD-AC55-758B2EF0D445}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [{9808CCCA-32EE-48AF-8FB3-09DCAD9A1A58}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [{30DA2E0F-2263-4A8F-8A80-35A2C16A4D92}] => (Allow) C:\Program Files (x86)\ceQeekg\ceQeekg\chrome.exe FirewallRules: [{D0D6D1F5-536D-4187-A4FC-86B7BF27912A}] => (Allow) C:\Program Files (x86)\ceQeekg\ceQeekg\bin\ceQeekg_server.exe ==================== Punkty Przywracania systemu ========================= 09-07-2016 14:26:22 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 09-07-2016 14:27:14 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 12-07-2016 21:39:15 Windows Update 12-07-2016 21:40:15 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (07/13/2016 11:05:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-C0C05Q6) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (07/13/2016 11:04:57 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: SearchUI.exe, wersja: 10.0.10586.494, sygnatura czasowa: 0x5775e69a Nazwa modułu powodującego błąd: Windows.UI.Xaml.dll, wersja: 10.0.10586.494, sygnatura czasowa: 0x5775e900 Kod wyjątku: 0xc000027b Przesunięcie błędu: 0x00000000006fd01b Identyfikator procesu powodującego błąd: 0x79c Godzina uruchomienia aplikacji powodującej błąd: 0xSearchUI.exe0 Ścieżka aplikacji powodującej błąd: SearchUI.exe1 Ścieżka modułu powodującego błąd: SearchUI.exe2 Identyfikator raportu: SearchUI.exe3 Pełna nazwa pakietu powodującego błąd: SearchUI.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: SearchUI.exe5 Error: (07/13/2016 11:01:45 AM) (Source: SideBySide) (EventID: 35) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1". Błąd w pliku manifestu lub w pliku zasad "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" w wierszu UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3. Tożsamość składnika znaleziona w manifeście nie odpowiada tożsamości składnika żądanego. Odwołanie to UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definicja to UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (07/13/2016 10:25:02 AM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (07/13/2016 04:48:12 AM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (07/13/2016 12:24:59 AM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (07/12/2016 09:40:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (07/12/2016 09:39:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (07/12/2016 08:15:00 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (07/12/2016 07:22:59 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Dziennik System: ============= Error: (07/13/2016 11:08:51 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-C0C05Q6) Description: domyślne ustawienia komputeraLokalnyAktywacja{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-C0C05Q6SzymonS-1-5-21-2601524567-363776497-1936036780-1001LocalHost (użycie LRPC)Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewyS-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795 Error: (07/13/2016 11:07:08 AM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Usługa McAfee VirusScan Announcer zależy od następującej usługi: mfevtp. Ta usługa może nie być zainstalowana. Error: (07/13/2016 11:06:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Clcegh Manager z powodu następującego błędu: %%2 = Nie można odnaleźć określonego pliku. Error: (07/13/2016 11:03:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi cktSvc z powodu następującego błędu: %%2 = Nie można odnaleźć określonego pliku. Error: (07/13/2016 11:02:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dostęp do danych użytkownika_125968 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/13/2016 11:02:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Magazyn danych użytkownika_125968 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/13/2016 11:02:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Dane kontaktowe_125968 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/13/2016 11:02:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_125968 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/13/2016 11:02:24 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (07/13/2016 10:42:49 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-C0C05Q6) Description: domyślne ustawienia komputeraLokalnyAktywacja{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-C0C05Q6SzymonS-1-5-21-2601524567-363776497-1936036780-1001LocalHost (użycie LRPC)Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewyS-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795 CodeIntegrity: =================================== Date: 2016-07-13 10:37:09.715 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-07-12 03:50:10.591 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-22 17:45:53.333 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-18 07:40:02.695 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-17 17:47:18.205 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-16 16:27:36.939 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-11 12:30:29.777 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-11 10:31:49.004 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-11 08:27:11.809 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-10 00:55:53.016 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz Procent pamięci w użyciu: 75% Całkowita pamięć fizyczna: 4004.49 MB Dostępna pamięć fizyczna: 986.61 MB Całkowita pamięć wirtualna: 5924.49 MB Dostępna pamięć wirtualna: 2329.88 MB ==================== Dyski ================================ Drive c: (OS) (Fixed) (Total:321.85 GB) (Free:245.12 GB) NTFS Drive d: (DATA) (Fixed) (Total:508.91 GB) (Free:495.26 GB) NTFS Drive e: (SB) (Fixed) (Total:50 GB) (Free:48.02 GB) NTFS Drive i: (dysk) (Fixed) (Total:50 GB) (Free:33.82 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 6670EC2C) Partition: GPT. ==================== Koniec Addition.txt ============================