Rezultaty skanu uzupeÅ‚niajÄ…cego Farbar Recovery Scan Tool (x64) Wersja: 30-11-2016 Uruchomiony przez Abi (01-12-2016 13:09:44) Uruchomiony z C:\Users\Abi\Desktop Windows 7 Enterprise (X64) (2016-09-13 16:38:17) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Abi (S-1-5-21-635823440-3631937757-4027532726-1000 - Administrator - Enabled) => C:\Users\Abi Administrator (S-1-5-21-635823440-3631937757-4027532726-500 - Administrator - Disabled) Gość (S-1-5-21-635823440-3631937757-4027532726-501 - Limited - Disabled) ==================== Centrum zabezpieczeÅ„ ======================== (ZaÅ‚Ä…czenie wejÅ›cia w fixlist spowoduje jego usuniÄ™cie.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko zaÅ‚Ä…czanie programów adware z flagÄ… "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-635823440-3631937757-4027532726-1000\...\uTorrent) (Version: 3.4.9.42973 - BitTorrent Inc.) 7-Zip 4.42 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated) Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.207 - Adobe Systems Incorporated) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.11.4.0 (Version: 2.11.4.0 - NVIDIA Corporation) Hidden ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) Archiwizator WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Broadcom 802.11 Wireless Driver (HKLM-x32\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - ) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.111.0.62 - Conexant) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd) e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 8.0.9 - Ministerstwo Finansow) e-Deklaracje Desktop (x32 Version: 8.0.9 - Ministerstwo Finansow) Hidden Energy Management (HKLM-x32\...\{0CE226F3-EB27-4ECD-BBF5-F088716779FD}) (Version: 5.4.1.9 - Lenovo) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{B4F0E794-11F5-4971-85EC-6D7F2E4DAC68}) (Version: 4.4.3 - SEIKO EPSON CORPORATION) EPSON XP-312 313 315 Series Printer Uninstall (HKLM\...\EPSON XP-312 313 315 Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION) ETDWare PS/2-x64 7.0.4.18_WHQL (HKLM\...\Elantech) (Version: 7.0.4.18 - ELAN Microelectronics Corp.) Gothic II ZÅ‚ota Edycja (HKLM-x32\...\{6FB6D550-DDC4-4996-9CDF-91C34F0A4C4A}) (Version: 2.6 - JoWood) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation) K-Lite Codec Pack 7.1.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.1.0 - ) Lenovo EasyCamera (HKLM-x32\...\{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}) (Version: 5.38.2.9 - Silicon Motion) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1230 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 7.0.1230 - CyberLink Corp.) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) MoorHunt 2.1.16.3 (HKLM-x32\...\MoorHunt_is1) (Version: - hxxp://moorhunt.pl) Mozilla Firefox 49.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 pl)) (Version: 49.0.2 - Mozilla) NapiProjekt 2.0.0 (build 2151) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 341.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.96 - NVIDIA Corporation) NVIDIA Sterownik dźwiÄ™ku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 341.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.96 - NVIDIA Corporation) Onekey Theater (HKLM-x32\...\{DFB19121-0609-49C1-92B1-546E5A940FE8}) (Version: 2.0.1.8 - Lenovo) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1) (HKLM\...\0A4175B489A1B4A6E07E11B063A6263480C51D71) (Version: 10/19/2009 5.4.0.1 - Lenovo) Pakiet sterowników systemu Windows - Ross-Tech USB Driver Package (06/16/2010 2.06.02) (HKLM\...\F2D626F9A8E5C6126BED6EBD3E3504D0B2AB8443) (Version: 06/16/2010 2.06.02 - Ross-Tech) Panel sterowania NVIDIA 341.96 (Version: 341.96 - NVIDIA Corporation) Hidden PodrÄ™czniki firmy EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.0.1.0 - SEIKO EPSON CORPORATION) Polski pakiet jÄ™zykowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Polski pakiet jÄ™zykowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Wtyczka e-Deklaracje (HKLM-x32\...\{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1) (Version: 4.3.0 - Ministerstwo Finansów) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (ZaÅ‚Ä…czenie wejÅ›cia w fixlist spowoduje jego usuniÄ™cie z rejestru. PowiÄ…zany plik nie zostanie przeniesiony, o ile nie zostanie zaÅ‚Ä…czony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (ZaÅ‚Ä…czenie wejÅ›cia w fixlist spowoduje jego usuniÄ™cie z rejestru. PowiÄ…zany plik nie zostanie przeniesiony, o ile nie zostanie zaÅ‚Ä…czony z osobna.) Task: {0C7F73F4-7BF5-4937-BE8D-686EF52ACBF1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated) Task: {12BAF4A5-3763-44A9-8AAE-3A5540639FE2} - \ChelfNotify Task -> Brak pliku <==== UWAGA Task: {260F8CE5-7186-4EBD-8117-F19F0B0CC8E5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated) Task: {4D7843E7-00F8-4ECC-886D-5F31C80517CA} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {351E8C23-03B2-499A-BAA4-27DF3271AE0B} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {563B580B-D99E-4C09-98E0-234BFAF53DD9} - System32\Tasks\EPSON XP-312 313 315 Series Update {351E8C23-03B2-499A-BAA4-27DF3271AE0B} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {61F37B09-1BE8-4785-A14B-3BEA43719500} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {93F41D33-12FB-4725-A7E4-9EC11B215359} - System32\Tasks\Aritisp Launcher => C:\Program Files (x86)\Pleqok\phihuward.exe [2016-09-15] (Kunshan Aunbox software co.,Ltd) (ZaÅ‚Ä…czenie wejÅ›cia w fixlist spowoduje przesuniÄ™cie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {351E8C23-03B2-499A-BAA4-27DF3271AE0B}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {351E8C23-03B2-499A-BAA4-27DF3271AE0B}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{351E8C23-03B2-499A-BAA4-27DF3271AE0B} /F:UpdateSYSTEMÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Skróty ============================= (Wybrane wejÅ›cia mogÄ… zostać zaÅ‚Ä…czone w celu ich zresetowania lub usuniÄ™cia.) ShortcutWithArgument: C:\Users\Abi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.mylucky123.com/?type=sc&ts=1478256934&z=ca6a5fed59e24c34b428e56g2zdm4b2obw5q8tac0g&from=che0812&uid=WDCXWD5000BEVT-24A0RT0_WD-WXH1A80N9470N9470 ShortcutWithArgument: C:\Users\Abi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.mylucky123.com/?type=sc&ts=1478256934&z=ca6a5fed59e24c34b428e56g2zdm4b2obw5q8tac0g&from=che0812&uid=WDCXWD5000BEVT-24A0RT0_WD-WXH1A80N9470N9470 ShortcutWithArgument: C:\Users\Abi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.mylucky123.com/?type=sc&ts=1478256934&z=ca6a5fed59e24c34b428e56g2zdm4b2obw5q8tac0g&from=che0812&uid=WDCXWD5000BEVT-24A0RT0_WD-WXH1A80N9470N9470 ShortcutWithArgument: C:\Users\Abi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.mylucky123.com/?type=sc&ts=1478256934&z=ca6a5fed59e24c34b428e56g2zdm4b2obw5q8tac0g&from=che0812&uid=WDCXWD5000BEVT-24A0RT0_WD-WXH1A80N9470N9470 ShortcutWithArgument: C:\Users\Abi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) -> hxxp://www.mylucky123.com/?type=sc&ts=1478256934&z=ca6a5fed59e24c34b428e56g2zdm4b2obw5q8tac0g&from=che0812&uid=WDCXWD5000BEVT-24A0RT0_WD-WXH1A80N9470N9470 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) -> hxxp://www.mylucky123.com/?type=sc&ts=1478256934&z=ca6a5fed59e24c34b428e56g2zdm4b2obw5q8tac0g&from=che0812&uid=WDCXWD5000BEVT-24A0RT0_WD-WXH1A80N9470N9470 ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) -> hxxp://www.mylucky123.com/?type=sc&ts=1478256934&z=ca6a5fed59e24c34b428e56g2zdm4b2obw5q8tac0g&from=che0812&uid=WDCXWD5000BEVT-24A0RT0_WD-WXH1A80N9470N9470 ==================== ZaÅ‚adowane moduÅ‚y (filtrowane) ============== 2016-09-13 18:23 - 2016-05-30 18:36 - 00133568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-09-13 18:06 - 2009-12-19 01:52 - 00201120 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll 2016-09-13 18:06 - 2009-12-19 01:53 - 00156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll 2016-12-01 11:02 - 2016-12-01 04:04 - 00393728 _____ () C:\Users\Abi\AppData\Roaming\adgad\UvConverter.exe 2016-09-14 21:32 - 2016-06-14 21:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-09-14 21:32 - 2016-06-14 21:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-09-14 21:32 - 2016-06-14 21:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-09-14 21:32 - 2016-06-14 21:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-09-14 21:32 - 2016-06-14 21:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-09-14 21:32 - 2016-06-14 21:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-09-14 21:32 - 2016-06-14 21:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-09-14 21:32 - 2016-06-14 21:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2016-09-13 19:37 - 2006-12-11 02:14 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2016-09-13 18:00 - 2009-07-15 14:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll 2016-09-13 18:00 - 2009-07-15 14:55 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll 2016-09-13 18:06 - 2009-12-19 01:52 - 00100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe 2016-09-14 21:32 - 2016-06-14 21:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-09-14 21:32 - 2016-06-14 21:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2016-11-24 20:47 - 2016-11-24 03:33 - 00622080 _____ () C:\Program Files (x86)\Common Files\Services\iThemes.dll 2016-09-14 21:32 - 2016-06-14 21:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-09-13 18:06 - 2009-12-19 01:50 - 00161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll 2016-09-13 18:06 - 2009-12-19 01:51 - 00133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll 2016-09-13 18:02 - 2016-09-13 18:02 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\a52290f344ad5c5e513d71251549f5c2\IsdiInterop.ni.dll 2016-09-13 18:01 - 2010-03-03 19:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (filtrowane) ========= (ZaÅ‚Ä…czenie wejÅ›cia w fixlist spowoduje usuniÄ™cie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (ZaÅ‚Ä…czenie wejÅ›cia w fixlist spowoduje jego usuniÄ™cie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== PowiÄ…zania plików (filtrowane) =============== (ZaÅ‚Ä…czenie wejÅ›cia w fixlist spowoduje usuniÄ™cie obiektu z rejestru lub przywrócenie jego domyÅ›lnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (ZaÅ‚Ä…czenie wejÅ›cia w fixlist spowoduje jego usuniÄ™cie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2016-11-09 10:44 - 00000923 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 genuine.microsoft.com 127.0.0.1 mpa.one.microsoft.com 127.0.0.1 sls.microsoft.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-635823440-3631937757-4027532726-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Abi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja wÅ‚Ä…czona] ==================== MSCONFIG/TASK MANAGER - WyÅ‚Ä…czone elementy == ==================== ReguÅ‚y Zapory systemu Windows (filtrowane) =============== (ZaÅ‚Ä…czenie wejÅ›cia w fixlist spowoduje jego usuniÄ™cie z rejestru. PowiÄ…zany plik nie zostanie przeniesiony, o ile nie zostanie zaÅ‚Ä…czony z osobna.) FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe FirewallRules: [{488FED52-6E8F-4B63-BD1F-4B802374030C}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{4F7A3AD3-6A17-4DA3-8EBD-95C82E54BD7D}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [TCP Query User{9B6FB47B-76BD-4CEB-9AF4-B0B6E88289D3}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [UDP Query User{757193B7-78A1-4BEB-AF3F-9D9E23F1F86A}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [{6F2885D8-1C34-4B26-9BC3-AD012F340A88}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{E7D414FA-A06B-4BD7-AC8F-20997E85DC6D}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{11AD6549-7801-4061-8B17-FF8902F8E667}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{971E6042-85A3-4AA9-B194-AB4CEF2218C2}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{C6A9492B-0F04-4CE6-9DEE-15C76DEABF78}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{2B9BAA3E-15BD-4D3D-8E6D-D7FFF940C699}] => C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{035B0E9E-5BD2-4259-8C94-2A8B77EAE866}] => C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [TCP Query User{BB66D45D-86AF-4C20-AA02-6AC0D46F0889}C:\users\abi\appdata\roaming\utorrent\utorrent.exe] => C:\users\abi\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{D1108E1E-E7B7-4E7E-AD45-1A154E030264}C:\users\abi\appdata\roaming\utorrent\utorrent.exe] => C:\users\abi\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{559BF5D9-860E-48CA-8A58-D0F35DF1124F}] => C:\Program Files (x86)\Firefox\bin\FirefoxCommand.exe FirewallRules: [{A73742BF-FF51-49C1-AEA4-B4A27E848D8A}] => C:\Program Files (x86)\Firefox\Firefox.exe FirewallRules: [{921AE40E-ADB0-44A0-92C7-F8DBA74BB205}] => C:\Users\Abi\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup3_6_1_2200\ENEasyApp.exe FirewallRules: [{5E6FE6A6-33A0-4F51-8252-C8F6199D47E5}] => C:\Users\Abi\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup3_6_1_2200\ENEasyApp.exe FirewallRules: [{D2E6034C-72FA-4E05-8994-A547B1BC4FD2}] => C:\Program Files\firefox.exe FirewallRules: [{D5EC07A8-A33E-43D9-AB8E-F1108B52AA6E}] => C:\Program Files\firefox.exe FirewallRules: [{61DF9586-2F83-4FB0-8F67-6F0350123A01}] => C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe FirewallRules: [{F1038587-C5A7-467B-94CE-5D9E244FEB57}] => C:\Program Files (x86)\Firefox\Firefox.exe ==================== Punkty Przywracania systemu ========================= 14-11-2016 11:22:09 Removed e-Deklaracje Desktop 21-11-2016 18:13:29 Zaplanowany punkt kontrolny 29-11-2016 11:52:51 Zaplanowany punkt kontrolny 01-12-2016 11:20:59 Removed amuleC 01-12-2016 11:21:59 Removed amuleC 01-12-2016 11:22:42 Removed Lenovo Bluetooth with Enhanced Data Rate Software 01-12-2016 11:39:55 Punkt przywracania utworzony przez HitmanPro 01-12-2016 11:41:04 Punkt przywracania utworzony przez HitmanPro 01-12-2016 11:47:55 Installed Microsoft Solution - B4164D8C-3813-495A-BBBC-BA51D122A226 ==================== Wadliwe urzÄ…dzenia w Menedżerze urzÄ…dzeÅ„ ============= ==================== BÅ‚Ä™dy w Dzienniku zdarzeÅ„: ========================= Dziennik Aplikacja: ================== Error: (12/01/2016 12:12:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodujÄ…cej bÅ‚Ä…d: e-Deklaracje.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x57c5e85c Nazwa moduÅ‚u powodujÄ…cego bÅ‚Ä…d: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjÄ…tku: 0xc0000005 PrzesuniÄ™cie bÅ‚Ä™du: 0xfcc6bba0 Identyfikator procesu powodujÄ…cego bÅ‚Ä…d: 0xf80 Godzina uruchomienia aplikacji powodujÄ…cej bÅ‚Ä…d: 0x01d24bc3c3e61981 Åšcieżka aplikacji powodujÄ…cej bÅ‚Ä…d: C:\Program Files (x86)\e-Deklaracje\e-Deklaracje.exe Åšcieżka moduÅ‚u powodujÄ…cego bÅ‚Ä…d: unknown Identyfikator raportu: 14082513-b7b7-11e6-b727-c0cb38ef19ac Error: (12/01/2016 11:57:01 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodujÄ…cej bÅ‚Ä…d: NvStreamUserAgent.exe, wersja: 7.1.2084.9592, sygnatura czasowa: 0x57605c64 Nazwa moduÅ‚u powodujÄ…cego bÅ‚Ä…d: ntdll.dll, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5be02b Kod wyjÄ…tku: 0xc0000005 PrzesuniÄ™cie bÅ‚Ä™du: 0x000000000004d256 Identyfikator procesu powodujÄ…cego bÅ‚Ä…d: 0xb4c Godzina uruchomienia aplikacji powodujÄ…cej bÅ‚Ä…d: 0x01d24bc1a2f4f8c7 Åšcieżka aplikacji powodujÄ…cej bÅ‚Ä…d: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe Åšcieżka moduÅ‚u powodujÄ…cego bÅ‚Ä…d: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: e2a86fa3-b7b4-11e6-b727-c0cb38ef19ac Error: (12/01/2016 11:56:54 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodÅ‚a siÄ™. BÅ‚Ä…d 0x00000000. Error: (12/01/2016 11:56:54 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: WystÄ…piÅ‚ bÅ‚Ä…d aktywacji licencji (slui.exe), kod bÅ‚Ä™du: 0x800401F9 Error: (12/01/2016 11:43:01 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodÅ‚a siÄ™. BÅ‚Ä…d 0x00000000. Error: (12/01/2016 11:43:01 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: WystÄ…piÅ‚ bÅ‚Ä…d aktywacji licencji (slui.exe), kod bÅ‚Ä™du: 0x800401F9 Error: (12/01/2016 11:41:17 AM) (Source: VSS) (EventID: 8193) (User: ) Description: BÅ‚Ä…d UsÅ‚ugi kopiowania woluminów w tle: nieoczekiwany bÅ‚Ä…d podczas wywoÅ‚ywania procedury RegSetValueExW(0x00000178,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,00000000038DEC60.72). hr = 0x80070005, Odmowa dostÄ™pu. . Error: (12/01/2016 11:41:17 AM) (Source: VSS) (EventID: 8193) (User: ) Description: BÅ‚Ä…d UsÅ‚ugi kopiowania woluminów w tle: nieoczekiwany bÅ‚Ä…d podczas wywoÅ‚ywania procedury RegSetValueExW(0x000002bc,(null),0,REG_BINARY,00000000025BE2D0.72). hr = 0x80070005, Odmowa dostÄ™pu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy moduÅ‚u zapisujÄ…cego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa moduÅ‚u zapisujÄ…cego: System Writer Identyfikator wystÄ…pienia moduÅ‚u zapisujÄ…cego: {d9d1f512-c00b-4fe1-a308-129b47599a30} Error: (12/01/2016 11:41:17 AM) (Source: VSS) (EventID: 8193) (User: ) Description: BÅ‚Ä…d UsÅ‚ugi kopiowania woluminów w tle: nieoczekiwany bÅ‚Ä…d podczas wywoÅ‚ywania procedury RegSetValueExW(0x00000968,(null),0,REG_BINARY,0000000000E0E470.72). hr = 0x80070005, Odmowa dostÄ™pu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy moduÅ‚u zapisujÄ…cego: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} Nazwa moduÅ‚u zapisujÄ…cego: WMI Writer Identyfikator wystÄ…pienia moduÅ‚u zapisujÄ…cego: {c8a8a6c8-b015-4dd9-8c40-74280fd54e31} Error: (12/01/2016 11:41:17 AM) (Source: VSS) (EventID: 8193) (User: ) Description: BÅ‚Ä…d UsÅ‚ugi kopiowania woluminów w tle: nieoczekiwany bÅ‚Ä…d podczas wywoÅ‚ywania procedury RegSetValueExW(0x00000914,(null),0,REG_BINARY,0000000006F0E470.72). hr = 0x80070005, Odmowa dostÄ™pu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy moduÅ‚u zapisujÄ…cego: {cd3f2362-8bef-46c7-9181-d62844cdc0b2} Nazwa moduÅ‚u zapisujÄ…cego: MSSearch Service Writer Identyfikator wystÄ…pienia moduÅ‚u zapisujÄ…cego: {7be936be-3656-4696-8156-35a7ecb71653} Dziennik System: ============= Error: (12/01/2016 11:58:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usÅ‚ugi ed2k idle service z powodu nastÄ™pujÄ…cego bÅ‚Ä™du: Nie można odnaleźć okreÅ›lonego pliku. Error: (12/01/2016 11:45:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usÅ‚ugi ed2k idle service z powodu nastÄ™pujÄ…cego bÅ‚Ä™du: Nie można odnaleźć okreÅ›lonego pliku. Error: (12/01/2016 11:43:39 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: UsÅ‚uga HitmanPro 3.7 Crusader (Boot) zakoÅ„czyÅ‚a dziaÅ‚anie; wystÄ…piÅ‚ specyficzny dla niej bÅ‚Ä…d Operacja ukoÅ„czona pomyÅ›lnie. . Error: (12/01/2016 11:43:05 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można zaÅ‚adować nastÄ™pujÄ…cych sterowników startu rozruchowego lub systemowego: iSafeNetFilter Error: (12/01/2016 11:42:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usÅ‚ugi YAC Service z powodu nastÄ™pujÄ…cego bÅ‚Ä™du: UsÅ‚uga nie odpowiada na sygnaÅ‚ uruchomienia lub sygnaÅ‚ sterujÄ…cy w oczekiwanym czasie. Error: (12/01/2016 11:42:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: UpÅ‚ynÄ…Å‚ limit czasu (30000 ms) podczas oczekiwania na poÅ‚Ä…czenie siÄ™ z usÅ‚ugÄ… YAC Service. Error: (12/01/2016 11:41:23 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: WywoÅ‚anie ScRegSetValueExW dla DeleteFlag nie powiodÅ‚o siÄ™ i wystÄ…piÅ‚ nastÄ™pujÄ…cy bÅ‚Ä…d: Odmowa dostÄ™pu. . Error: (12/01/2016 11:41:21 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: WywoÅ‚anie ScRegSetValueExW dla DeleteFlag nie powiodÅ‚o siÄ™ i wystÄ…piÅ‚ nastÄ™pujÄ…cy bÅ‚Ä…d: Odmowa dostÄ™pu. . Error: (12/01/2016 11:41:21 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: WywoÅ‚anie ScRegSetValueExW dla DeleteFlag nie powiodÅ‚o siÄ™ i wystÄ…piÅ‚ nastÄ™pujÄ…cy bÅ‚Ä…d: Odmowa dostÄ™pu. . Error: (12/01/2016 11:41:21 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: WywoÅ‚anie ScRegSetValueExW dla DeleteFlag nie powiodÅ‚o siÄ™ i wystÄ…piÅ‚ nastÄ™pujÄ…cy bÅ‚Ä…d: Odmowa dostÄ™pu. . CodeIntegrity: =================================== Date: 2016-12-01 13:06:20.929 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-01 12:40:57.236 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-01 12:35:46.544 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-01 12:25:16.859 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-01 11:56:51.435 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-01 11:55:37.863 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-01 11:42:57.017 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-01 11:24:57.413 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-01 11:15:03.021 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-12-01 11:13:01.605 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamiêci =========================== Procesor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz Procent pamiêci w u¿yciu: 28% Ca³kowita pamiêæ fizyczna: 6006.85 MB Dostêpna pamiêæ fizyczna: 4291.93 MB Ca³kowita pamiêæ wirtualna: 12011.85 MB Dostêpna pamiêæ wirtualna: 10095.14 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:94.57 GB) (Free:39.81 GB) NTFS Drive d: () (Fixed) (Total:175.78 GB) (Free:7.26 GB) NTFS Drive e: () (Fixed) (Total:195.31 GB) (Free:1.58 GB) NTFS Drive h: (gothic2ze) (CDROM) (Total:2.35 GB) (Free:0 GB) CDFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 02C77197) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=94.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=175.8 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================