Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 21-12-2016 Uruchomiony przez JAY (24-12-2016 10:48:39) Uruchomiony z C:\Users\JAY\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2010-07-16 17:15:32) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2195184045-3265951034-2981680463-500 - Administrator - Disabled) Gość (S-1-5-21-2195184045-3265951034-2981680463-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-2195184045-3265951034-2981680463-1002 - Limited - Enabled) JAY (S-1-5-21-2195184045-3265951034-2981680463-1001 - Administrator - Enabled) => C:\Users\JAY ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 64 Bit HP CIO Components Installer (Version: 8.2.1 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated) Adobe Flash CS3 Professional (HKLM-x32\...\Adobe_71a8bf4cec3050e55425a301eec8315) (Version: 9.0.0 - Adobe Systems Incorporated) Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.186 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Archiwizator WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros) BatteryLifeExtender (HKLM-x32\...\{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}) (Version: 1.0.1 - Samsung) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform) ChomikBox (HKLM-x32\...\{71736AF6-BA4B-4F3C-8496-C325B97869BA}) (Version: 2.0.8.1 - Chomikuj.pl) CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.) CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.) CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.) CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3625 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.) Easy Network Manager (HKLM-x32\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung) Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.) EasyBatteryManager (HKLM-x32\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung) EasyUploader v3.24.3.3 (32/64-bit) (HKLM\...\EasyUploader v3_is1) (Version: 3.24.3 - PhotoSoft Marcin Kozak) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.4.1001 - Intel Corporation) Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1003 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.30 - Irfan Skiljan) iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.) jAlbum (HKLM\...\{49D3E1C0-7C00-48AC-BED1-549B86EA35C1}) (Version: 13.8 - Jalbum AB) Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Macromedia Dreamweaver 8 (HKLM-x32\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.1.2753 - Macromedia) Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.) Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{306B39C9-3AB1-4161-8567-9C7E50B41AE3}) (Version: 9.7.0621 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 50.1.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 pl)) (Version: 50.1.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla) Mozilla Thunderbird 45.5.1 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 45.5.1 (x86 pl)) (Version: 45.5.1 - Mozilla) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation) PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.9.0 - Prolific Technology INC) Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Software (HKLM-x32\...\{F2BC3383-F000-410C-A038-3846ADBE8D90}) (Version: 1.01.0088 - REALTEK Semiconductor Corp.) Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung) Samsung R-Series (HKLM-x32\...\{3EED7541-55F8-4DC6-B9CD-28762D71310E}) (Version: 1.0 - Samsung) Samsung Support Center (HKLM-x32\...\{0A353130-D22C-41DD-8C67-1B02A05F2CE0}) (Version: 1.1.0 - Samsung) Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.) Service Pack 1 for SQL Server 2008 R2 (KB2528583) (64-bit) (HKLM\...\KB2528583) (Version: 10.51.2500.0 - Microsoft Corporation) Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.10.0 - Synaptics Incorporated) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH) TpmsToolObdUpdater (HKLM-x32\...\InstallShield_{0A7B7D64-1222-49A4-B938-6ED5A532077A}) (Version: 1.00.0000 - Cub) TpmsToolObdUpdater (HKLM-x32\...\InstallShield_{DDD8708C-E078-4ACA-A89B-86BE958D4A9B}) (Version: 1.4 - Cub) TpmsToolObdUpdater (x32 Version: 1.00.0000 - Cub) Hidden TpmsToolObdUpdater (x32 Version: 1.4 - Cub) Hidden User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - ) Winamp (remove only) (HKLM-x32\...\Winamp) (Version: - ) Windows Live Sync (HKLM-x32\...\{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}) (Version: 14.0.8089.726 - Microsoft Corporation) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {071D3849-9E00-4162-A6C2-ED8494B2B34B} - System32\Tasks\{2A0629A6-1677-45E1-B75C-DFB54928303F} => pcalua.exe -a C:\Users\JAY\Downloads\irfanview_lang_polski.exe -d C:\Users\JAY\Downloads Task: {07D196FC-D73E-4492-9B5F-7538949FF869} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-18] (Google Inc.) Task: {0C69F5BD-0A24-466E-A601-C95EA0F55389} - System32\Tasks\{BD09D30B-D17E-4668-B266-ACA4148DF175} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-03-01] (Skype Technologies S.A.) Task: {0FC03ED8-1009-4435-960F-9E43900ED509} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-12-14] (SAMSUNG Electronics) Task: {122E0D94-5F9A-4BE0-86CB-BD422F9ABA73} - System32\Tasks\{47A3296E-CA39-418C-B6CB-EE43CCB3B450} => pcalua.exe -a C:\Westwood\RA2\RA21006EN.EXE -d C:\Westwood\RA2 Task: {22614966-E4D8-43AD-9AF6-FA4C6EEC5A10} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-10-13] (Samsung Electronics Co., Ltd.) Task: {2760D4CB-65DB-4465-9CEF-7311EBDE437A} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation) Task: {3955AD49-468E-40C1-94F5-14F6EF4D7100} - System32\Tasks\{CBFBC670-A3C4-43D8-BDC0-A82CA73941FA} => pcalua.exe -a "C:\Games\Black And White\Setup.exe" -d "C:\Games\Black And White" Task: {42B8F85C-3F52-4273-995D-42FACB2782F2} - System32\Tasks\{D0F3FB33-F46C-4EBC-83F3-6C777428284C} => pcalua.exe -a E:\setup.exe -d E:\ Task: {494D4D96-2FA8-4EDB-A32C-523019D67B56} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC) Task: {59D48DC1-89FC-42B4-9A02-F51DB2BD1EF4} - System32\Tasks\{8088F14D-3BD9-482E-A394-FB8932C3173A} => pcalua.exe -a C:\windows\SysWOW64\Samsung_USB_Drivers\6\SSBCUninstall.exe Task: {7C9BE5D4-AA8C-473F-934A-1DF3D6361C27} - System32\Tasks\{184BC956-C7D7-47CB-9650-08C5C2157BD8} => pcalua.exe -a E:\7jif12ww.exe -d E:\ Task: {7DAABE67-63B0-45D0-A559-3E2847821115} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-18] (Google Inc.) Task: {9E89B1F1-4987-4CF4-8BE6-030FAFA7F9C9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd) Task: {A00E6391-D4EE-4A4A-A132-6BEFA0BCAD4D} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe Task: {A3E4FEE9-59CB-4A13-A7CD-B61BCBA8B76C} - System32\Tasks\{311F3631-0C97-4470-8836-833CB5E59F90} => pcalua.exe -a C:\windows\SysWOW64\Samsung_USB_Drivers\2\SSM_Uninstall.exe Task: {A4FC35A1-91E5-4063-B932-F3C9A26CAD52} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-11-19] (Samsung Electronics. Co. Ltd.) Task: {A82AD7A9-A279-4588-9263-D9FF5AF1A766} - System32\Tasks\{A0BF928D-4863-42C6-97C1-9D6192480037} => Firefox.exe hxxp://ui.skype.com/ui/0/7.21.0.100/pl/abandoninstall?source=lightinstaller&page=tsBing Task: {CC3F8451-753F-4911-AD0B-C806208A9169} - System32\Tasks\{A1B014C5-4D11-4E91-B300-FE2750AA6027} => pcalua.exe -a "C:\Users\JAY\Desktop\Sony Ericsson PC Suite 2.10.46.exe" -d C:\Users\JAY\Desktop Task: {CC79CFF1-4940-473D-99AF-8EB36C3742DB} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2009-11-04] (Samsung Electronics Co., Ltd.) Task: {D35DA539-1875-480F-9F30-69CBA06AFA9C} - System32\Tasks\{F0E98C12-B005-465F-92E6-40C89BC84D40} => pcalua.exe -a C:\Users\JAY\AppData\Local\Temp\jre-8u101-windows-au.exe -d C:\windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== UWAGA Task: {D900B7C3-BAF0-4251-B31C-D66F079F03AB} - System32\Tasks\{A505785E-F934-4181-9B46-16CDE0AB7F3F} => pcalua.exe -a C:\windows\SysWOW64\Samsung_USB_Drivers\3\SSCDUninstall.exe Task: {DA2C6E37-0178-4AAD-A5ED-17C279774A57} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.) Task: {DC558627-4322-410E-BF38-C4EEC651353F} - System32\Tasks\Thodiing Adapter => C:\Program Files (x86)\Stuwertherfonather\coazother.exe Task: {E7B5DC0C-554B-4AC6-ABCF-B41789F0E441} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated) Task: {ED2C5AE2-6937-4083-9A8D-97116CCD1435} - System32\Tasks\280528962d6t6759868 => Rundll32.exe "C:\ProgramData\280528962d6t6759868\280528962d6t6759868.dll",DMT <==== UWAGA Task: {F061D580-9B60-446D-B461-AE3C91965799} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated) Task: {F0920698-7459-4B56-A469-9BC6253ABC0B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-12-21 11:29 - 2016-12-21 11:29 - 00292352 ____H () C:\Program Files (x86)\Gredoing Launcher\local64spl.dll 2013-03-31 20:11 - 2012-11-20 10:05 - 00727952 _____ () C:\windows\SysWOW64\WSCM64.dll 2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2010-03-06 03:13 - 2009-03-05 10:54 - 00311296 _____ () C:\windows\SysWOW64\Rezip.exe 2010-03-06 03:19 - 2009-07-07 19:23 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2016-12-24 10:21 - 2016-03-11 14:53 - 00380928 _____ () C:\Users\JAY\Downloads\gmer.exe 2010-03-06 03:23 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll 2016-12-24 09:23 - 2016-12-24 09:23 - 00098816 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\win32api.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00110080 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\pywintypes27.dll 2016-12-24 09:23 - 2016-12-24 09:23 - 00364544 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\pythoncom27.dll 2016-12-24 09:23 - 2016-12-24 09:23 - 00320512 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\win32com.shell.shell.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00914432 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\_hashlib.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 01176576 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\wx._core_.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00806400 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\wx._gdi_.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00816128 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\wx._windows_.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 01067008 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\wx._controls_.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00733184 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\wx._misc_.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00682496 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\pysqlite2._sqlite.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00088064 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\_ctypes.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00686080 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\unicodedata.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00119808 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\win32file.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00108544 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\win32security.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00007168 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\hashobjs_ext.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00017920 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\thumbnails_ext.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00088064 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\usb_ext.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00012800 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\common.time34.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00018432 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\win32event.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00167936 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\win32gui.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00046080 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\_socket.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 01303552 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\_ssl.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00128512 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\_elementtree.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00127488 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\pyexpat.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00038912 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\win32inet.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00036864 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\_psutil_windows.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00524248 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\windows._lib_cacheinvalidation.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00011264 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\win32crypt.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00123392 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\wx._wizard.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00077312 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\wx._html2.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00027648 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\_multiprocessing.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00020480 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\_yappi.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00035840 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\win32process.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00078848 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\wx._animate.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00024064 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\win32pipe.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00010240 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\select.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00025600 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\win32pdh.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00017408 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\win32profile.pyd 2016-12-24 09:23 - 2016-12-24 09:23 - 00022528 ____R () C:\Users\JAY\AppData\Local\Temp\_MEI21522\win32ts.pyd 2016-12-13 23:02 - 2016-12-13 23:02 - 19761240 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\Temp:0A8E2C33 [238] AlternateDataStreams: C:\ProgramData\Temp:73BDADA8 [234] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2016-12-23 11:44 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2195184045-3265951034-2981680463-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\JAY\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^JAY^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\windows\pss\Adobe Gamma.lnk.Startup MSCONFIG\startupfolder: C:^Users^JAY^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GameRanger.lnk => C:\windows\pss\GameRanger.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: APLangApp => "C:\Program Files (x86)\AnyPC Client\APLangApp.exe" MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: avgnt => MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: Galileo => C:\Users\JAY\AppData\Local\Galileo\galileo.exe silent MSCONFIG\startupreg: GG => "C:\Users\JAY\AppData\Local\GG\Application\gghub.exe" MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start MSCONFIG\startupreg: NeroFilterCheck => C:\windows\system32\NeroCheck.exe MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray MSCONFIG\startupreg: PDVD8LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe" MSCONFIG\startupreg: RemoteControl8 => "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spotify => "C:\Users\JAY\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\JAY\AppData\Roaming\Spotify\SpotifyWebHelper.exe" MSCONFIG\startupreg: UCam_Menu => "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" MSCONFIG\startupreg: UpdatePDRShortCut => "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0" MSCONFIG\startupreg: UpdatePPShortCut => "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0" MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" MSCONFIG\startupreg: UsageTemp => "C:\Users\JAY\AppData\Local\Temp\UsageTemp.exe" MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\Winampa.exe" MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{4967453C-0CD4-4BE6-A616-029BA0B44519}] => C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE FirewallRules: [{DA3125DB-8925-4A06-884C-918723864D75}] => C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE FirewallRules: [{B37F42B8-1114-45B3-A2A1-2A5268DDD4AB}] => svchost.exe FirewallRules: [{13676183-3D8A-464D-B37D-C25CB52CD9BA}] => C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [TCP Query User{831AE359-A311-4136-A211-76CDFF0A1979}C:\program files (x86)\jalbum\jalbum.exe] => C:\program files (x86)\jalbum\jalbum.exe FirewallRules: [UDP Query User{B4286BCC-3B8B-42E0-B72A-8C680796BCF4}C:\program files (x86)\jalbum\jalbum.exe] => C:\program files (x86)\jalbum\jalbum.exe FirewallRules: [TCP Query User{6E17BDF4-4C6D-4FDC-AE23-E4966A7DF545}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{BADA1C53-FACF-4F2C-85E1-79746B601731}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{2CF8A1B6-6C0A-4D73-A0CF-6BC8EDCF0748}C:\program files (x86)\adobe\adobe flash cs3\flash.exe] => C:\program files (x86)\adobe\adobe flash cs3\flash.exe FirewallRules: [UDP Query User{EC7F9D88-AB35-4C32-B77A-5C8270E83443}C:\program files (x86)\adobe\adobe flash cs3\flash.exe] => C:\program files (x86)\adobe\adobe flash cs3\flash.exe FirewallRules: [TCP Query User{494C1439-306E-4A35-9196-5A869D319662}C:\program files (x86)\mozilla firefox\plugin-container.exe] => C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{D740D0EC-CE80-4451-BF1B-576EC5BE8399}C:\program files (x86)\mozilla firefox\plugin-container.exe] => C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [{C9939181-BD4F-47C9-84FD-2EA87EB232B4}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{0F853BD5-2C86-407A-83CB-7D500F6695CF}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{6A7AC589-164F-48FB-B320-C75B1B71DD5E}C:\program files (x86)\totalcmd\totalcmd64.exe] => C:\program files (x86)\totalcmd\totalcmd64.exe FirewallRules: [UDP Query User{37399D4F-FF0E-4459-8D6F-7410A7B6E65F}C:\program files (x86)\totalcmd\totalcmd64.exe] => C:\program files (x86)\totalcmd\totalcmd64.exe FirewallRules: [TCP Query User{A36115B0-8EA2-40F2-B429-6D01037BCD77}C:\program files (x86)\totalcmd\totalcmd64.exe] => C:\program files (x86)\totalcmd\totalcmd64.exe FirewallRules: [UDP Query User{F5B08F93-0D73-42CC-8EA8-98A2707E8AC5}C:\program files (x86)\totalcmd\totalcmd64.exe] => C:\program files (x86)\totalcmd\totalcmd64.exe FirewallRules: [{6E9CFCFC-72D8-476F-84FF-ADEEE4BEEE89}] => C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{49702DC0-9325-4950-A972-CA263147D6D0}] => C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{596A8783-B93E-4030-BCC3-871BF288338A}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{68D813A1-59CE-4647-8EA4-FA98138682FE}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{7312E5E7-3F44-4EF2-98FA-66E1B685F0E8}C:\program files (x86)\jalbum\jalbum.exe] => C:\program files (x86)\jalbum\jalbum.exe FirewallRules: [UDP Query User{F835AF8E-849F-41DC-AFC0-EEE4DC5D72BD}C:\program files (x86)\jalbum\jalbum.exe] => C:\program files (x86)\jalbum\jalbum.exe FirewallRules: [{7766CE14-7C77-496D-A276-444387AC02A8}] => C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{CEA2E5AD-AD8A-4687-9C27-33510760209F}] => C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{628BC6C8-E7F3-4106-8F03-9A0A6478DBFD}] => C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{F65F6C37-4A11-45C1-A098-A529B856E1D2}] => C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{3832011D-2230-4E56-B664-F123BDC078D9}] => C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{5163D6B6-F6DB-4767-9227-867D17189FDD}] => C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{5314AA14-9B3C-44E6-AF46-617E310D27F6}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{BB0CA3D7-182D-4B62-A6D8-E79FF93DBD96}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{CF63E546-1F1A-474B-A1CD-D350306CAA4F}C:\users\jay\appdata\local\apps\2.0\3592n2e1.5z8\zpoh3le3.lax\laun...app_2e973cc213891be7_0001.0024_dd24b003d48bfc42\launcher.exe] => C:\users\jay\appdata\local\apps\2.0\3592n2e1.5z8\zpoh3le3.lax\laun...app_2e973cc213891be7_0001.0024_dd24b003d48bfc42\launcher.exe FirewallRules: [UDP Query User{A5B46EE1-8C60-4949-B872-B1887E5CA4B2}C:\users\jay\appdata\local\apps\2.0\3592n2e1.5z8\zpoh3le3.lax\laun...app_2e973cc213891be7_0001.0024_dd24b003d48bfc42\launcher.exe] => C:\users\jay\appdata\local\apps\2.0\3592n2e1.5z8\zpoh3le3.lax\laun...app_2e973cc213891be7_0001.0024_dd24b003d48bfc42\launcher.exe FirewallRules: [{63D3BAC8-2252-4E99-A3AB-E7CFFF17E126}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{93F20A06-DAF1-4CE1-8991-161C0C2BEFD4}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EC3BD94D-AF7F-4ACD-894F-BF1F57643DA0}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{9B6541E3-D3CE-416A-8C34-7A28DE5AB33C}] => LPort=2869 FirewallRules: [{0CE61DFE-27E1-4975-B88B-4B4ED847EE32}] => LPort=1900 FirewallRules: [{B234393F-F328-4A27-B59B-6F10969BE819}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{8ECAA76F-9637-42DC-A748-BFFBA2FB376B}] => C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{A450550B-D35F-46FC-949A-503260055418}] => C:\Windows\SysWOW64\muzapp.exe FirewallRules: [TCP Query User{73AF346A-6DCA-4A5E-A6F6-CC675C6243D3}C:\program files (x86)\hearthstone\hearthstone.exe] => C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{B0FD0B2A-1A25-43AF-B946-49F3E971A97F}C:\program files (x86)\hearthstone\hearthstone.exe] => C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{B4039ADF-B680-4885-BDCB-C5ECFE321E00}] => C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{7AEFE021-1D13-43C9-9C61-D56170B7F58A}] => C:\Program Files\iTunes\iTunes.exe FirewallRules: [{18DE92DD-ECEC-43D5-B3A1-6C7EEC0C7BA7}] => C:\windows\system32\rundll32.exe FirewallRules: [{828EB699-5161-4397-9EAB-D71A718B4C1A}] => C:\Windows\System32\rundll32.exe FirewallRules: [{75A09481-B393-40A1-86DF-0D409BC1D6D4}] => C:\Windows\System32\rundll32.exe FirewallRules: [{C6CD70E5-4BB3-4DFD-AC00-637A7074929A}] => C:\Windows\System32\rundll32.exe FirewallRules: [{7703F13A-196C-4D73-9444-22EAB985DD52}] => C:\Windows\System32\rundll32.exe ==================== Punkty Przywracania systemu ========================= 23-12-2016 13:05:24 Removed Bonjour 23-12-2016 13:24:20 Configured Microsoft Office Professional Plus 2013 23-12-2016 13:24:49 PROPLUSR 23-12-2016 13:54:20 Removed Microsoft Office Professional Plus 2013 23-12-2016 13:54:48 PROPLUSR 23-12-2016 13:59:29 Removed Microsoft Office Suite Activation Assistant. 23-12-2016 16:20:02 Removed Bonjour ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/23/2016 04:33:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 50.1.0.6186, sygnatura czasowa: 0x584a057c Nazwa modułu powodującego błąd: mozglue.dll, wersja: 50.1.0.6186, sygnatura czasowa: 0x5849ff8b Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x0000ec79 Identyfikator procesu powodującego błąd: 0x17b0 Godzina uruchomienia aplikacji powodującej błąd: 0x01d25d31c3a6d559 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll Identyfikator raportu: 1668c71b-c925-11e6-927c-00245487390f Error: (12/23/2016 04:31:14 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program jAlbum.exe w wersji 9.4.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 153c Godzina rozpoczęcia: 01d25d311b940f92 Godzina zakończenia: 63 Ścieżka aplikacji: C:\Program Files (x86)\Jalbum\jAlbum.exe Identyfikator raportu: d329b2e0-c924-11e6-927c-00245487390f Error: (12/23/2016 04:17:09 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Usługa wyszukiwania systemu Windows nie może przetworzyć listy lokalizacji dołączonych i wykluczonych. Błąd: <30, 0x80040d07, „mapi15://{S-1-5-21-2195184045-3265951034-2981680463-1001}/”>. Error: (12/23/2016 04:16:20 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Usługa Windows Search jest zatrzymywana, ponieważ wystąpił problem z indeksatorem: The catalog is corrupt. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (12/23/2016 04:16:20 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Nie można zainicjować indeksu. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (12/23/2016 04:16:20 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Nie można zainicjować aplikacji. Kontekst: aplikacja Windows Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (12/23/2016 04:16:20 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Nie można zainicjować obiektu programu zbierającego. Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (12/23/2016 04:16:20 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Nie można zainicjować dodatku typu plug-in w . Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Nie można odnaleźć elementu. (HRESULT : 0x80070490) (0x80070490) Error: (12/23/2016 04:16:18 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Nie można zainicjować dodatku typu plug-in w . Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (12/23/2016 04:16:17 PM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: Usługa Windows Search nie może załadować informacji z magazynu właściwości. Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Serwer indeksu zawartości nie może zaktualizować informacji albo uzyskać do nich dostępu z powodu błędu bazy danych. Zatrzymaj i uruchom ponownie usługę wyszukiwania. Jeżeli problem będzie się powtarzać, zresetuj i ponownie przeszukaj indeks zawartości. W niektórych przypadkach konieczne może być usunięcie i ponowne utworzenie indeksu zawartości. (HRESULT : 0x8004117f) (0x8004117f) Dziennik System: ============= Error: (12/24/2016 10:03:06 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi Spooler. Error: (12/24/2016 09:35:07 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi Spooler. Error: (12/24/2016 09:34:37 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi Spooler. Error: (12/24/2016 09:23:37 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: StarOpen Error: (12/24/2016 09:23:29 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Stawulekoperty zakończyła działanie; wystąpił następujący błąd: Nie można odnaleźć określonego pliku. Error: (12/24/2016 09:22:54 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \SystemRoot\SysWow64\Drivers\StarOpen.SYS zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (12/23/2016 11:29:52 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi Spooler. Error: (12/23/2016 11:29:47 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Usługa Windows Update nie została poprawnie zamknięta po odebraniu kodu sterującego przed zamknięciem. Error: (12/23/2016 11:29:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi Spooler. Error: (12/23/2016 11:29:22 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {995C996E-D918-4A8C-A302-45719A6F4EA7} nie zarejestrował się w modelu DCOM w wymaganym czasie. CodeIntegrity: =================================== Date: 2016-12-23 11:40:28.130 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-23 11:40:28.083 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-23 11:40:28.036 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-23 11:40:27.989 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-21 16:13:36.664 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-21 16:13:36.618 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-21 16:13:36.571 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-12-21 16:13:36.524 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-04 20:16:45.435 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-04 20:16:45.329 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz Procent pamięci w użyciu: 69% Całkowita pamięć fizyczna: 3956.55 MB Dostępna pamięć fizyczna: 1206.66 MB Całkowita pamięć wirtualna: 7911.28 MB Dostępna pamięć wirtualna: 4834.03 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:121.69 GB) (Free:50.19 GB) NTFS Drive d: () (Fixed) (Total:161.31 GB) (Free:35.68 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: CC5F9E61) Partition 1: (Not Active) - (Size=15 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=121.7 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=161.3 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================