Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 23-04-2017 01 Uruchomiony przez BM (24-04-2017 16:37:40) Uruchomiony z D:\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2012-04-16 11:37:38) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2949551511-373755211-1111318044-500 - Administrator - Disabled) BM (S-1-5-21-2949551511-373755211-1111318044-1000 - Administrator - Enabled) => C:\Users\BM Gość (S-1-5-21-2949551511-373755211-1111318044-501 - Limited - Disabled) => C:\Users\Gość HomeGroupUser$ (S-1-5-21-2949551511-373755211-1111318044-1227 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 15.12 (HKLM-x32\...\{23170F69-40C1-2701-1512-000001000000}) (Version: 15.12.00.0 - Igor Pavlov) 7-Zip 16.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated) Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 3.3 64-bit (HKLM\...\{CFFF260C-F510-45BB-8F8E-1D4AC1232786}) (Version: 3.3.1 - Adobe) Adobe Photoshop Lightroom 5.2 64-bit (HKLM\...\{54E6C675-3AD4-42E4-957F-31666ABF1603}) (Version: 5.2.1 - Adobe) Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden AllDup 3.4.13 (HKLM-x32\...\AllDup_is1) (Version: 3.4.13 - Michael Thummerer Software Design) Arles Image Web Page Creator 4.94 (HKLM-x32\...\Arles Image Web Page Creator_is1) (Version: 4.94 - Digital Dutch) ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.) ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - ) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.3.2291 - AVAST Software) BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.7.0 - BitTorrent Inc.) Bullzip PDF Printer 10.25.0.2552 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.25.0.2552 - Bullzip) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - ) Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Canon RAW Codec (HKLM-x32\...\Canon RAW Codec) (Version: 1.9.0.73 - Canon Inc.) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.) Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.) Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.12.51.2 - Canon Inc.) Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.) Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.12.2.1 - Canon Inc.) Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.2.1.13 - Canon Inc.) Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.0.0.3 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.) Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.12.2.0 - Canon Inc.) Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.) Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.) CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version: - ) CD-Tag 2.27 (HKLM-x32\...\CD-Tag_is1) (Version: 2.27 - Jud White) Centrum obsługi urządzeń z systemem Windows Mobile — aktualizacja sterowników (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation) Centrum obsługi urządzeń z systemem Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) CollageIt 1.9.5 (HKLM-x32\...\{D9757258-30B2-496E-86F2-84920C5858E1}_is1) (Version: 1.9.5 - PearlMountain Technology Co., Ltd) Detektor Winampa (HKU\S-1-5-21-2949551511-373755211-1111318044-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Dropbox (HKU\S-1-5-21-2949551511-373755211-1111318044-1000\...\Dropbox) (Version: 24.4.16 - Dropbox, Inc.) Easy Color Basic 3.0 (HKLM-x32\...\Colorland.pl_Easy Color Basic 3.0) (Version: - ) ElitBook DESIGNER (HKLM-x32\...\FotoElita_ElitBook DESIGNER) (Version: - ) empressia (HKLM-x32\...\empresse_empressia) (Version: - ) EOSInfo (HKLM-x32\...\{CC23FF9A-989C-4DEB-8970-50E6E4862315}) (Version: 0.2.0 - astrojargon.net) Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology) Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FastStone Image Viewer 6.2 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.2 - FastStone Soft) FileZilla Client 3.24.1 (HKLM-x32\...\FileZilla Client) (Version: 3.24.1 - Tim Kosse) FormatFactory 2.96 (HKLM-x32\...\FormatFactory) (Version: 2.96 - Free Time) Free DWG Viewer 7.1 (HKLM-x32\...\{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}) (Version: 7.1 - IGC) Free Monitor for Google 2.5 (HKLM-x32\...\Free Monitor for Google_is1) (Version: - CleverStat) FreeFileSync 7.1 (HKLM-x32\...\FreeFileSync) (Version: 7.1 - www.FreeFileSync.org) GG (HKU\S-1-5-21-2949551511-373755211-1111318044-1000\...\GG) (Version: 11 - GG Network S.A.) Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden Gramblr (HKLM\...\Gramblr) (Version: 2.0.0 - Gramblr Team) GstarCAD 2012 Standard(12.0.0.1) (HKLM-x32\...\GstarCAD 2012 Standard) (Version: - ) HxD Hex Editor wersja 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan) Jasc Paint Shop Pro 9 (HKLM-x32\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.00.0000 - Jasc Software Inc) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation) jEdit 4.5.1 (HKLM\...\jEdit_is1) (Version: 4.5.1 - Contributors) KrukBook Album Maker (HKLM-x32\...\KrukBook_KrukBook Album Maker) (Version: - ) LG United Mobile Drivers (HKLM-x32\...\{F193D8D7-3D5E-4DB5-A74C-F8CD5378EE7B}) (Version: 3.12.3.0 - LG Electronics) LightScribe System Software (HKLM-x32\...\{3744B641-61DE-417F-BCDC-9CCED4224DF8}) (Version: 1.18.13.1 - LightScribe) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1047 - Marvell) Menu Templates - Starter Kit (x32 Version: 9.6.0.0 - Nero AG) Hidden Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Movie Templates - Starter Kit (x32 Version: 9.6.0.0 - Nero AG) Hidden MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 52.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 pl)) (Version: 52.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2.6291 - Mozilla) Mozilla Thunderbird 45.8.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 pl)) (Version: 45.8.0 - Mozilla) Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich) MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 9 Essentials (HKLM-x32\...\{4399de31-bd70-4033-ab6f-29a9cfdae545}) (Version: - Nero AG) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) Notatnik SP, ver 4.1 (HKLM-x32\...\Notatnik SP_is1) (Version: - HAKGERSoft) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.2 - ) Ontrack EasyRecovery Professional (HKLM-x32\...\{668CC71A-C2AD-4D56-866D-CF300BD1D5BE}_is1) (Version: 11.5.0.2 - Kroll Ontrack Inc.) OSCAR Editor (x32 Version: 12.03.0004 - A4TECH) Hidden Panel sterowania NVIDIA 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.4.0 - pdfforge GmbH) Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation) popcolor PHOTO 3.0 (HKLM-x32\...\popcolor PHOTO_is1) (Version: - popcolor PHOTO) PowerWalker-WinPower (HKLM-x32\...\PowerWalker-WinPower) (Version: 4.2.0.1 - ) ProShow Gold (HKLM-x32\...\ProShow Gold) (Version: - Photodex Corporation) Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.31.0 - Ralink) Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.) RescuePRO 3.3 (HKLM-x32\...\RescuePRO-3.0) (Version: - ) SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14034.17 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.14034.17 - Samsung Electronics Co., Ltd.) Hidden Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.) Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH) TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc) Wise Disk Cleaner 9.31 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 9.31 - WiseCleaner.com, Inc.) Wise Registry Cleaner 9.31 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 9.31 - WiseCleaner.com, Inc.) X7 Oscar Editor (HKLM-x32\...\InstallShield_{3C2379D2-337A-4FFA-9017-BDFB80EC0931}) (Version: 12.03.0004 - A4TECH) XnView 1.99.5 (HKLM-x32\...\XnView_is1) (Version: 1.99.5 - Gougelet Pierre-e) ZTE_1.2059.0.8 (HKLM-x32\...\ZTE_1.2059.0.8) (Version: - ) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\BM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2949551511-373755211-1111318044-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\BM\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {10993EC2-50A2-453D-B5F4-901CF7F29BD4} - System32\Tasks\AdobeAAMUpdater-1.0-BM-Komputer-BM => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated) Task: {10D74290-48CD-47E5-B19B-2C0E20D66592} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {123E2A75-4B15-4819-88C7-BD62AB772FEA} - System32\Tasks\{AEF5E459-AA1A-493C-B191-2821CBB53151} => Firefox.exe hxxps://ui.skype.com/ui/0/7.33.0.104/pl/abandoninstall?source=lightinstaller&page=tsMain Task: {408E0483-DD9A-4336-96E4-0B722D08F662} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated) Task: {5E3BE2A2-870E-4C1E-A069-9B057902D5C4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2949551511-373755211-1111318044-1000UA => C:\Users\BM\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {6222268C-0896-4E0D-95F5-000380BBABF5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-04-04] (AVAST Software) Task: {862D4007-EA4F-46C6-A3E7-027D9062DA23} - System32\Tasks\{91B671DD-8AD6-44D8-B52F-3A1EF73273A7} => pcalua.exe -a D:\Downloads\KrukBook_setup.exe -d D:\Downloads Task: {8D471B7B-D35F-4B2D-87FC-0C9E5892081B} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation) Task: {8F8E0E8B-D236-41AC-8992-CB06CC4F3852} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {A9E2ACA9-E77A-469E-94E7-803C279ED491} - System32\Tasks\SafeZone scheduled Autoupdate 1458376387 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software) Task: {C5BC4D4C-8829-4C73-BEB3-493BCA33D9F4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-12] (Adobe Systems Incorporated) Task: {D4FEC410-DB5B-44CF-AA80-85DD1B6DB61C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-13] (AVAST Software) Task: {EBEBC766-1D8F-4BFC-8B53-10259055FDA5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2949551511-373755211-1111318044-1000Core => C:\Users\BM\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2949551511-373755211-1111318044-1000Core.job => C:\Users\BM\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2949551511-373755211-1111318044-1000UA.job => C:\Users\BM\AppData\Local\Dropbox\Update\DropboxUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\BM\Desktop\Language.lnk -> C:\Program Files (x86)\RescuePRO\language.bat () ==================== Załadowane moduły (filtrowane) ============== 2014-01-02 23:29 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-02-21 23:09 - 2017-02-21 23:09 - 00052392 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2012-11-09 12:18 - 2012-11-09 12:18 - 00034304 _____ () C:\Windows\System32\xrxs1l6.dll 2012-03-20 11:59 - 2012-03-20 11:59 - 03340288 _____ () C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe 2013-05-09 12:21 - 2013-01-29 19:56 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe 2012-04-17 20:54 - 2013-04-11 00:18 - 00186760 _____ () C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe 2017-04-04 15:47 - 2017-04-04 15:47 - 00162024 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll 2017-04-04 15:47 - 2017-04-04 15:47 - 00790544 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll 2017-04-04 15:47 - 2017-04-04 15:47 - 00275776 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll 2015-10-21 11:31 - 2015-11-10 12:05 - 10753616 _____ () C:\Program Files\Gramblr\gramblr.exe 2017-04-04 15:47 - 2017-04-04 15:47 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-04-04 15:47 - 2017-04-04 15:47 - 00176480 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-04-24 14:31 - 2017-04-24 14:31 - 05917184 _____ () C:\Program Files\AVAST Software\Avast\defs\17042400\algo.dll 2017-04-04 15:47 - 2017-04-04 15:47 - 00653520 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-04-04 15:47 - 2017-04-04 15:47 - 00230632 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2010-12-02 17:56 - 2010-12-02 17:56 - 00815104 _____ () C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\OSD_Text\OSD_Text.dll 2011-01-09 20:45 - 2011-01-09 20:45 - 00088064 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_MouseDeviceManager.dll 2012-02-07 11:20 - 2012-02-07 11:20 - 02413568 _____ () C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\ScreenCapture\ScreenCapture.dll 2011-03-21 19:33 - 2011-03-21 19:33 - 00999424 _____ () C:\Program Files (x86)\OSCAR Editor X7\Data\X7\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll 2010-09-20 14:18 - 2010-09-20 14:18 - 00085504 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_ZoomControl.dll 2010-09-20 14:18 - 2010-09-20 14:18 - 00054272 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_ScrollbarControl.dll 2011-04-12 15:14 - 2011-04-12 15:14 - 00063488 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_AnalyzeGesturesInRight.dll 2010-11-01 20:16 - 2010-11-01 20:16 - 00062976 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_AnalyzeGesturesInOne.dll 2011-08-10 13:43 - 2011-08-10 13:43 - 00118272 _____ () C:\Program Files (x86)\OSCAR Editor X7\DLL\DLL_Wheel4D.dll 2016-09-08 23:36 - 2016-09-08 23:36 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-04-04 15:47 - 2017-04-04 15:47 - 00293936 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-01-30 13:52 - 2017-01-30 13:52 - 01926632 ____R () C:\Program Files (x86)\Skype\Phone\roottools.dll 2013-05-09 12:21 - 2013-01-29 19:45 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll 2017-04-20 19:33 - 2017-04-17 17:09 - 00870720 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll 2015-12-12 22:06 - 2017-03-29 01:54 - 00035792 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd 2015-12-12 22:06 - 2017-03-29 01:54 - 00100296 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\_ctypes.pyd 2015-12-12 22:06 - 2017-03-29 01:54 - 00018888 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\select.pyd 2015-12-12 22:06 - 2017-04-17 17:13 - 00019776 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 00020824 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd 2015-12-12 22:06 - 2017-03-29 01:54 - 00123856 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd 2015-12-12 22:06 - 2017-03-29 01:54 - 00694224 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\unicodedata.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 01729360 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 00020816 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd 2017-04-20 19:33 - 2017-03-29 01:54 - 00145864 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\pyexpat.pyd 2017-04-20 19:33 - 2017-03-29 01:54 - 00019408 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\faulthandler.pyd 2017-04-20 19:33 - 2017-03-29 01:54 - 00116688 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\pywintypes27.dll 2015-12-12 22:06 - 2017-03-29 01:56 - 00105928 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\win32api.pyd 2016-08-07 11:36 - 2017-04-17 17:13 - 00022864 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 00060736 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 00038712 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\fastpath.pyd 2015-12-12 22:06 - 2017-03-29 01:56 - 00024528 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\win32event.pyd 2017-04-20 19:33 - 2017-03-29 01:54 - 00392656 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\pythoncom27.dll 2017-04-20 19:33 - 2017-03-29 01:56 - 00020936 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\mmapfile.pyd 2015-12-12 22:06 - 2017-03-29 01:56 - 00116176 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\win32security.pyd 2015-12-12 22:06 - 2017-04-17 17:13 - 00392512 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd 2015-12-12 22:06 - 2017-03-29 01:56 - 00124880 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\win32file.pyd 2016-08-07 11:36 - 2017-04-17 17:14 - 00026456 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd 2015-12-12 22:06 - 2017-03-29 01:56 - 00024016 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\win32clipboard.pyd 2015-12-12 22:06 - 2017-03-29 01:56 - 00175560 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\win32gui.pyd 2015-12-12 22:06 - 2017-03-29 01:56 - 00030160 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\win32pipe.pyd 2015-12-12 22:06 - 2017-03-29 01:56 - 00043472 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\win32process.pyd 2015-12-12 22:06 - 2017-03-29 01:56 - 00048592 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\win32service.pyd 2015-12-12 22:06 - 2017-03-29 01:56 - 00057808 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\win32evtlog.pyd 2015-12-12 22:06 - 2017-03-29 01:56 - 00024016 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\win32profile.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 00246608 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 00027488 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-08-07 11:36 - 2017-03-29 01:55 - 00241104 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\_jpegtran.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 00022336 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd 2015-12-12 22:06 - 2017-04-17 17:14 - 00025432 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd 2015-12-12 22:06 - 2017-03-29 01:56 - 00028616 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\win32ts.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 01826104 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd 2015-12-12 22:06 - 2017-03-29 01:54 - 00083912 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\sip.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 01972024 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 03928896 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 00171336 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 00042816 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 00531264 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 00133432 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 00224064 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 00207680 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd 2015-12-12 22:06 - 2017-03-29 01:56 - 00060880 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\win32print.pyd 2017-02-28 11:46 - 2017-04-17 17:14 - 00054608 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd 2017-01-24 10:50 - 2017-04-17 17:14 - 00022864 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd 2017-01-24 10:50 - 2017-04-17 17:13 - 00022872 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2017-01-24 10:50 - 2017-04-17 17:14 - 00021848 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd 2017-01-24 10:50 - 2017-04-17 17:14 - 00022872 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd 2015-12-12 22:06 - 2017-03-29 01:56 - 00349128 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\winxpgui.pyd 2016-02-12 17:09 - 2017-04-17 17:14 - 00023896 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 00025936 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd 2017-04-20 19:33 - 2017-03-29 01:52 - 00036296 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\librsync.dll 2017-04-20 19:33 - 2017-04-17 17:13 - 00084288 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL 2016-07-12 00:16 - 2017-04-17 17:13 - 00030536 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd 2017-04-20 19:33 - 2017-03-29 02:00 - 00017864 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\libEGL.dll 2017-04-20 19:33 - 2017-03-29 02:00 - 01631184 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2017-04-20 19:33 - 2017-04-17 17:13 - 00357688 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd 2016-08-07 11:36 - 2017-04-17 17:14 - 00026456 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd 2017-04-20 19:33 - 2017-04-17 17:13 - 00546104 _____ () C:\Users\BM\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd 2014-01-28 14:33 - 2014-01-28 14:33 - 00077824 _____ () C:\Program Files (x86)\MonitorSoftware\TrayIcon12.dll 2014-01-28 14:33 - 2014-01-28 14:33 - 00045056 _____ () C:\Program Files (x86)\MonitorSoftware\jspWin.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2015-01-20 01:07 - 2017-01-29 21:19 - 00001313 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 activate.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 wykop.pl 127.0.0.1 www.wykop.pl ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2949551511-373755211-1111318044-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\BM\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 217.172.224.160 - 89.231.1.206 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{392BE518-F2FC-44AD-B765-C360D7638077}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{A3F06B38-90AB-4007-AEDA-36682E352ACE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{039AAC96-71B4-42F3-8E1D-12DCA37B2925}C:\users\bm\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\bm\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{E89963B0-9C3A-4E22-9BE8-3AF97CD819D0}C:\users\bm\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\bm\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{B5B4CADD-2C89-407D-A900-F93F9711DABF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{11A2235A-A77A-436D-956A-2830B586514F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{C522F4A7-065C-499E-A414-3ECF8FE0CEDC}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{517A5D5C-393B-4F08-A40B-C4DED26DA5A4}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe FirewallRules: [TCP Query User{FE324FC7-D9A3-48E9-8D07-B0543D57F2DC}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{CF91C1F9-A12C-4476-8482-E0F5B45D5525}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe FirewallRules: [TCP Query User{109F0E60-8E18-4E82-A87F-53964B32163C}C:\program files (x86)\bittorrent\bittorrent.exe] => (Allow) C:\program files (x86)\bittorrent\bittorrent.exe FirewallRules: [UDP Query User{739C80EE-7991-4954-85FF-06A29EB18561}C:\program files (x86)\bittorrent\bittorrent.exe] => (Allow) C:\program files (x86)\bittorrent\bittorrent.exe FirewallRules: [TCP Query User{4622A393-A404-48FA-9466-70F6FB0D05DE}C:\users\bm\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\bm\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{D06CEC9E-9E82-42FC-B7DD-3F9DF732015F}C:\users\bm\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\bm\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{F1C25A3F-A734-4973-9D58-9D40FC5FDDC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{51E31BA4-2B7E-4638-818C-AE9DA9444507}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{A2820A13-32A7-4C6E-B293-1004571E35F7}C:\krukbook\mpr500 pro 5\albummaker.exe] => (Allow) C:\krukbook\mpr500 pro 5\albummaker.exe FirewallRules: [UDP Query User{32F30EFB-80B9-4C1F-AE94-EBCD27BE494A}C:\krukbook\mpr500 pro 5\albummaker.exe] => (Allow) C:\krukbook\mpr500 pro 5\albummaker.exe FirewallRules: [TCP Query User{CE63AB86-5E5D-422C-8E52-9999071139B2}C:\temp\update manager.exe] => (Allow) C:\temp\update manager.exe FirewallRules: [UDP Query User{D71FAAFE-8655-4291-A848-B41B2CACD316}C:\temp\update manager.exe] => (Allow) C:\temp\update manager.exe FirewallRules: [TCP Query User{9EB9A134-69B6-4344-9044-4EEC92220C26}C:\program files (x86)\monitorsoftware\jre\bin\javaw.exe] => (Block) C:\program files (x86)\monitorsoftware\jre\bin\javaw.exe FirewallRules: [UDP Query User{BB6D37C6-128D-4F31-8B1C-96E475149453}C:\program files (x86)\monitorsoftware\jre\bin\javaw.exe] => (Block) C:\program files (x86)\monitorsoftware\jre\bin\javaw.exe FirewallRules: [{9967CDEB-B8C8-4FCD-B88A-4730AD4156A7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{7C5DF9D2-3982-44AB-BFB4-D6A5E10FB88F}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590_0\SZBrowser.exe FirewallRules: [{BDE93489-B480-4129-9B7B-115E7B89345F}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe ==================== Punkty Przywracania systemu ========================= 20-04-2017 13:01:28 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (04/24/2017 04:37:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ZARZĄDZANIE NT) Description: Nie można odczytać ciągów licznika wydajności zdefiniowanych dla identyfikatora języka 015. Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu Win32. Error: (04/24/2017 04:37:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ZARZĄDZANIE NT) Description: Nie można odczytać ciągów licznika wydajności zdefiniowanych dla identyfikatora języka 015. Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu Win32. Error: (04/24/2017 04:35:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: gramblr.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x56415f71 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7601.23714, sygnatura czasowa: 0x58bf89e8 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000001819e Identyfikator procesu powodującego błąd: 0x864 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2bd079dea2d00 Ścieżka aplikacji powodującej błąd: C:\Program Files\Gramblr\gramblr.exe Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: 384087ee-28fb-11e7-9569-002522a435c0 Error: (04/24/2017 02:34:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ZARZĄDZANIE NT) Description: Nie można odczytać ciągów licznika wydajności zdefiniowanych dla identyfikatora języka 015. Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu Win32. Error: (04/24/2017 02:34:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ZARZĄDZANIE NT) Description: Nie można odczytać ciągów licznika wydajności zdefiniowanych dla identyfikatora języka 015. Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu Win32. Error: (04/24/2017 09:39:40 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ZARZĄDZANIE NT) Description: Nie można odczytać ciągów licznika wydajności zdefiniowanych dla identyfikatora języka 015. Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu Win32. Error: (04/24/2017 09:39:40 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ZARZĄDZANIE NT) Description: Nie można odczytać ciągów licznika wydajności zdefiniowanych dla identyfikatora języka 015. Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu Win32. Error: (04/24/2017 07:08:52 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: gramblr.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x56415f71 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7601.23714, sygnatura czasowa: 0x58bf89e8 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000000181ed Identyfikator procesu powodującego błąd: 0x888 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2bcb774a88742 Ścieżka aplikacji powodującej błąd: C:\Program Files\Gramblr\gramblr.exe Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: 1b186e0f-28ac-11e7-b3bd-002522a435c0 Error: (04/24/2017 07:04:06 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ZARZĄDZANIE NT) Description: Nie można odczytać ciągów licznika wydajności zdefiniowanych dla identyfikatora języka 015. Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu Win32. Error: (04/24/2017 07:04:06 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ZARZĄDZANIE NT) Description: Nie można odczytać ciągów licznika wydajności zdefiniowanych dla identyfikatora języka 015. Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu Win32. Dziennik System: ============= Error: (04/24/2017 04:35:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Connectivity Manager for Gramblr niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 500 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (04/24/2017 04:33:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (04/24/2017 04:32:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi VBoxAsw Support Driver z powodu następującego błędu: System nie może odnaleźć określonej ścieżki. Error: (04/24/2017 04:32:24 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Inicjowanie zrzutu awaryjnego nie powiodło się! Error: (04/24/2017 04:01:13 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {F9717507-6651-4EDB-BFF7-AE615179BCCF} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (04/24/2017 02:31:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (04/24/2017 02:30:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi VBoxAsw Support Driver z powodu następującego błędu: System nie może odnaleźć określonej ścieżki. Error: (04/24/2017 09:59:52 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {F9717507-6651-4EDB-BFF7-AE615179BCCF} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (04/24/2017 09:35:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Wstępne ładowanie do pamięci zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (04/24/2017 09:34:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi VBoxAsw Support Driver z powodu następującego błędu: System nie może odnaleźć określonej ścieżki. CodeIntegrity: =================================== Date: 2013-04-12 20:47:20.636 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:20.558 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:18.469 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:18.392 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:16.277 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:16.200 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:14.111 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:14.032 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:11.923 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-04-12 20:47:11.848 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz Procent pamięci w użyciu: 40% Całkowita pamięć fizyczna: 8174.7 MB Dostępna pamięć fizyczna: 4903.86 MB Całkowita pamięć wirtualna: 16747.57 MB Dostępna pamięć wirtualna: 13406.23 MB ==================== Dyski ================================ Drive c: (SSD) (Fixed) (Total:111.79 GB) (Free:14.87 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: (TYSIAK) (Fixed) (Total:931.51 GB) (Free:148.96 GB) NTFS Drive g: (750GB_2014) (Fixed) (Total:698.64 GB) (Free:37.59 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 8062B151) Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 698.6 GB) (Disk ID: 0113D8EB) Partition 1: (Active) - (Size=698.6 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 7802A13C) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================