Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 09-10-2016 Uruchomiony przez Gosik (10-10-2016 10:27:40) Uruchomiony z C:\Users\Gosik\Desktop\Pobrane Windows 7 Ultimate Service Pack 1 (X64) (2013-11-05 20:24:34) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3482983258-164799655-2106577801-500 - Administrator - Disabled) Gosik (S-1-5-21-3482983258-164799655-2106577801-1000 - Administrator - Enabled) => C:\Users\Gosik Gość (S-1-5-21-3482983258-164799655-2106577801-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3482983258-164799655-2106577801-1002 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.28 - GIGABYTE) 7-Zip 9.30 alpha (HKLM-x32\...\7-Zip) (Version: - ) ACDSee 10 Photo Manager (HKLM-x32\...\{F8B98EB6-FC06-45BF-87D4-9784E0408611}) (Version: 10.0.238 - ACD Systems International) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated) Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated) Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AQQ (HKLM-x32\...\AQQ) (Version: 3.0.2.20 - Creative Team S.A.) Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team) Automatyczna aktualizacja oprogramowania Creative (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited) CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform) CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien) Creative Live! Central 3 (HKLM-x32\...\Creative Live! Central 2) (Version: 3.01.28 - Creative Technology Ltd) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0193 - Disc Soft Ltd) Easy CD-DA Extractor 16 (HKLM-x32\...\Easy CD-DA Extractor 16) (Version: 16.0.7 - Poikosoft) ET6 B15.0210.1 (HKLM-x32\...\InstallShield_{35D86AE6-EC16-4C56-8CE7-B85F0E5EFFA4}) (Version: 1.00.0000 - GIGABYTE) ET6 B15.0210.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Firebird 2.5.0.26074 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project) Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games) HTC Home version 3.1 (HKLM-x32\...\{DB0B6E17-5442-4FEF-99E1-6F3B865A521E}_is1) (Version: 3.1 - HTC Home Team) Informacje o systemie Creative (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) K-Lite Codec Pack 10.2.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - ) Live! Cam Sync HD VF0770 Driver (1.00.02.00) (HKLM\...\Creative VF0770) (Version: - Creative Technology Ltd.) Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MEmu (HKLM-x32\...\MEmu) (Version: 2.5.0 - Microvirt) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.205.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 47.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 pl)) (Version: 47.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.4.0.6115 - Mozilla) Mozilla Thunderbird 45.4.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 45.4.0 (x86 pl)) (Version: 45.4.0 - Mozilla) MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Nero BurningROM 12 (HKLM-x32\...\{DCF34348-8673-4E60-97E5-1CBC0D7293AC}) (Version: 12.5.01100 - Nero AG) ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) Opera Stable 40.0.2308.81 (HKLM-x32\...\Opera 40.0.2308.81) (Version: 40.0.2308.81 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.1.1.35466 - Electronic Arts, Inc.) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games) Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) SHOUTcast DSP Plug-in v2 (HKLM-x32\...\SHOUTcast) (Version: - ) Skype Web Plugin (HKLM-x32\...\{A51A9885-30AA-4736-BECA-5DB4BCB1A2EA}) (Version: 7.17.0.43 - Skype Technologies S.A.) Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Streamripper (Remove only) (HKLM-x32\...\Streamripper) (Version: - ) System Requirements Lab (HKLM-x32\...\{A92D0DBB-834A-4CAD-A434-F2232C692516}) (Version: 6.1.4.0 - Husdawg, LLC) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.23.24.1010 - Electronic Arts Inc.) Thunderbird-Tray (HKLM-x32\...\Thunderbird-Tray) (Version: 1.2 - Felix 'SniperBeamer' Geyer) Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0415-0000-0000000FF1CE}_Office15.PROPLUS_{905D709F-3A3E-46BB-B1D5-A7AA11430819}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3118281) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C4D388B3-8FB2-4633-A58E-285108713FB1}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3118281) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4D388B3-8FB2-4633-A58E-285108713FB1}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3118281) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0415-0000-0000000FF1CE}_Office15.PROPLUS_{C4D388B3-8FB2-4633-A58E-285108713FB1}) (Version: - Microsoft) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3482983258-164799655-2106577801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{5ed339e2-e6a7-576a-be70-fb9cdbdce50e}\InprocServer32 -> C:\Users\Gosik\AppData\Roaming\ytmediacenter\X64\npYoukuAgent_x64.dll (Youku) CustomCLSID: HKU\S-1-5-21-3482983258-164799655-2106577801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{8CE9991C-CC9B-42FA-85CF-BEFCB1F5DC30}\InprocServer32 -> C:\Users\Gosik\AppData\Local\SkypePlugin\7.17.0.43\GatewayActiveX-x64.dll (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-3482983258-164799655-2106577801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{AFD4369B-8A38-4407-882D-8297641DCFDF}\localserver32 -> C:\Users\Gosik\AppData\Local\SkypePlugin\7.17.0.43\GatewayVersion-x64.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-3482983258-164799655-2106577801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Gosik\AppData\Local\SkypePlugin\7.17.0.43\EdgeCalling.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-3482983258-164799655-2106577801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) CustomCLSID: HKU\S-1-5-21-3482983258-164799655-2106577801-1000_Classes\CLSID\{5ed339e2-e6a7-576a-be70-fb9cdbdce50e}\InprocServer32 -> C:\Users\Gosik\AppData\Roaming\ytmediacenter\X64\npYoukuAgent_x64.dll (Youku) CustomCLSID: HKU\S-1-5-21-3482983258-164799655-2106577801-1000_Classes\CLSID\{8CE9991C-CC9B-42FA-85CF-BEFCB1F5DC30}\InprocServer32 -> C:\Users\Gosik\AppData\Local\SkypePlugin\7.17.0.43\GatewayActiveX-x64.dll (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-3482983258-164799655-2106577801-1000_Classes\CLSID\{AFD4369B-8A38-4407-882D-8297641DCFDF}\localserver32 -> C:\Users\Gosik\AppData\Local\SkypePlugin\7.17.0.43\GatewayVersion-x64.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-3482983258-164799655-2106577801-1000_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Gosik\AppData\Local\SkypePlugin\7.17.0.43\EdgeCalling.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-3482983258-164799655-2106577801-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {100BBC42-3EE1-4D58-9D3E-A6EE4C94DD29} - System32\Tasks\UCBrowserUpdaterCore => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [2016-08-29] (UCWeb Inc) <==== UWAGA Task: {158C5FFE-308A-4BA0-BDA6-A9471C4AED22} - System32\Tasks\{CDCA162E-F6A4-4880-BD75-FDFACCA0C0DA} => d:\programy\opera new\launcher.exe [2016-10-03] (Opera Software) Task: {2F6264BE-F957-4501-AE3B-11D875E53EF7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {328DBF80-BFE3-4C3B-937E-8B96E417AE7C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe [2016-09-18] (Adobe Systems Incorporated) Task: {4EEF0780-AB23-41F7-8D17-999AA9825EB6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3482983258-164799655-2106577801-1000Core => C:\Users\Gosik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-26] (Facebook Inc.) Task: {53DE7D9D-A404-40FD-94D3-46018B6FEA52} - System32\Tasks\e-pity2013_kwiecien => C:\Program Files (x86)\e-file\e-pity2013\Assets\signxml.exe Task: {5BCC2F45-49A0-4E9C-A871-861EAE969E33} - System32\Tasks\CCleanerSkipUAC => D:\Programy\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd) Task: {60A69ECD-6907-4952-BBA0-C881A67667F2} - \KuaiZip_Update -> Brak pliku <==== UWAGA Task: {68D4A606-3292-4DBA-816D-EB2305D58C6A} - System32\Tasks\{ABC4B631-0358-4933-A3D9-BD92C1FE88FC} => pcalua.exe -a "C:\Program Files\SpaceSoundPro\uninstaller.exe" Task: {6B532A49-F47A-4087-BD7C-764DF1CF8088} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation) Task: {6BEFD3AC-3917-43E5-B66A-97356514D7AB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {7793F750-2167-4DBE-8E4D-B7246FD6B28B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated) Task: {837B338E-FE97-43C6-9B63-6761B84F679B} - System32\Tasks\Opera scheduled Autoupdate 1468837495 => D:\Programy\Opera new\launcher.exe [2016-10-03] (Opera Software) Task: {8F965AFE-2C4D-4470-8574-EDF7A962AD0F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-02] (Google Inc.) Task: {934830B3-A4A5-4DE1-B683-B92E71AE167B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {96DA1B98-ECB0-4C3A-B58E-55B771B4D512} - System32\Tasks\{D41DAA9D-88AF-4887-B359-328141C85A3B} => Firefox.exe hxxp://ui.skype.com/ui/0/7.6.80.105/pl/abandoninstall?page=tsMain Task: {BBFD4E37-00F9-4403-9466-0794D58329A7} - System32\Tasks\AdobeAAMUpdater-1.0-Gosik-Komputer-Gosik => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-05-05] (Adobe Systems Incorporated) Task: {C788EA13-FFA0-49EA-B86B-4BC9C6836014} - System32\Tasks\GoogleUpdateTaskMachineUA1d12edaa69f6da => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-02] (Google Inc.) Task: {CF47E87E-DB94-4BF4-8811-0E77469C6109} - System32\Tasks\{FBDCF4FA-24FE-4FAB-8BCF-DE38C24B3F6D} => pcalua.exe -a "C:\Program Files (x86)\Common Files\TonIn\uninstall.exe" -c shuz -f "C:\Program Files (x86)\Common Files\TonIn\uninstall.dat" -a uninstallme 7147DA3C-3E25-49ED-A333-CB18B96A90EF DeviceId=e8e07ed6-6970-ca2f-875b-857474d83ebf BarcodeId=51198003 ChannelId=3 DistributerName=APSFWakeNet Task: {D212025A-E027-407F-A577-4E0B455F35E7} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [2016-08-29] (UCWeb Inc) <==== UWAGA Task: {D8ED1986-034B-4852-8DB2-67406C192338} - System32\Tasks\e-pity2013_styczen => C:\Program Files (x86)\e-file\e-pity2013\Assets\signxml.exe Task: {DCAA441C-9EEF-486C-967D-D1BD0FA944BE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-18] (Adobe Systems Incorporated) Task: {DCC7937B-A3CF-4ED1-B66A-A20FAD2E9783} - System32\Tasks\GoogleUpdateTaskMachineCore1d12edaa2e7473 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-02] (Google Inc.) Task: {F4B4CA9E-1CE6-413C-B2E7-1B1F11ADD18A} - \Tergas Log -> Brak pliku <==== UWAGA Task: {F99F437E-5C77-43F6-B9AC-71242DAEFD33} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3482983258-164799655-2106577801-1000UA => C:\Users\Gosik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-26] (Facebook Inc.) Task: {FE7ECEDA-51E9-4822-844D-EA98C06DC6FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-02] (Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3482983258-164799655-2106577801-1000Core.job => C:\Users\Gosik\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3482983258-164799655-2106577801-1000UA.job => C:\Users\Gosik\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12edaa2e7473.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d12edaa69f6da.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== UWAGA Task: C:\Windows\Tasks\UCBrowserUpdaterCore.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== UWAGA ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\Gosik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\FRST\Quarantine\C\Users\Gosik\AppData\Roaming\HPStocker\HPStocker\StockerStarter.exe (Brak pliku) <===== Cyrillic Shortcut: C:\Users\Gosik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Users\Gosik\AppData\Roaming\HPStocker\StockerStarter.exe (Brak pliku) <===== Cyrillic Shortcut: C:\Users\Gosik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Ореrа Intеrnеt Вrоwsеr.lnk -> C:\Users\Gosik\AppData\Roaming\HPStocker\StockerStarter.exe (Brak pliku) <===== Cyrillic Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Users\Gosik\AppData\Roaming\HPStocker\StockerStarter.exe (Brak pliku) <===== Cyrillic Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ореrа.lnk -> C:\Users\Gosik\AppData\Roaming\HPStocker\StockerStarter.exe (Brak pliku) <===== Cyrillic ShortcutWithArgument: C:\Users\Gosik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\firefox.exe — skrót.lnk -> D:\Mozille\firefox.exe (Mozilla Corporation) -> hxxp://9o0gle.com/ ==================== Załadowane moduły (filtrowane) ============== 2016-10-09 22:57 - 2016-10-07 19:08 - 03786752 _____ () C:\ProgramData\Logic Handler\set.exe 2016-09-26 09:00 - 2016-09-28 10:08 - 00057856 _____ () C:\ProgramData\NetworkPacketManitor\Nettrans.exe 2016-08-11 15:44 - 2016-08-11 15:44 - 00170496 ____N () C:\Users\Gosik\AppData\Roaming\Hemkajdoa\Hemkajdoa.exe 2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2016-10-09 23:00 - 2016-10-09 23:00 - 00560768 _____ () C:\Program Files (x86)\KuaiZip\X64\KZipShell.dll 2016-10-09 23:01 - 2015-10-10 07:00 - 00707624 _____ () C:\Users\Gosik\AppData\Roaming\ytmediacenter\X64\cmc64.dll 2016-08-11 15:44 - 2016-08-11 15:44 - 00112128 ____N () C:\Users\Gosik\AppData\Roaming\Hemkajdoa\Sejheb.exe 2016-03-16 18:06 - 2016-03-16 18:06 - 46344704 _____ () C:\Program Files (x86)\ContentPush\app\bin\nw.exe 2016-10-09 23:03 - 2016-10-09 23:03 - 04813312 ____N () C:\Program Files (x86)\mpck\wincom_DWG.exe 2010-09-03 14:52 - 2010-09-03 14:52 - 00606208 _____ () C:\Program Files (x86)\ScreenShooter\screenshooter.exe 2016-10-09 23:00 - 2016-10-09 23:00 - 00216704 _____ () c:\program files (x86)\kuaizip\x86\kuaizipupdatechecker.dll 2016-10-09 23:05 - 2016-10-09 23:05 - 00219072 _____ () c:\program files\żěńą\x86\kuaizipupdatechecker.dll 2016-10-09 23:01 - 2016-10-09 23:01 - 00276480 _____ () c:\program files (x86)\drarush\ckofuycollector.dll 2013-11-05 22:37 - 2012-02-01 17:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2013-11-05 22:34 - 2012-07-18 12:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2016-08-11 15:45 - 2016-08-11 15:45 - 00258560 ____N () C:\Users\Gosik\AppData\Roaming\Hemkajdoa\Sejheb.dll 2009-01-10 12:32 - 2009-01-10 12:32 - 00011362 _____ () C:\Program Files (x86)\ScreenShooter\mingwm10.dll 2009-06-22 20:42 - 2009-06-22 20:42 - 00043008 _____ () C:\Program Files (x86)\ScreenShooter\libgcc_s_dw2-1.dll 2010-09-03 14:50 - 2010-09-03 14:50 - 02537472 _____ () C:\Program Files (x86)\ScreenShooter\QtCore4.dll 2010-08-31 11:49 - 2010-08-31 11:49 - 09812992 _____ () C:\Program Files (x86)\ScreenShooter\QtGui4.dll 2010-08-31 11:15 - 2010-08-31 11:15 - 01140224 _____ () C:\Program Files (x86)\ScreenShooter\QtNetwork4.dll 2010-08-31 15:36 - 2010-08-31 15:36 - 00287232 _____ () C:\Program Files (x86)\ScreenShooter\imageformats\qjpeg4.dll 2016-03-16 18:06 - 2016-03-16 18:06 - 01481728 _____ () C:\Program Files (x86)\ContentPush\app\bin\libglesv2.dll 2016-03-16 18:06 - 2016-03-16 18:06 - 00073728 _____ () C:\Program Files (x86)\ContentPush\app\bin\libegl.dll 2016-03-16 18:05 - 2016-03-16 18:05 - 01681224 _____ () C:\Program Files (x86)\ContentPush\app\bin\ffmpegsumo.dll 2016-10-10 09:46 - 2016-10-10 09:46 - 00018944 _____ () C:\Users\Gosik\AppData\Local\Temp\WPL55BD.tmp\ml_online.lng 2016-10-10 09:46 - 2016-10-10 09:46 - 00035328 _____ () C:\Users\Gosik\AppData\Local\Temp\WPL55BD.tmp\ombrowser.lng 2013-12-13 04:47 - 2013-12-13 04:47 - 00333824 _____ () D:\Programy\Winamp\Plugins\freeform\wacs\freetype\freetype.wac 2009-03-31 05:54 - 2009-03-31 05:54 - 00040960 _____ () D:\Programy\Winamp\Plugins\gen_sripper.dll 2016-10-06 13:39 - 2016-10-06 13:39 - 62461208 _____ () D:\Programy\Opera new\40.0.2308.81\opera.dll 2016-10-06 13:39 - 2016-10-06 13:38 - 01812760 _____ () D:\Programy\Opera new\40.0.2308.81\libglesv2.dll 2016-10-06 13:39 - 2016-10-06 13:38 - 00095000 _____ () D:\Programy\Opera new\40.0.2308.81\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData:NT [40] AlternateDataStreams: C:\ProgramData:NT2 [344] AlternateDataStreams: C:\Users\All Users:NT [40] AlternateDataStreams: C:\Users\All Users:NT2 [344] AlternateDataStreams: C:\ProgramData\Application Data:NT [40] AlternateDataStreams: C:\ProgramData\Application Data:NT2 [344] AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT [40] AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2 [344] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [344] AlternateDataStreams: C:\ProgramData\TEMP:15B79D44 [135] AlternateDataStreams: C:\ProgramData\TEMP:24721E3C [1888] AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118] AlternateDataStreams: C:\Users\Gosik\Dane aplikacji:NT [40] AlternateDataStreams: C:\Users\Gosik\Dane aplikacji:NT2 [344] AlternateDataStreams: C:\Users\Gosik\AppData\Roaming:NT [40] AlternateDataStreams: C:\Users\Gosik\AppData\Roaming:NT2 [344] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-3482983258-164799655-2106577801-1000\...\amazon.com -> hxxps://amazon.com IE trusted site: HKU\S-1-5-21-3482983258-164799655-2106577801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\amazon.com -> hxxps://amazon.com ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2016-10-09 23:14 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3482983258-164799655-2106577801-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gosik\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-3482983258-164799655-2106577801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Gosik\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 188.120.241.135 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk => C:\Windows\pss\CodecPackUpdateChecker.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Gosik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\Windows\pss\Facebook Messenger.lnk.Startup MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true MSCONFIG\startupreg: AQQ => D:\Programy\Aqq\WAPSTE~1\AQQ.exe MSCONFIG\startupreg: Badoo Desktop => C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe MSCONFIG\startupreg: CCleaner Monitoring => "D:\Programy\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: EasyTuneVI => C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe MSCONFIG\startupreg: Facebook Update => "C:\Users\Gosik\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" MSCONFIG\startupreg: Live! Central 3 => "C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe" /mode2 MSCONFIG\startupreg: Monitor => C:\Windows\Philips\SPC220NC\Monitor.exe MSCONFIG\startupreg: NoIE4StubProcessing => C:\Windows\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f MSCONFIG\startupreg: ooVoo.exe => C:\Program Files (x86)\ooVoo\oovoo.exe /minimized MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{E2ABE288-0596-469A-9837-2D2B1E73893D}D:\programy\aqq\wapster aqq\aqq.exe] => (Allow) D:\programy\aqq\wapster aqq\aqq.exe FirewallRules: [UDP Query User{BE7B28B3-DA45-4B70-A468-9368264D71A2}D:\programy\aqq\wapster aqq\aqq.exe] => (Allow) D:\programy\aqq\wapster aqq\aqq.exe FirewallRules: [TCP Query User{801F3BD6-4AF6-4E09-A350-CC2F9FF0EE31}D:\programy\sambc\sambc.exe] => (Allow) D:\programy\sambc\sambc.exe FirewallRules: [UDP Query User{BB4F7766-D460-4FA0-A752-8EF7F11F3411}D:\programy\sambc\sambc.exe] => (Allow) D:\programy\sambc\sambc.exe FirewallRules: [{F8DA36CB-F99E-46D5-BED2-BA81F186E29A}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{F6A31FAD-9221-43C3-9BAA-B2E22CF9363B}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{5BF79FD3-9AB9-470A-BB83-331E313C4AE8}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{4D0065B9-B4EF-4B4E-9F6B-9A142F15413A}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [TCP Query User{3D272178-4B73-4BE0-8B68-DEFE19D548D1}D:\programy\winamp\winamp.exe] => (Block) D:\programy\winamp\winamp.exe FirewallRules: [UDP Query User{8F6D122A-29F8-4172-AB70-9852099EE971}D:\programy\winamp\winamp.exe] => (Block) D:\programy\winamp\winamp.exe FirewallRules: [{97076F28-4CD1-44DF-8FBA-A49D54F07498}] => (Allow) D:\Programy\Winamp\winamp.exe FirewallRules: [{A753C7FC-7CDF-4ED5-B4D8-002CBCBB183B}] => (Allow) D:\Programy\Winamp\winamp.exe FirewallRules: [TCP Query User{7F12706D-D9FA-4CF7-8935-D9B54BBA5033}D:\programy\aqq\wapster aqq\aqq.exe] => (Allow) D:\programy\aqq\wapster aqq\aqq.exe FirewallRules: [UDP Query User{3E435408-0631-4C5F-8238-1C23EF448E9A}D:\programy\aqq\wapster aqq\aqq.exe] => (Allow) D:\programy\aqq\wapster aqq\aqq.exe FirewallRules: [{87CDC268-B589-4974-91A1-EA2F8B7E9C6D}] => (Allow) C:\Users\Gosik\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{08266916-30A5-4E4A-85AB-9D46E1584685}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{8D1266C7-D418-4506-B4AB-60C2F3C38D50}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{8DDBC0B9-F304-4731-97E6-5368BA4E4EAC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{8C27CBD3-1A86-4DF0-9C81-10761DEA0406}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{D36BECB0-DFAB-4874-80D0-933FDA1DC025}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{A063CA54-1C47-4BE9-90C7-156AA29E3EDA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{3DB4DE1A-2CEA-4354-973B-EFA2F1C42D1A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{6C00DEA5-9081-434F-98B0-ACC180AEA878}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{3850AF5B-79BC-4D50-969A-9EAC680EDE17}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{BBFA5888-46B2-4EDB-BDB0-DDEE773B2DC6}C:\users\gosik\appdata\local\skypeplugin\7.17.0.43\pluginhost.exe] => (Allow) C:\users\gosik\appdata\local\skypeplugin\7.17.0.43\pluginhost.exe FirewallRules: [UDP Query User{33CFA9E9-E017-42CE-BF80-595E4902E8BD}C:\users\gosik\appdata\local\skypeplugin\7.17.0.43\pluginhost.exe] => (Allow) C:\users\gosik\appdata\local\skypeplugin\7.17.0.43\pluginhost.exe FirewallRules: [{C9769E69-5A99-46C5-8F61-F2CF755D110C}] => (Allow) D:\Programy\Emulator\MEmu\MEmu.exe FirewallRules: [{C6E4DA15-1271-4974-8835-3AEC3F47C4EF}] => (Allow) D:\Programy\Emulator\MEmu\MEmu.exe FirewallRules: [{CE55C722-774F-408C-9FB3-F94C315A27A4}] => (Allow) D:\Mozille\firefox.exe FirewallRules: [{45B7ECF1-31E5-43F7-96A2-14DE8F8A5852}] => (Allow) D:\Mozille\firefox.exe FirewallRules: [{AA151106-AC96-40C6-A984-7BD22278BA4B}] => (Allow) D:\Origin\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{BEF3F2E9-4A19-431E-A47E-4289CFA1B9B8}] => (Allow) D:\Origin\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{9EA383BF-2EDA-450E-86B2-BF84C4062687}] => (Allow) D:\Origin\The Sims 4\Game\Bin\TS4_x64.exe FirewallRules: [{9C2E2A33-937E-481D-9B82-B8EACD46D937}] => (Allow) D:\Origin\The Sims 4\Game\Bin\TS4_x64.exe FirewallRules: [{96608B83-EED5-47BC-8529-D8B4AFA3AB8D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{7D66A711-F0B2-41F3-AAE8-FF57B2151003}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{D7FF42AF-ADE9-4ED7-89A3-5691604D5052}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{6CE554D5-E6F0-48B4-A929-0BE6F7B6E7FF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{8FA0AE61-3FA6-466C-B60F-A912BC5D3BE6}] => (Allow) C:\Users\Gosik\AppData\Roaming\youku\..\ytmediacenter\ikuacc.exe FirewallRules: [{3C1C8056-88D9-474A-BEA4-A54A3ED16310}] => (Allow) C:\Users\Gosik\AppData\Roaming\youku\..\ytmediacenter\ikuacc.exe FirewallRules: [{E409D07B-387C-4D38-959A-E9AEF386270C}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{DD2135D8-52B6-4804-A472-6A85F167AD81}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe ==================== Punkty Przywracania systemu ========================= 09-10-2016 14:42:21 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (10/09/2016 11:55:47 PM) (Source: FirebirdGuardianDefaultInstance) (EventID: 281) (User: ) Description: Event-ID 281 Error: (10/09/2016 11:42:52 PM) (Source: FirebirdGuardianDefaultInstance) (EventID: 281) (User: ) Description: Event-ID 281 Error: (10/09/2016 10:57:52 PM) (Source: MsiInstaller) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Product: Traffic Exchange -- Error 4106. An error was encountered while creating a scheduled task: 'Traffic Exchange.job'. Error description: Kod XML zadania zawiera wartość niepoprawnie sformatowaną lub spoza zakresu. Error: (10/09/2016 10:57:39 PM) (Source: MsiInstaller) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Product: Online.io Application -- Online.io Application cannot be installed on systems with less physical memory than 4096 MB. Error: (10/09/2016 10:57:04 PM) (Source: MsiInstaller) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Product: Traffic Exchange -- Error 4106. An error was encountered while creating a scheduled task: 'Traffic Exchange.job'. Error description: Kod XML zadania zawiera wartość niepoprawnie sformatowaną lub spoza zakresu. Error: (10/09/2016 10:56:52 PM) (Source: MsiInstaller) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Product: Online.io Application -- Online.io Application cannot be installed on systems with less physical memory than 4096 MB. Error: (08/09/2016 10:35:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: gta_sa.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x427101ca Nazwa modułu powodującego błąd: gta_sa.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x427101ca Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000dd5a3 Identyfikator procesu powodującego błąd: 0x141c Godzina uruchomienia aplikacji powodującej błąd: 0x01d1f27d96681698 Ścieżka aplikacji powodującej błąd: D:\GTA SA\GTA San Andreas\gta_sa.exe Ścieżka modułu powodującego błąd: D:\GTA SA\GTA San Andreas\gta_sa.exe Identyfikator raportu: e0a98a46-5e70-11e6-a334-94de806b0f1d Error: (08/09/2016 09:21:32 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {1e28a481-3d04-40c3-bac9-764be6f65afa} Error: (07/27/2016 07:42:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: TS4_x64.exe, wersja: 1.21.40.1020, sygnatura czasowa: 0x57893289 Nazwa modułu powodującego błąd: TS4_x64.exe, wersja: 1.21.40.1020, sygnatura czasowa: 0x57893289 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000ea6739 Identyfikator procesu powodującego błąd: 0xba4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d1e804e197c155 Ścieżka aplikacji powodującej błąd: D:\Origin\The Sims 4\Game\Bin\TS4_x64.exe Ścieżka modułu powodującego błąd: D:\Origin\The Sims 4\Game\Bin\TS4_x64.exe Identyfikator raportu: 810777f0-5421-11e6-845b-94de806b0f1d Error: (07/24/2016 02:08:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: TS4_x64.exe, wersja: 1.21.37.1020, sygnatura czasowa: 0x57893289 Nazwa modułu powodującego błąd: TS4_x64.exe, wersja: 1.21.37.1020, sygnatura czasowa: 0x57893289 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000e92b99 Identyfikator procesu powodującego błąd: 0x14ac Godzina uruchomienia aplikacji powodującej błąd: 0x01d1e5946df590e7 Ścieżka aplikacji powodującej błąd: D:\Origin\The Sims 4\Game\Bin\TS4_x64.exe Ścieżka modułu powodującego błąd: D:\Origin\The Sims 4\Game\Bin\TS4_x64.exe Identyfikator raportu: 64ef8170-5197-11e6-bea3-94de806b0f1d Dziennik System: ============= Error: (10/10/2016 09:35:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (10/10/2016 09:35:42 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (10/10/2016 09:34:51 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 00:20:10 na ‎2016-‎10-‎10 było nieoczekiwane. Error: (10/10/2016 12:15:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Firebird Guardian - DefaultInstance niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/10/2016 12:15:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Background Logic Handler niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/10/2016 12:15:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Adobe Genuine Software Integrity Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/10/2016 12:15:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa AdobeUpdateService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/10/2016 12:15:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Adobe Acrobat Update Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/10/2016 12:15:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/10/2016 12:06:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. CodeIntegrity: =================================== Date: 2016-10-09 23:08:19.825 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-09 23:08:17.911 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-09 23:08:16.143 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-09 23:08:15.649 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-09 23:08:14.722 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-09 23:08:14.035 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-09 23:08:13.953 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-09 23:08:13.850 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system. Date: 2016-08-08 11:53:56.894 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Gosik\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-08-08 11:53:56.856 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Gosik\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz Procent pamięci w użyciu: 77% Całkowita pamięć fizyczna: 3971.2 MB Dostępna pamięć fizyczna: 907.54 MB Całkowita pamięć wirtualna: 7940.59 MB Dostępna pamięć wirtualna: 4496.04 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:100 GB) (Free:23.18 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: (Dysk lokalny D) (Fixed) (Total:198.09 GB) (Free:32.29 GB) NTFS Drive g: (GTA_SAN_ANDREAS) (CDROM) (Total:3.94 GB) (Free:0 GB) UDF ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 4B120E5F) Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=198.1 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================