Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 03-11-2016 Uruchomiony przez admin (04-11-2016 08:36:18) Uruchomiony z H:\ Windows 10 Pro Wersja 1607 (X64) (2016-08-13 01:55:12) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= admin (S-1-5-21-614712798-1326563053-3043147688-1006 - Administrator - Enabled) => C:\Users\admin Administrator (S-1-5-21-614712798-1326563053-3043147688-500 - Administrator - Disabled) Gość (S-1-5-21-614712798-1326563053-3043147688-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-614712798-1326563053-3043147688-1008 - Limited - Disabled) Konto domyślne (S-1-5-21-614712798-1326563053-3043147688-503 - Limited - Disabled) Zibi (S-1-5-21-614712798-1326563053-3043147688-1002 - Limited - Enabled) => C:\Users\Zibi ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Norton Security z kopią zapasową (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Security z kopią zapasową (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Norton Security z kopią zapasową (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-614712798-1326563053-3043147688-1006\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.11.3.5 (Version: 2.11.3.5 - NVIDIA Corporation) Hidden ASUS Wireless Router Firmware Restoration Utility (HKLM-x32\...\{8CA9C449-C551-4DA2-A423-F0F62E6A04CB}) (Version: 2.0.0.0 - ASUS) Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.210.0 - Autodesk) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bullzip PDF Printer 10.12.0.2361 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.12.0.2361 - Bullzip) ChomikBox (HKLM-x32\...\{71736AF6-BA4B-4F3C-8496-C325B97869BA}) (Version: 2.0.8.1 - Chomikuj.pl) CMMS Maszyna NG 7 w wersji demo (HKLM-x32\...\CMMS MASZYNA NG 7, wersja demonstracyjna_is1) (Version: - Neuron) Communication Module Runtime 1.0.1510.1502 (HKLM-x32\...\Communication Module Runtime_is1) (Version: - Danfoss Drives A/S) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) DWG TrueView 2015 - English (Version: 20.0.210.0 - Autodesk) Hidden Easton Shaft Selector 2011 (HKLM-x32\...\{4E1D8BA5-731F-4810-AA7B-0ADEF9660CDE}_is1) (Version: - Easton Technical Products) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.3 - Lenovo) Energy Management (x32 Version: 8.0.2.3 - Lenovo) Hidden FreeMouseAutoClicker 3.7 (HKLM-x32\...\{292F00C5-25EF-4FBE-9873-13EF1F69DEED}_is1) (Version: - Advanced Mouse Auto Clicker ltd.) Gadu-Gadu 10 (HKLM-x32\...\Gadu-Gadu 10) (Version: - GG Network S.A.) GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5228 - Gretech Corporation) HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version: - ) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.13.49 - Huawei Technologies Co.,Ltd) JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.71.1 - JMicron Technology Corp.) K-Lite Mega Codec Pack 11.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - ) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1519 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.1519 - CyberLink Corp.) Hidden Mathcad 15 F000 (HKLM-x32\...\{DC8F6C78-7231-44A2-B66E-6C4FCB3A3364}) (Version: 15.0.0.0 - PTC) Mathcad PDSi viewable support (HKLM-x32\...\Mathcad PDSi viewable support) (Version: 9.0.0 - Adobe Systems) Mathcad PDSi viewable support (x32 Version: 9.0.0 - Adobe Systems) Hidden MCT 10 Set-up Software (HKLM-x32\...\{1ADAC261-0A9B-4672-A048-A423F5ACA4D2}) (Version: 3.25.2980 - Danfoss Drives) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - pl-pl (HKLM\...\ProPlusRetail - pl-pl) (Version: 16.0.7369.2038 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Might and Magic Heroes VII wersja 1.0.0.0 (HKLM-x32\...\Might and Magic Heroes VII_is1) (Version: 1.0.0.0 - GTX Box Team) Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.27.00.264 - Huawei Technologies Co.,Ltd) Mozilla Firefox 49.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 pl)) (Version: 49.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla) Mozilla Thunderbird 45.4.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 45.4.0 (x86 pl)) (Version: 45.4.0 - Mozilla) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC) Norton Security with Backup (HKLM-x32\...\NSBU) (Version: 22.8.0.50 - Symantec Corporation) NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NVIDIA Sterownik graficzny 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.22 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1016 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo) Pakiet sterowników systemu Windows - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo) Panel sterowania NVIDIA 368.22 (Version: 368.22 - NVIDIA Corporation) Hidden Pazera Free MP4 to AVI Converter 1.9 (HKLM-x32\...\{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1) (Version: 1.9 - Jacek Pazera) PITy2015 IPS 1.7 kompilacja:1.7.3.9 (HKLM-x32\...\PITy2015IPS_is1) (Version: - IPS Przedsiębiorstwo Informatyczne) Polar FlowSync wersja 2.6.2 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.6.2 - Polar Electro Oy) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Polski VAG 4.9 (HKLM-x32\...\{D31E6192-5790-4AB4-852B-1153205AE653}_is1) (Version: 4.9 - www.obd2.pl) PowerLog Classic 4.4 (HKLM-x32\...\PowerLog Classic) (Version: 4.4 - Fluke Corporation) 'PTC Places' Namespace Shell Extension (HKLM-x32\...\{C65ABF2A-1B82-4F34-8C74-E4FE373F3BE4}) (Version: 1.1.11 - PTC) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7586 - Realtek Semiconductor Corp.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - ) Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SuperMemo UX - Angielski. No problem!+ 1 (HKLM-x32\...\SuperMemo UX - Angielski. No problem!+ 1) (Version: - ) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated) SystemTL+ (HKLM-x32\...\SystemTL+) (Version: - ) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer) The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version: - CD PROJEKT RED) Tiny Troopers (HKLM-x32\...\{D052338F-9FD3-4B9C-B3D5-1E9977628BD3}) (Version: 1.0.2.1 - Iceberg Interactive) Total Commander Ultima Prime 6.1.0.0 (HKLM-x32\...\TC UP) (Version: 6.1.0.0 - TC UP Team) UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version: - ) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VNC Mirror Driver 1.8.0 (HKLM\...\VNCMirror_is1) (Version: 1.8.0 - RealVNC Ltd.) VNC Printer Driver 1.8.0 (HKLM\...\VNCPrinter_is1) (Version: 1.8.0 - RealVNC Ltd.) VNC Server 5.0.2 (HKLM\...\RealVNC_is1) (Version: 5.0.2 - RealVNC Ltd) VNC Viewer 5.0.2 (HKLM\...\RealVNCViewer_is1) (Version: 5.0.2 - RealVNC Ltd) Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.) Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers) Windchill ProductPoint Client Manager (HKLM-x32\...\{129024FF-A6C9-4696-91BC-570C6C05193A}) (Version: 1.1.187 - PTC) WinRAR 4.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WinSCP 5.7.6 (HKLM-x32\...\winscp3_is1) (Version: 5.7.6 - Martin Prikryl) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-614712798-1326563053-3043147688-1002_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-614712798-1326563053-3043147688-1002_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\dwgviewr.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-614712798-1326563053-3043147688-1002_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-614712798-1326563053-3043147688-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Zibi\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-614712798-1326563053-3043147688-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-614712798-1326563053-3043147688-1006_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-614712798-1326563053-3043147688-1006_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {034A0E1D-9770-4722-86F5-7BB892F088A0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {07ED524D-1192-46BB-A15C-6490B0949A55} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-29] (Adobe Systems Incorporated) Task: {092D5DE1-45FD-4AAD-A066-8B25B8E98DC6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-10-12] (Microsoft Corporation) Task: {0FB15820-FAB4-4F97-A296-3C61A6B3B5D0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {12D6974B-94D0-4F31-BE9E-DFA8F4EFE8BE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1E48CBE1-8D21-4BBC-BE9A-723C012F6F92} - System32\Tasks\AutoPico Daily Restart => C:\Users\admin\Downloads\Aktywator [Argument = Office 2016\AutoPico.exe /silent] Task: {2A08E4C0-51A3-4CE2-8B87-0341E5C6B0DF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2BF871E1-4E39-4FD2-9AA1-CCD8CF953F8D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {2CFB429A-6C54-4750-A74B-8743F27AD257} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {34D03944-2CCD-4B8E-945A-1052F0491150} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {37C2D274-1D28-4C06-9342-F19AB67FD267} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {38C024B5-B11E-4C76-8C6C-E73BEE94BF43} - System32\Tasks\Norton Security with Backup\Norton Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.0.50\SymErr.exe [2016-09-23] (Symantec Corporation) Task: {4C7AEE33-7225-4C33-B495-A5F87DCB0A02} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {4D5DBF26-BC83-4D59-A1D1-144ED15868D9} - System32\Tasks\{B56D74BF-FD1E-4CAE-A6D8-A9EA206BF98C} => Firefox.exe hxxp://ui.skype.com/ui/0/7.25.0.106/pl/go/help.faq.installer?LastError=1625 Task: {5F920685-820B-4B5D-ADD3-F40CA0B48A4A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {5FF4CD11-CC25-44F8-817C-7E38F0C7C0B4} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {66B2C90D-B76F-4462-8F17-7A53B761CDCB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {6AFE641D-1A15-43A8-B850-32032769B864} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation) Task: {6E7131BE-6B60-4B89-AA31-C375A05C7E6A} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2015-10-01] (MSFree Inc.) Task: {717C8EDA-C663-4B7A-8F48-A1C79010C83B} - System32\Tasks\{0FB9FEDC-8720-4840-97DA-BF4C78809A96} => Firefox.exe hxxp://ui.skype.com/ui/0/7.25.0.106/pl/go/help.faq.installer?source=lightinstaller&LastError=1625 Task: {726D51B4-DA95-495A-961A-EB0D059D74C4} - System32\Tasks\{EA6476C2-6968-4158-8680-8B3198155C9C} => Firefox.exe hxxps://ui.skype.com/ui/0/7.29.80.102/pl/go/help.faq.installer?LastError=1625 Task: {78226FEE-4E46-4D56-B8A7-C099143C3522} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {786CF266-E81F-433A-B1B7-85E6A282D866} - System32\Tasks\Norton Security with Backup\Norton Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.0.50\SymErr.exe [2016-09-23] (Symantec Corporation) Task: {7ADA46AD-4378-47A0-9B5A-89C76F252ED5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7E09C5EE-F8B0-48A3-ADFB-3CFB35019D2D} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== UWAGA Task: {7F70DA60-E20D-4DCB-B008-3AB7117C7C11} - System32\Tasks\Ckoduclacaght Center => C:\Program Files (x86)\Zaveprmsp\tocather.exe [2016-11-03] (Glarysoft Ltd) Task: {84F30A8A-993A-4A9E-BB66-0583100DADBA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {8721298F-0D78-4920-B9BB-CEAFD404BA4F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {881B81A3-563C-404F-9D32-73778DEAFCEA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {8E49AD7B-D504-423A-9EE3-166E2CFA3F4D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {919F0B7B-911E-4402-A6BE-ACC796157954} - System32\Tasks\{EEB2512B-8E95-4A21-BA13-F2A1233A844E} => Firefox.exe hxxps://ui.skype.com/ui/0/7.29.64.102/pl/go/help.faq.installer?LastError=1625 Task: {AB8053B7-FB2D-4C99-8914-66F8FA6987D1} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {AE543E01-990C-427C-9A71-0BD2F6D28098} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-10-09] (Microsoft Corporation) Task: {B12AE15A-46A6-449E-BD4E-D8A4CB631326} - System32\Tasks\Microsoft\Windows\PLA\WPPTracingSession => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "WPPTracingSession" "$(Arg0)" Task: {BA2B3D0F-C87F-4B94-A02A-DDE96858BAEC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-10-09] (Microsoft Corporation) Task: {BB074527-C334-4C09-8DB7-87AE6A77FD71} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {BE9F34B5-D981-457E-97F0-2056DA155AE8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {C9E9448F-E4ED-42C1-9E7F-5AA0E11D1D51} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation) Task: {CA19B0FA-1781-41B0-8CC8-A2BF45AAA523} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.0.50\WSCStub.exe [2016-09-23] (Symantec Corporation) Task: {CD84B0EA-5304-4809-A362-BAE10C25A7B1} - System32\Tasks\Norton Security with Backup\Norton Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.0.50\SymErr.exe [2016-09-23] (Symantec Corporation) Task: {E85FC9F0-058E-47B1-8E04-058137BBF245} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security z kopią zapasową\Upgrade.exe [2016-09-23] (Symantec Corporation) Task: {EB39F6E5-AE04-48C4-BAB2-0FB2FEE355D9} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {EC11E51E-98F2-441D-9443-143E27535F06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {EC9D1B14-9CC7-42AC-9369-E49694F54851} - System32\Tasks\{C63BF2E5-4C2F-4160-A68E-2A361307784D} => pcalua.exe -a C:\Users\admin\Downloads\VCDS-AKP-11.11.5-Installer.exe -d C:\Users\admin\Downloads Task: {F13A4A2B-F282-4008-859D-286DEDBFA4F9} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {F63056C3-FF7F-4787-AE53-9B83EB8A096C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {FC51C6EB-D14C-4AEF-B5E8-127D5567BCF4} - System32\Tasks\2e7ca50926ef48ff171432427d5bb458 => Rundll32.exe "C:\Program Files (x86)\SuperMemo UX\zijmhb.dll",e62dc6c6547f46bda862da2d05af6862 <==== UWAGA Task: {FEB65B5F-04E1-45BF-9B37-48849F351EEB} - System32\Tasks\{4F5E0C31-FBFD-4A27-A859-199539CA8275} => Firefox.exe hxxp://ui.skype.com/ui/0/7.24.0.104/pl/go/help.faq.installer?LastError=1625 Task: {FFCEED3E-457E-4452-A564-45CE85962C39} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== UWAGA ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-09-30 07:08 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-08-13 02:45 - 2016-05-20 03:08 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-07-01 09:21 - 2013-07-01 09:21 - 01127736 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe 2013-07-01 00:16 - 2013-07-01 00:16 - 00039936 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll 2013-07-01 00:16 - 2013-07-01 00:16 - 00628224 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll 2013-07-01 00:15 - 2013-07-01 00:15 - 00018432 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll 2013-07-01 00:17 - 2013-07-01 00:17 - 00029184 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll 2013-07-01 00:17 - 2013-07-01 00:17 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll 2013-07-01 00:17 - 2013-07-01 00:17 - 00035840 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll 2013-07-01 00:16 - 2013-07-01 00:16 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll 2013-07-01 00:16 - 2013-07-01 00:16 - 00116736 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll 2013-07-01 00:15 - 2013-07-01 00:15 - 00022016 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll 2013-07-01 09:21 - 2013-07-01 09:21 - 00810808 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe 2015-10-15 23:00 - 2015-10-15 23:00 - 00251904 _____ () C:\Program Files (x86)\Danfoss Drives\VLT Motion Control Tool\MCT 10 Set-up Software\MCTServ.exe 2016-04-30 10:10 - 2015-09-23 03:24 - 00242264 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2016-06-02 20:28 - 2016-05-02 06:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-03-29 07:52 - 2016-05-02 06:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-06-02 20:28 - 2016-05-02 06:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-06-02 20:28 - 2016-05-02 06:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-08-07 20:28 - 2013-12-19 08:30 - 00678480 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe 2016-06-02 20:28 - 2016-05-02 06:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-06-02 20:28 - 2016-05-02 06:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-06-02 20:28 - 2016-05-02 06:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-03-29 07:52 - 2016-05-02 06:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2016-06-02 20:28 - 2016-05-02 06:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-06-02 20:28 - 2016-05-02 06:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2016-09-30 07:08 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-11-03 21:57 - 2016-11-03 21:57 - 01864384 _____ () C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll 2016-09-21 06:31 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-10-12 07:19 - 2016-10-05 10:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-10-28 09:34 - 2016-10-15 04:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-10-28 09:34 - 2016-10-15 04:34 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-10-28 09:34 - 2016-10-15 04:34 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-10-28 09:34 - 2016-10-15 04:34 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-10-28 09:34 - 2016-10-15 04:38 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-20 16:34 - 2015-07-20 16:34 - 00012288 _____ () C:\Program Files (x86)\No-IP\ducservice.exe 2016-08-07 20:28 - 2013-12-19 03:20 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll 2016-08-07 20:28 - 2013-12-19 03:20 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll 2016-08-07 20:28 - 2013-12-19 03:20 - 02417152 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll 2016-08-07 20:28 - 2013-12-19 03:20 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll 2015-09-10 09:46 - 2016-05-02 07:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-07-20 16:34 - 2015-07-20 16:34 - 00073728 _____ () C:\Program Files (x86)\No-IP\ducapi.dll 2015-09-11 06:45 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 14:25 - 2016-11-03 22:05 - 00001006 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-614712798-1326563053-3043147688-1002\Control Panel\Desktop\\Wallpaper -> D:\Kopia systemu\2015.09.09\Users\ktoś\img9.jpg HKU\S-1-5-21-614712798-1326563053-3043147688-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img7.jpg DNS Servers: Urządzenie nie jest podłączone do internetu. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKLM\...\StartupApproved\StartupFolder: => "Windchill ProductPoint Client Manager.lnk" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run: => "Andy" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKU\S-1-5-21-614712798-1326563053-3043147688-1002\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-614712798-1326563053-3043147688-1002\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-614712798-1326563053-3043147688-1002\...\StartupApproved\Run: => "Polar FlowSync" HKU\S-1-5-21-614712798-1326563053-3043147688-1002\...\StartupApproved\Run: => "ChomikBox" HKU\S-1-5-21-614712798-1326563053-3043147688-1002\...\StartupApproved\Run: => "Windows Shutdown Assistant" HKU\S-1-5-21-614712798-1326563053-3043147688-1006\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-614712798-1326563053-3043147688-1006\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-614712798-1326563053-3043147688-1006\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-614712798-1326563053-3043147688-1006\...\StartupApproved\Run: => "Windows Shutdown Assistant" HKU\S-1-5-21-614712798-1326563053-3043147688-1006\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-614712798-1326563053-3043147688-1006\...\StartupApproved\Run: => "svchost0" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{34BD3354-6ABC-4C1E-B60E-7057050BFAA3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{BE0081D7-8BA5-414F-8CFC-C9425C90B541}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{96564BAD-F713-4678-A418-43423008C8E7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{1F0EDB2E-E978-4B54-9753-2A26E332953A}] => (Allow) C:\Windows\KMS-R@1n.exe FirewallRules: [{23652502-CB07-4E29-93C3-C708EBBD8C09}] => (Allow) C:\Windows\KMS-R@1n.exe FirewallRules: [{9EE3D262-0943-4D85-B025-7AF9831E56B7}] => (Allow) F:\Might and Magic Heroes VII\language.changer.exe FirewallRules: [{6059835D-BB5C-41B7-9F66-ECC2F21930A5}] => (Allow) F:\Might and Magic Heroes VII\language.changer.exe FirewallRules: [{057E3C20-006E-4DF5-8323-3F8EEEA0619B}] => (Allow) F:\Might and Magic Heroes VII\Binaries\Win64\MMH7Game-Win64-Shipping.exe FirewallRules: [{0199FE3E-7811-41EF-AE24-8279D3ECCA39}] => (Allow) F:\Might and Magic Heroes VII\Binaries\Win64\MMH7Game-Win64-Shipping.exe FirewallRules: [{6250DA24-E446-49FF-8853-F8BB0414FA3D}] => (Allow) F:\Might and Magic Heroes VII\Binaries\Win32\MMH7Game-Win32-Shipping.exe FirewallRules: [{337D1636-D571-48DF-BD75-0FBEC36B05BC}] => (Allow) F:\Might and Magic Heroes VII\Binaries\Win32\MMH7Game-Win32-Shipping.exe FirewallRules: [{42795854-5845-4C21-AA84-A8DCD69B5662}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0FB0C17B-1683-4616-A673-DA600EDEBC46}] => (Allow) C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{15F91D0F-4186-43C3-A6F8-F3317F06F20C}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{FFECE629-2311-4430-8774-9EB9FE5E0ABB}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{014B1691-E28D-4EFE-8441-B0B0B1934789}] => (Allow) C:\Program Files (x86)\Apowersoft\Windows Shutdown Assistant\Windows Shutdown Assistant.exe FirewallRules: [{2D8FABCD-2F15-425F-907B-CBEBD7A9FA1D}] => (Allow) C:\Program Files (x86)\Apowersoft\Windows Shutdown Assistant\Windows Shutdown Assistant.exe FirewallRules: [{CD25939A-5978-44C4-8EB8-4905B8116061}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{CC17E3DB-0D07-4BD4-8BC0-88FEA29CB975}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{B59ECAFC-CD93-48A6-BD61-3589450FC452}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{27C89999-AB8B-43D9-BA9B-63ED93E2C238}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{D8FD3394-2B42-4206-92AA-613B9C67BB96}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{D1BE8D3E-6436-4F7F-B269-B3429D340AD8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{3C894DCE-6830-44F3-85E3-1E7E30B08D17}] => (Allow) LPort=5354 FirewallRules: [{AD841DDF-1B54-4592-9242-4490E915125B}] => (Allow) LPort=5354 FirewallRules: [{E1763360-E852-46FF-ACF2-D174B97ADF38}] => (Allow) LPort=5354 FirewallRules: [{9044B92D-9C31-4B8B-9426-89A4645FDA5A}] => (Allow) LPort=5354 FirewallRules: [{4549B428-9ED0-4613-9A90-22055D0ADA65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{2FBC3B48-1716-42E9-BCC8-4D59DA9CE80D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{6E68A837-1D22-429E-BB27-EF2C34392872}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{065DAC86-359D-49E5-86DC-AC1388CF5803}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{8D88C503-E186-43FD-9AFC-39C7EA726A1A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{8CE02E64-AD8C-4855-B90B-F3D162BE5778}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{ED001773-E6F0-4885-81BC-F2457C84D013}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{800544A1-F385-4DF6-8666-C738171CE6DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D3C68AA0-BAF3-4FE5-9E83-9E7BE0BD2911}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{5596E430-3C29-47A9-BD09-46844F1D95FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{8026616F-00AF-41FD-AD89-363C99EE490B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{EF461522-84C3-471C-BBD5-04CFD7D78DF1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{40A02E75-8665-490E-AF3F-6DE205C07A4F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [UDP Query User{1F6785FB-8F86-4DE5-9EDE-F1710064ECE2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{A014B2FA-E785-47D6-97F3-65C620A9E556}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{03DA04DD-5D97-4037-B353-B937BDD81959}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe FirewallRules: [{5186D1E2-8F0A-4C2D-91E6-319D1E3F4D41}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe FirewallRules: [{22F7E16F-BC85-4FAD-B128-82BEACFBCC57}] => (Allow) C:\Users\Zibi\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{F90B2B7E-853E-44B3-BE79-B512F47BADC9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6A093456-AA67-4FC4-A0BB-4B8B1B7B12C9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{76F9B4B8-991C-439F-A2A6-7925E62854BC}] => (Allow) C:\Users\Zibi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C6EFF1A7-C064-420C-82A7-311F46A0C1F4}] => (Allow) C:\Users\Zibi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C436A2BC-1380-4886-BCAB-34F4C18A5D1F}] => (Allow) C:\Users\Zibi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C3254C47-9252-4661-8021-E87FD889B1A7}] => (Allow) C:\Users\Zibi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6B23257F-AD3B-49E3-A15D-BD21249582BA}] => (Allow) C:\Users\Zibi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E4E97847-863B-46E1-987C-815F539B13CD}] => (Allow) C:\Users\Zibi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B622730E-FA46-4C45-8AA6-60A2EFB10989}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{1DED3FE6-7075-46FF-820F-3E4FB9BCAA7A}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [TCP Query User{9C71E730-4383-4324-AAED-67B6EC719D83}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{EA55DE09-E992-44E6-A5E6-2BEDED660AC9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{A704031B-5F0E-4BC0-BC3F-5FB4A1E381C7}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Firmware Restoration\Rescue.exe FirewallRules: [{2E690185-D978-4A9D-BA8A-D2E5F5689E37}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Firmware Restoration\Rescue.exe FirewallRules: [{CE468805-EFA9-4C81-A013-BAA3B71A655E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{75699796-00D2-4162-AF8E-D9839218F250}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EFDF5D68-7F45-40D2-AD98-B1FDE78ADE59}] => (Allow) C:\Program Files (x86)\Danfoss Drives\VLT Motion Control Tool\MCT 10 Set-up Software\MCT 10 Set-up Software.exe FirewallRules: [{941F7A93-467F-4503-9DC4-DF997E571B3B}] => (Allow) LPort=5354 FirewallRules: [{4E30EB45-FC12-439B-B6B6-A0ED114FD83E}] => (Allow) LPort=5354 FirewallRules: [{3DAF18BD-BECF-40BE-96B8-39A6C532D681}] => (Allow) LPort=5354 FirewallRules: [{8F0BE835-4FFF-4BDB-AF9F-7ED1C9FD0626}] => (Allow) LPort=5354 FirewallRules: [{303F7469-CB77-4DE8-BB9E-2A4492D08E2F}] => (Allow) C:\Users\admin\AppData\Local\Temp\andy-x64\Setup.exe FirewallRules: [{D7B1C686-32A9-4C6A-8D4B-786C21781F03}] => (Allow) C:\Users\admin\AppData\Local\Temp\andy-x64\Setup.exe FirewallRules: [{F9C88EDD-307F-4D09-A242-D2552C109FD4}] => (Allow) C:\Program Files\Andy\andy.exe FirewallRules: [{18812734-AAFE-4DBB-A5FC-7C34210F2249}] => (Allow) C:\Program Files\Andy\andy.exe FirewallRules: [{AF695F5B-E30B-4138-B6C8-843B8B8CFE4F}] => (Allow) C:\Program Files\Andy\AndyConsole.exe FirewallRules: [{4D02332E-FB34-4C84-AAC3-347470D9F00B}] => (Allow) C:\Program Files\Andy\AndyConsole.exe FirewallRules: [{A9DBA115-F73C-4B08-A2E9-62005CEDCF69}] => (Allow) C:\Program Files\Andy\HandyAndy.exe FirewallRules: [{ECB64271-602D-4FC0-8204-7713064074ED}] => (Allow) C:\Program Files\Andy\HandyAndy.exe FirewallRules: [{D1E32B9F-7B89-47CF-8F93-A587DAEDD349}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe FirewallRules: [{9AEC3015-0142-48CA-84D4-142A19EEF840}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe FirewallRules: [{5BC7B6A2-7898-456D-BD2C-84BEB8182B63}] => (Allow) C:\Users\admin\AppData\Local\Temp\RemoveTemp.exe FirewallRules: [{064A23F5-F491-4605-8DB6-F62A1EB7AA18}] => (Allow) C:\Users\admin\AppData\Local\Temp\RemoveTemp.exe FirewallRules: [{5B0B7BD4-C776-45AD-AEE8-0BE7C08C9CDD}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe FirewallRules: [{CB6807DF-D906-4FC9-B626-FEE4CD7F7B5E}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe FirewallRules: [{B8500F58-1618-41E2-A429-0D2661BC239E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{AD9F5EBB-BF2F-42C9-AB2E-8AE6A477A3A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{F24A4BC5-391C-41FE-91C5-A87567ED995E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{288EE0C6-1B87-4ED7-89F2-4A946F354F96}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{56BC6281-5249-46A3-B685-94524B982B0C}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{F832FCC0-3AC7-4C4D-BF6F-0FF158E9BE29}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{F6F4C933-CF9D-4739-8A1D-F644E204066E}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Shrew Soft Virtual Adapter Description: Shrew Soft Virtual Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Shrew Soft Service: vnet Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Intel(R) Management Engine Interface Description: Intel(R) Management Engine Interface Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Service: MEIx64 Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (11/04/2016 08:29:36 AM) (Source: KMS-QAD) (EventID: 1001) (User: ) Description: Event-ID 1001 Error: (11/04/2016 08:01:02 AM) (Source: KMS-QAD) (EventID: 1001) (User: ) Description: Event-ID 1001 Error: (11/04/2016 07:40:06 AM) (Source: KMS-QAD) (EventID: 1001) (User: ) Description: Event-ID 1001 Error: (11/04/2016 07:30:26 AM) (Source: KMS-QAD) (EventID: 1001) (User: ) Description: Event-ID 1001 Error: (11/04/2016 07:18:46 AM) (Source: KMS-QAD) (EventID: 1001) (User: ) Description: Event-ID 1001 Error: (11/04/2016 07:14:45 AM) (Source: KMS-QAD) (EventID: 1001) (User: ) Description: Event-ID 1001 Error: (11/04/2016 07:09:55 AM) (Source: KMS-QAD) (EventID: 1001) (User: ) Description: Event-ID 1001 Error: (11/03/2016 11:51:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Ktos) Description: Działanie pakietu Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI zostało zakończone, ponieważ operacja wstrzymywania pakietu trwała zbyt długo. Error: (11/03/2016 11:48:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Ktos) Description: Działanie pakietu Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI zostało zakończone, ponieważ operacja wstrzymywania pakietu trwała zbyt długo. Error: (11/03/2016 11:46:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Ktos) Description: Działanie pakietu Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI zostało zakończone, ponieważ operacja wstrzymywania pakietu trwała zbyt długo. Dziennik System: ============= Error: (11/04/2016 08:29:56 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} i identyfikatorem aplikacji APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (11/04/2016 08:29:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Internet Manager. RunOuc z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (11/04/2016 08:29:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Internet Manager. RunOuc. Error: (11/04/2016 08:29:36 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa KMS-R@1n zakończyła działanie; wystąpił następujący błąd: Parametr jest niepoprawny. Error: (11/04/2016 08:29:28 AM) (Source: MEIx64) (EventID: 3) (User: ) Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware (FWSTS0: 0x00304181, FWSTS1: 0x153B0100). Error: (11/04/2016 08:29:12 AM) (Source: MEIx64) (EventID: 3) (User: ) Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware (FWSTS0: 0x00304181, FWSTS1: 0x153B0100). Error: (11/04/2016 08:28:56 AM) (Source: MEIx64) (EventID: 3) (User: ) Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware (FWSTS0: 0x00304181, FWSTS1: 0x153B0100). Error: (11/04/2016 08:28:40 AM) (Source: MEIx64) (EventID: 3) (User: ) Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware (FWSTS0: 0x00304181, FWSTS1: 0x153B0100). Error: (11/04/2016 08:28:18 AM) (Source: MEIx64) (EventID: 3) (User: ) Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware (FWSTS0: 0x00304181, FWSTS1: 0x153B0100). Error: (11/04/2016 08:29:34 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 08:27:01 na ‎04.‎11.‎2016 było nieoczekiwane. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz Procent pamięci w użyciu: 21% Całkowita pamięć fizyczna: 8060.85 MB Dostępna pamięć fizyczna: 6332.36 MB Całkowita pamięć wirtualna: 9340.85 MB Dostępna pamięć wirtualna: 7642.23 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:118.46 GB) (Free:28.67 GB) NTFS Drive d: () (Fixed) (Total:98.4 GB) (Free:8.68 GB) NTFS Drive e: (Nowy) (Fixed) (Total:198.36 GB) (Free:27.22 GB) NTFS Drive f: (Nowy) (Fixed) (Total:633.67 GB) (Free:25.95 GB) NTFS Drive g: (MójDysk) (CDROM) (Total:0.65 GB) (Free:0 GB) CDFS Drive h: (ADMINTOOL) (Removable) (Total:1.88 GB) (Free:1.65 GB) FAT ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 0C7C2FF4) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=118.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: C3FFC3FF) Partition 1: (Not Active) - (Size=98.4 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=198.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=633.7 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=1.1 GB) - (Type=12) ======================================================== Disk: 2 (Size: 1.9 GB) (Disk ID: 16464947) Partition 1: (Not Active) - (Size=1.9 GB) - (Type=06) ==================== Koniec Addition.txt ============================