Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 15-03-2017 Uruchomiony przez janek (07-04-2017 16:52:51) Uruchomiony z C:\Users\janek\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2012-11-20 17:19:10) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-770938827-2149489586-298190218-500 - Administrator - Disabled) Gość (S-1-5-21-770938827-2149489586-298190218-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-770938827-2149489586-298190218-1002 - Limited - Enabled) janek (S-1-5-21-770938827-2149489586-298190218-1000 - Administrator - Enabled) => C:\Users\janek ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-770938827-2149489586-298190218-1000\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) ACP Application (Version: 2016.1223.1210.58 - Advanced Micro Devices, Inc.) Hidden Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated) Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.127 - Adobe Systems Incorporated) Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) amuleC (HKLM-x32\...\{19539992-061C-4E8B-9053-07B175303AF4}) (Version: 1.0.1 - amuleC) <==== UWAGA amuleC (HKLM-x32\...\{418DDAC3-E16C-47C2-B5FE-4FBCAB0E10D0}) (Version: 1.0.0 - amuleC) <==== UWAGA ArgusMonitor (HKLM-x32\...\ArgusMonitor) (Version: - ) ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.) ASRock eXtreme Tuner v0.1.207.1 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - ) ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - ) ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version: - ASRock Inc.) Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 17.3.2291 - AVAST Software) Catalyst Control Center Next Localization BR (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform) Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine) CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Creative Live! Cam Video IM Driver (1.03.02.00) (HKLM\...\Creative VF0220) (Version: - ) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0316 - DT Soft Ltd) deskapp (HKLM-x32\...\{7DBE4CA5-2DEE-4B98-A137-7D3D4F7E31B1}) (Version: 1.0.9 - deskapp) e-pity 8.0.14 za rok 2016 (HKLM-x32\...\{80D8170E-5590-218-B9ED-E24E4C99A11D}_is1) (Version: 8.0.14 - e-file sp. z o.o. sp.k.) Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology) Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.44.20513.9 - Electronic Arts) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation) Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{12ABC13D-6540-483D-92B9-30CE1667B002}) (Version: 2.0.1083.0 - Intel) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) KMSnano 25 (HKLM\...\KMSnano 25_is1) (Version: KMSnano 25 - ) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.4.2.12697 - Electronic Arts, Inc.) Pazera Free FLV to AVI Converter 1.8 (HKLM-x32\...\{E82A57BC-E9B8-42F9-BDC7-4950BD73EA32}_is1) (Version: 1.8 - Pazera Jacek) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.) Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc) Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6383 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games) SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.) Sound Blaster X-Fi MB (HKLM-x32\...\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}) (Version: 1.0 - Creative Technology Limited) SRWare Iron (64-Bit) wersja 51.2700.0 (HKLM\...\{BA85A29D-B48E-4826-BAEE-817024E52E29}_is1) (Version: 51.2700.0 - SRWare) The Elder Scrolls V Skyrim Special Edition (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: - ) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com) The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com) The Witcher 3: Wild Hunt - Krew i Wino (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com) The Witcher 3: Wild Hunt - Serca z kamienia (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com) TP-LINK TL-WN723N Driver (HKLM-x32\...\{B82D0422-A202-4E51-92F2-821A35CC833F}) (Version: 1.1.0 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.1.0 - TP-LINK) USB Vibration Joystick (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - ) UvConverter (HKLM-x32\...\{7195E93F-714C-404B-A164-8F080121C1E6}) (Version: 1.0.0 - UvConverter) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-6) (Version: 1.0.26.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden WapSter AQQ (HKLM-x32\...\AQQ) (Version: 2.4.3.70 - Creative Team S.A.) WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH) WinSnare (HKLM-x32\...\{BB26F52E-34C5-4937-9240-471C59CC81E6}) (Version: 4.4.5 - WinSnare) <==== UWAGA Wtyczka e-Deklaracje (HKLM-x32\...\{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1) (Version: 4.1.0 - Ministerstwo Finansów) XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn) YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== UWAGA ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) HKU\S-1-5-21-770938827-2149489586-298190218-1000\...\ChromeHTML: -> C:\Program Files (x86)\Hotcine\Application\chrome.exe (Google Inc.) <==== UWAGA ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {08A54E56-7D91-459B-88B9-2AC759BFE807} - System32\Tasks\{DE3A5465-5124-40DC-9FD9-7E49F6B0CAB0} => C:\Users\janek\Desktop\LCVM_PCDRV_US_1_03_02.exe Task: {12B6E802-469A-4F22-B3FC-239729F82781} - System32\Tasks\{654C1DE6-B102-486A-A6BD-5EE278A67F01} => D:\Football Manager 2013\fm.exe Task: {166987D8-FBF3-4468-82FA-AC6FFB19E6FE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-30] (Adobe Systems Incorporated) Task: {1F5A048B-E0F7-4A3B-8E6E-BCF13B45BFBA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {232CAF8E-1BDB-4ECE-BD65-1C0B090F0317} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-02-06] () Task: {288DE368-7CFE-412B-A61A-37CA0CF0E36B} - System32\Tasks\{ED513923-AE31-4364-AF2B-6B4A0065D307} => pcalua.exe -a C:\Users\janek\Desktop\LCVM_PCDRV_US_1_03_02.exe -d C:\Users\janek\Desktop Task: {31BE7D8F-DDB7-4174-A8C4-5D485615E7B7} - System32\Tasks\e-pity2016a_kwiecien => D:\e-pity\Assets\signxml.exe [2017-02-22] (e-file sp. z o.o. sp. k.) Task: {496EB6EC-FA90-455C-B22B-3FE759EF9100} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {57B4E4BD-87EA-4892-83A9-D282F9B644B8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-30] (AVAST Software) Task: {6670E201-5F5F-4476-9EE1-84E3E892E320} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd) Task: {68C24866-422B-4FBD-95DE-C7CF91EFA23D} - System32\Tasks\avastBCLRestartS-1-5-21-770938827-2149489586-298190218-1000 => Chrome.exe Task: {7D303A0C-70B3-4227-9A3F-72E7A1448110} - System32\Tasks\ChelfNotify Task => C:\ProgramData\ChelfNotify\BrowserUpdate.exe [2016-06-30] (Tencent) <==== UWAGA Task: {801F22F6-E9BF-4F07-B002-CE0F4A54F1EC} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software) Task: {827280F0-22A6-4CFE-8E32-BC2BB0542115} - System32\Tasks\e-pity2015a_styczen => D:\e-pity2015\Assets\signxml.exe Task: {898CE30D-A2B3-4476-AB17-43D72C8A283F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {89DCC863-F61B-4C0B-B358-84702EBDC8F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {8C215069-E4F0-4D65-9852-187F96EB2466} - System32\Tasks\e-pity2015a_kwiecien => D:\e-pity2015\Assets\signxml.exe Task: {936AE9C8-B566-4739-BD7F-A810C3E0D03D} - System32\Tasks\e-pity2016a_styczen => D:\e-pity\Assets\signxml.exe [2017-02-22] (e-file sp. z o.o. sp. k.) Task: {93C2075B-CD9D-4930-A446-3DE84BEC58A9} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2016-12-23] (Advanced Micro Devices, Inc.) Task: {97434442-7C60-4FA4-B49A-46C05496C32E} - System32\Tasks\{A8B8AD58-31A6-4A45-85DA-98BD4BF1B5FE} => D:\S.T.A.L.K.E.R. - Call of Pripyat\xrEngine.exe Task: {AD2D5574-633E-4AE5-8F10-F8A0A633D049} - System32\Tasks\SafeZone scheduled Autoupdate 1451579359 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software) Task: {BDE72C0F-FE19-4ADF-91A1-DEB4B874DAF8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {CB745C11-9A1F-467C-B136-248E29A20F7E} - System32\Tasks\DSite => C:\Users\janek\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== UWAGA Task: {CDAC44ED-3E7A-429F-868D-60070E905322} - System32\Tasks\{FEE68D84-F779-404A-BDEE-6D5F30430127} => pcalua.exe -a D:\SportsKeeping\Uninstal.exe Task: {D5183F11-3F14-4716-BCDD-2778732979A7} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe Task: {DD1FF29D-9C25-4C66-94E5-93182B667F8E} - System32\Tasks\{E493F3C0-227A-47E9-8CBB-57DA7D65C7AA} => C:\Users\janek\Desktop\Lexmark_Universal_UD0_Win_32_PCL_Emul.exe Task: {DD6CC986-FFEB-493D-90D9-0A43BD312989} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\TXQQBrowser\Update\EB1F62D5E5030F247821934786DF6AC0\Update\BrowserUpdate.exe [2016-04-25] (Tencent) <==== UWAGA Task: {E6B9245C-9857-4A52-B627-3BB19994933E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {EEF6115C-A6CD-458C-A2D7-D65D731F9AD3} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_127_pepper.exe [2017-03-19] (Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\DSite.job => C:\Users\janek\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== UWAGA ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\janek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Hotcine\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\janek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Hotcine\Application\chrome.exe (Google Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Hotcine\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Hotcine\Application\chrome.exe (Google Inc.) ShortcutWithArgument: C:\Users\janek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1473877639&z=fa3d2cbc1b2aa3d80db0bfegbz1m3cdb5m2m3q0ceb&from=qks0914&uid=ST500DM002-1BD142_Z3T4993PXXXXZ3T4993P ShortcutWithArgument: C:\Users\janek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1473877639&z=fa3d2cbc1b2aa3d80db0bfegbz1m3cdb5m2m3q0ceb&from=qks0914&uid=ST500DM002-1BD142_Z3T4993PXXXXZ3T4993P ShortcutWithArgument: C:\Users\janek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1468514724&z=66969e95660e5675b23b76bg5zfq5b6wdgbzemco4w&from=wpm0616&uid=ST500DM002-1BD142_Z3T4993PXXXXZ3T4993P ShortcutWithArgument: C:\Users\janek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1473877639&z=fa3d2cbc1b2aa3d80db0bfegbz1m3cdb5m2m3q0ceb&from=qks0914&uid=ST500DM002-1BD142_Z3T4993PXXXXZ3T4993P ShortcutWithArgument: C:\Users\janek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SRWare Iron (64-Bit).lnk -> D:\SRWare Iron (64-Bit)\chrome.exe (SRWare) -> hxxp://www.nuesearch.com/?type=sc&ts=1473877639&z=fa3d2cbc1b2aa3d80db0bfegbz1m3cdb5m2m3q0ceb&from=qks0914&uid=ST500DM002-1BD142_Z3T4993PXXXXZ3T4993P ShortcutWithArgument: C:\Users\janek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Avast SafeZone Browser.lnk -> C:\Program Files\AVAST Software\SZBrowser\launcher.exe (Avast Software) -> hxxp://www.nuesearch.com/?type=sc&ts=1473877639&z=fa3d2cbc1b2aa3d80db0bfegbz1m3cdb5m2m3q0ceb&from=qks0914&uid=ST500DM002-1BD142_Z3T4993PXXXXZ3T4993P ShortcutWithArgument: C:\Users\janek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\SRWare Iron (64-Bit).lnk -> D:\SRWare Iron (64-Bit)\chrome.exe (SRWare) -> hxxp://www.nuesearch.com/?type=sc&ts=1473877639&z=fa3d2cbc1b2aa3d80db0bfegbz1m3cdb5m2m3q0ceb&from=qks0914&uid=ST500DM002-1BD142_Z3T4993PXXXXZ3T4993P ShortcutWithArgument: C:\Users\janek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.nuesearch.com/?type=sc&ts=1473877639&z=fa3d2cbc1b2aa3d80db0bfegbz1m3cdb5m2m3q0ceb&from=qks0914&uid=ST500DM002-1BD142_Z3T4993PXXXXZ3T4993P ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk -> C:\Program Files\AVAST Software\SZBrowser\launcher.exe (Avast Software) -> hxxp://www.nuesearch.com/?type=sc&ts=1473877639&z=fa3d2cbc1b2aa3d80db0bfegbz1m3cdb5m2m3q0ceb&from=qks0914&uid=ST500DM002-1BD142_Z3T4993PXXXXZ3T4993P ShortcutWithArgument: C:\Users\Public\Desktop\Avast SafeZone Browser.lnk -> C:\Program Files\AVAST Software\SZBrowser\launcher.exe (Avast Software) -> hxxp://www.nuesearch.com/?type=sc&ts=1473877639&z=fa3d2cbc1b2aa3d80db0bfegbz1m3cdb5m2m3q0ceb&from=qks0914&uid=ST500DM002-1BD142_Z3T4993PXXXXZ3T4993P ==================== Załadowane moduły (filtrowane) ============== 2017-04-07 11:31 - 2017-04-06 11:20 - 00120320 _____ () C:\Users\janek\AppData\Local\AMD\amd.exe 2012-02-09 16:26 - 2012-02-09 16:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2012-02-09 16:26 - 2012-02-09 16:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2012-02-09 16:26 - 2012-02-09 16:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll 2014-03-08 15:34 - 2014-03-08 15:34 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-03-08 15:34 - 2014-03-08 15:34 - 00107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2017-03-30 18:30 - 2017-03-30 18:30 - 00162024 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll 2017-03-30 18:30 - 2017-03-30 18:30 - 00790544 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll 2017-03-30 18:30 - 2017-03-30 18:30 - 00275776 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll 2016-09-13 02:51 - 2016-09-13 02:51 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2016-09-13 02:51 - 2016-09-13 02:51 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2016-09-13 02:51 - 2016-09-13 02:51 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2016-09-13 02:51 - 2016-09-13 02:51 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2016-09-13 02:50 - 2016-09-13 02:50 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll 2016-09-13 02:50 - 2016-09-13 02:50 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2016-09-13 02:51 - 2016-09-13 02:51 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2017-04-07 11:32 - 2017-04-07 04:50 - 00110768 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe 2016-06-30 18:24 - 2016-06-30 04:39 - 00424832 _____ () C:\ProgramData\Lefttoe\Lefttoe.exe 2016-10-12 18:49 - 2016-05-23 04:37 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll 2017-03-30 18:30 - 2017-03-30 18:30 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-03-30 18:30 - 2017-03-30 18:30 - 00176480 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-03-30 18:30 - 2017-03-30 18:30 - 00653520 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-03-30 18:30 - 2017-03-30 18:30 - 00230632 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2017-04-07 16:36 - 2017-04-07 16:36 - 06022832 _____ () C:\Program Files\AVAST Software\Avast\defs\17040700\algo.dll 2016-10-12 18:49 - 2016-05-23 04:37 - 00179200 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll 2016-09-26 18:22 - 2016-09-26 18:22 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-03-30 18:30 - 2017-03-30 18:30 - 00293936 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2013-05-25 16:17 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL 2013-05-25 16:17 - 2009-04-20 11:55 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL 2017-01-25 18:04 - 2017-01-24 09:09 - 00467456 _____ () c:\programdata\microsoft\office\office_update.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd 2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll 2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd 2015-10-21 22:29 - 2015-10-21 22:29 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll 2015-10-21 22:29 - 2015-10-21 22:29 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PIL._imaging.pyd 2015-06-27 01:09 - 2015-06-27 01:09 - 00271872 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\amd_ags.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pythoncom26.dll 2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32com.shell.shell.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd 2016-04-19 19:08 - 2016-04-19 19:08 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd 2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll 2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll 2017-03-30 18:26 - 2017-03-09 07:31 - 02187096 _____ () C:\Program Files (x86)\Hotcine\Application\libglesv2.dll 2017-03-30 18:26 - 2017-03-09 07:31 - 00086360 _____ () C:\Program Files (x86)\Hotcine\Application\libegl.dll 2017-03-30 18:26 - 2017-03-29 10:00 - 00104960 _____ () c:\programdata\package cache\{2a002f88-fd5d-379b-a350-a25d84af128b}v14.0.25420\packages\visualc_d14\vc_ide.base\vc_ide_base.dll 2017-03-30 18:26 - 2017-03-29 10:00 - 00104960 _____ () C:\ProgramData\Package Cache\{2A002F88-FD5D-379B-A350-A25D84AF128B}v14.0.25420\packages\VisualC_D14\VC_IDE.Base\VC_IDE_Base.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-770938827-2149489586-298190218-1000\...\epuap.gov.pl -> hxxps://hetman.epuap.gov.pl ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2017-01-29 19:36 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts 0.0.0.1 mssplus.mcafee.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-770938827-2149489586-298190218-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\janek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "D:\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: AQQ => D:\WAPSTE~1\AQQ.exe MSCONFIG\startupreg: BCSSync => "D:\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: CTSyncService => C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe /StartRunKey MSCONFIG\startupreg: DAEMON Tools Lite => "D:\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: Google Update => "C:\Users\janek\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: StartCCC => "D:\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun MSCONFIG\startupreg: XFast LAN => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe MSCONFIG\startupreg: XFastUSB => "C:\Program Files (x86)\XFastUSB\XFastUsb.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{6DACF585-7C2F-4DE8-B3B2-5E877627938B}D:\wapster aqq\aqq.exe] => (Allow) D:\wapster aqq\aqq.exe FirewallRules: [UDP Query User{444955D6-1D78-4189-89E8-5F860850C16F}D:\wapster aqq\aqq.exe] => (Allow) D:\wapster aqq\aqq.exe FirewallRules: [{DDF55485-D258-4A2F-8EB9-ACD7CF1216C4}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{34B61C1F-ED74-4DC9-A2DB-0BC2C2BAD863}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{4B2F3271-C498-4F50-BA77-17D9099C6200}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{01F6D4F9-96C3-4F0D-92BA-83D41FD9DCB0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{5FA6B51E-DFBC-4387-A834-950231205DDE}] => (Allow) D:\KMSnano\data\qemu-system-i386.exe FirewallRules: [{06AF7DA1-F0CE-48CE-A42F-9930D509403A}] => (Allow) D:\KMSnano\data\qemu-system-i386.exe FirewallRules: [{ED36FC21-E07E-4652-B95A-7A7141A156AA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{995F1DCD-3221-463B-88FB-3EA0239FF65D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{42E388BD-DC7F-44CF-A70D-0598636D6B0A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{64247966-CDE6-483B-8597-53FC758B33EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{B1DBA68C-51B8-4A0C-BB37-C07538E10FBA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{DAC7A07C-A5FD-4862-8261-4A3337669610}] => (Allow) C:\Users\janek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B71E0564-D2A5-4BF7-A469-60C89001D410}] => (Allow) C:\Users\janek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{CCA432C4-482D-43D3-A8FB-CC53EA3545B5}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{6E7C41BF-A378-423D-A825-2B051587D85E}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe FirewallRules: [{F2FCCDED-282A-4DC0-B985-DDFD3DA78F2F}] => (Allow) C:\ProgramData\Lefttoe\Lefttoe.exe FirewallRules: [{1113120A-5729-4536-9963-701988D253A6}] => (Allow) E:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{F6F9FB26-D955-4BA3-9D57-B6E3D0F0B257}] => (Allow) E:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{6FB5D20F-AF9D-40E7-B1ED-911B8149E369}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{67485207-74C8-463C-B00B-21BBE5A2A7A7}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{86D49FB9-7F0A-4A1F-83C7-D1EFF46D64F9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{4DD3CAFE-C57B-4AF3-91E8-74A352C0A209}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{DF8AC51C-23F3-4A1B-942A-E4B5E47EF5CF}] => (Block) E:\The Elder Scrolls V Skyrim Special Edition\SkyrimSE.exe FirewallRules: [{28A03599-42B2-46A1-9545-BE02E183A0E4}] => (Block) E:\The Elder Scrolls V Skyrim Special Edition\SkyrimSE.exe FirewallRules: [{59218719-F58B-4C41-B1F3-91D23CCE80A8}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe FirewallRules: [{C42F7051-4E8C-41D5-AD33-76EAB91C5380}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe FirewallRules: [{050F7C93-EAEF-4FE3-AF8A-778ECC00839A}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe FirewallRules: [{E279C679-E731-4AA8-A057-F07F8C6F2B19}] => (Allow) C:\Program Files (x86)\Hotcine\Application\chrome.exe FirewallRules: [{E36E77ED-D3B4-44BA-B6F4-8889132B6C81}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe FirewallRules: [{2C670180-0345-4B07-A38F-67E9EADA6F45}] => (Allow) C:\Program Files (x86)\MIO\loader\st500dm002-1bd142_z3t4993pxxxxz3t4993p.dat FirewallRules: [{557C51B1-C7A8-46D1-A883-FE4080DC977F}] => (Allow) C:\Program Files (x86)\MIO\loader\st500dm002-1bd142_z3t4993pxxxxz3t4993p.dat ==================== Punkty Przywracania systemu ========================= ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (04/07/2017 04:33:04 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (04/07/2017 01:08:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 57.0.2987.98, sygnatura czasowa: 0x58c08d23 Nazwa modułu powodującego błąd: chrome.dll, wersja: 57.7.2987.98, sygnatura czasowa: 0x58db678f Kod wyjątku: 0xc0000409 Przesunięcie błędu: 0x00e51074 Identyfikator procesu powodującego błąd: 0xda4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2af8e75ea4d23 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Hotcine\Application\chrome.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Hotcine\Application\chrome.dll Identyfikator raportu: 8084f91c-1b82-11e7-b965-bc5ff4653237 Error: (04/07/2017 01:02:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 57.0.2987.98, sygnatura czasowa: 0x58c08d23 Nazwa modułu powodującego błąd: chrome.dll, wersja: 57.7.2987.98, sygnatura czasowa: 0x58db678f Kod wyjątku: 0xc0000409 Przesunięcie błędu: 0x00e51074 Identyfikator procesu powodującego błąd: 0x12a8 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2af8e6effa835 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Hotcine\Application\chrome.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Hotcine\Application\chrome.dll Identyfikator raportu: aef61fb2-1b81-11e7-b965-bc5ff4653237 Error: (04/07/2017 01:00:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 57.0.2987.98, sygnatura czasowa: 0x58c08d23 Nazwa modułu powodującego błąd: chrome.dll, wersja: 57.7.2987.98, sygnatura czasowa: 0x58db678f Kod wyjątku: 0xc0000409 Przesunięcie błędu: 0x00e51074 Identyfikator procesu powodującego błąd: 0x1158 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2af8e338863c5 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Hotcine\Application\chrome.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Hotcine\Application\chrome.dll Identyfikator raportu: 728084cb-1b81-11e7-b965-bc5ff4653237 Error: (04/07/2017 01:00:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 57.0.2987.98, sygnatura czasowa: 0x58c08d23 Nazwa modułu powodującego błąd: chrome.dll, wersja: 57.7.2987.98, sygnatura czasowa: 0x58db678f Kod wyjątku: 0xc0000409 Przesunięcie błędu: 0x00e51074 Identyfikator procesu powodującego błąd: 0xb94 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2af8e12de8995 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Hotcine\Application\chrome.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Hotcine\Application\chrome.dll Identyfikator raportu: 635eeea8-1b81-11e7-b965-bc5ff4653237 Error: (04/07/2017 12:59:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 57.0.2987.98, sygnatura czasowa: 0x58c08d23 Nazwa modułu powodującego błąd: chrome.dll, wersja: 57.7.2987.98, sygnatura czasowa: 0x58db678f Kod wyjątku: 0xc0000409 Przesunięcie błędu: 0x00e51074 Identyfikator procesu powodującego błąd: 0x1544 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2af8e0c9dcebe Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Hotcine\Application\chrome.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Hotcine\Application\chrome.dll Identyfikator raportu: 4de857d6-1b81-11e7-b965-bc5ff4653237 Error: (04/07/2017 12:59:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: chrome.exe, wersja: 57.0.2987.98, sygnatura czasowa: 0x58c08d23 Nazwa modułu powodującego błąd: chrome.dll, wersja: 57.7.2987.98, sygnatura czasowa: 0x58db678f Kod wyjątku: 0xc0000409 Przesunięcie błędu: 0x00e51074 Identyfikator procesu powodującego błąd: 0x10ac Godzina uruchomienia aplikacji powodującej błąd: 0x01d2af874e68395a Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Hotcine\Application\chrome.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Hotcine\Application\chrome.dll Identyfikator raportu: 45ea84bd-1b81-11e7-b965-bc5ff4653237 Error: (04/07/2017 10:32:31 AM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (04/06/2017 06:27:51 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Error: (04/05/2017 07:14:41 PM) (Source: ISCT Agent) (EventID: 1003) (User: ) Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2 Dziennik System: ============= Error: (04/07/2017 04:34:34 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: Nie można poprawnie uruchomić usługi „WMPNetworkSvc”, ponieważ funkcja CoCreateInstance(CLSID_UPnPDeviceFinder) napotkała błąd „0x80004005”. Sprawdź, czy usługa UPnPHost jest uruchomiona i czy składnik UPnPHost systemu Windows jest zainstalowany właściwie. Error: (04/07/2017 04:33:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi VBoxAsw Support Driver z powodu następującego błędu: System nie może odnaleźć określonej ścieżki. Error: (04/07/2017 04:33:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (04/07/2017 04:33:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (04/07/2017 04:33:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Kyubey z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (04/07/2017 04:32:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 126 Error: (04/07/2017 04:32:21 PM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Usługa Kompozycje zależy od następującej usługi: iThemes5. Ta usługa może nie być zainstalowana. Error: (04/07/2017 10:37:54 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom skonfigurowany program odzyskiwania) po nieoczekiwanym zakończeniu usługi aswbIDSAgent, ale ta akcja nie powiodła się przy następującym błędzie: Żaden program odzyskiwania nie został skonfigurowany dla tej usługi. . Error: (04/07/2017 10:37:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa aswbIDSAgent niespodziewanie zakończyła pracę. Wystąpiło to razy: 3. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom skonfigurowany program odzyskiwania. Error: (04/07/2017 10:37:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Avast Antivirus niespodziewanie zakończyła pracę. Wystąpiło to razy: 3. CodeIntegrity: =================================== Date: 2016-03-29 19:58:56.049 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-03-29 19:58:56.049 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-03-29 19:16:22.924 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-03-29 19:16:22.924 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-03-29 11:20:31.273 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-03-29 11:20:31.273 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-03-28 22:45:09.494 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-03-28 22:45:09.494 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-03-28 14:00:37.079 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-03-28 14:00:37.079 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz Procent pamięci w użyciu: 48% Całkowita pamięć fizyczna: 8155.76 MB Dostępna pamięć fizyczna: 4183.84 MB Całkowita pamięć wirtualna: 16309.7 MB Dostępna pamięć wirtualna: 11320.7 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:76.18 GB) (Free:14.39 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: () (Fixed) (Total:239.17 GB) (Free:130.65 GB) NTFS Drive e: () (Fixed) (Total:150.32 GB) (Free:62.74 GB) NTFS Drive g: (My Passport Biały) (Fixed) (Total:232.88 GB) (Free:120.11 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7187C51D) Partition 1: (Active) - (Size=76.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=239.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=150.3 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 232.9 GB) (Disk ID: F9F3F3D2) Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================