Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 15-02-2017 02 Uruchomiony przez oem2 (16-02-2017 12:21:51) Uruchomiony z C:\Users\oem2\Downloads Windows 8.1 Pro (Update) (X64) (2016-06-16 14:31:13) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1102267148-3212572079-3134952296-500 - Administrator - Disabled) Gość (S-1-5-21-1102267148-3212572079-3134952296-501 - Limited - Disabled) oem2 (S-1-5-21-1102267148-3212572079-3134952296-1001 - Administrator - Enabled) => C:\Users\oem2 ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated) Dell System Detect (HKU\S-1-5-21-1102267148-3212572079-3134952296-1001\...\58d94f3ce2c27db0) (Version: 7.6.0.4 - Dell) Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.) Easy Calendar 3.6 (HKLM-x32\...\Easy Calendar_is1) (Version: - ) FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version: - ) GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.0 - Intel Corporation) Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{300FD2C1-59F0-4F8D-95F5-D69D581E8890}) (Version: 17.0.1419.02 - Intel Corporation) Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Java SE Development Kit 8 Update 121 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180121}) (Version: 8.0.1210.13 - Oracle Corporation) Manager (x32 Version: 4.1.4.27792 - 2015 pdfforge GmbH. All rights reserved) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team) OpenOffice 4.1.3 (HKLM-x32\...\{4D71C348-C964-442D-B2DB-5160E46FB664}) (Version: 4.13.9783 - Apache Software Foundation) PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH) PDF Architect 4 Create Module (Version: 4.1.5.29097 - pdfforge GmbH) Hidden PDF Architect 4 Edit Module (Version: 4.1.5.29097 - pdfforge GmbH) Hidden PDF Architect 4 View Module (Version: 4.1.5.29097 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.2 - pdfforge GmbH) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.) Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.103 - Skype Technologies S.A.) SMPlayer 17.1.0 (x64) (HKLM\...\SMPlayer) (Version: 17.1.0 - Ricardo Villalba) SpringPublisher (HKLM-x32\...\{02869C6E-427C-4227-A9F1-76717A9A0F21}) (Version: 5.0 - SpringPublisher Team) SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.25.6.4782 - Enigma Software Group, LLC) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer) TMS Trader (HKLM-x32\...\TMS Trader) (Version: 4.00 - MetaQuotes Software Corp.) USBPcap 1.1.0.0-g794bf26-5 (HKLM\...\USBPcap) (Version: 1.1.0.0-g794bf26-5 - ) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1102267148-3212572079-3134952296-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-1102267148-3212572079-3134952296-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {05481E82-4786-40A0-9D34-4B6AC6EA3D75} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2017-02-16] (Enigma Software Group USA, LLC.) Task: {0BD5E646-A1C0-44A0-918F-7BAB81AF61AC} - System32\Tasks\UCBrowserUpdaterCore => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [2017-02-14] (UCWeb Inc) <==== UWAGA Task: {35B25727-64E1-4C9A-8FAE-E215BAD1244C} - System32\Tasks\UCBrowserSecureUpdater => C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe [2017-02-16] (UC Web Inc.) <==== UWAGA Task: {BE9B6F53-1C10-4B66-B8DC-D06DADBBBDF7} - System32\Tasks\Microsoft\Windows\Multimedia\Manager => C:\Users\oem2\AppData\Roaming\Adobe\Manager.exe [2017-02-16] () (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\UCBrowserUpdaterCore.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== UWAGA ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) WMI_ActiveScriptEventConsumer_ASEC: <===== UWAGA ShortcutWithArgument: C:\Users\oem2\Desktop\Osoba 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\oem2\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\oem2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\oem2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\oem2\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\oem2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\oem2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\oem2\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\oem2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/ ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\oem2\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\oem2\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ==================== Załadowane moduły (filtrowane) ============== 2017-01-29 19:18 - 2016-12-15 11:37 - 00020208 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll 2016-10-25 08:57 - 2016-10-25 08:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2017-02-16 10:48 - 2017-02-16 10:48 - 00524696 _____ () C:\Program Files\żěŃą\X64\KZipShell.dll 2015-08-09 03:50 - 2015-08-09 03:50 - 00404376 _____ () C:\Windows\system32\igfxTray.exe 2017-02-16 10:47 - 2017-02-16 10:47 - 02072064 _____ () C:\Users\oem2\AppData\Local\Temp\00018633\msiql.exe 2016-10-25 08:57 - 2016-10-25 08:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2017-02-16 10:48 - 2017-02-14 12:19 - 00597208 _____ () C:\Program Files (x86)\UCBrowser\Application\UCService.exe 2017-02-16 12:06 - 2017-02-14 12:40 - 02148056 _____ () C:\Program Files (x86)\UCBrowser\Application\6.0.1471.914\UCAgent.exe 2017-02-16 10:48 - 2016-11-26 06:52 - 00256032 _____ () C:\Program Files (x86)\Maoha\MaohaAP\Updater\CheckUpdate.dll 2017-02-16 10:48 - 2016-11-26 06:52 - 00237088 _____ () C:\Program Files (x86)\Maoha\MaohaAP\tipsdll.dll 2016-10-25 09:51 - 2016-10-25 09:51 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2015-03-17 00:34 - 2015-03-17 00:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pl_pl\acrotray.pol 2016-10-12 00:08 - 2016-10-12 00:08 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node 2016-10-12 00:08 - 2016-10-12 00:08 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2016-10-12 00:08 - 2016-10-12 00:08 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node 2016-10-12 00:08 - 2016-10-12 00:08 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node 2016-10-25 09:49 - 2016-10-25 09:49 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll 2016-10-12 00:08 - 2016-10-12 00:08 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node 2016-10-10 22:15 - 2016-10-10 22:15 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node 2016-10-10 22:15 - 2016-10-10 22:15 - 00117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node 2016-10-10 22:15 - 2016-10-10 22:15 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node 2016-10-10 22:17 - 2016-10-10 22:17 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2016-10-25 09:41 - 2016-10-25 09:41 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll 2016-10-10 22:14 - 2016-10-10 22:14 - 00121856 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node 2016-10-10 22:14 - 2016-10-10 22:14 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node 2016-06-23 12:10 - 2013-12-04 11:37 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x64.sys [25444] AlternateDataStreams: C:\Windows\system32\drivers:x64 [371912] AlternateDataStreams: C:\Windows\system32\drivers:x86 [1213218] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-1102267148-3212572079-3134952296-1001\...\dell.com -> dell.com ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1102267148-3212572079-3134952296-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 62.179.1.63 - 62.179.1.62 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{C81ACE67-0AF5-4D78-881E-68C8F89AA12F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{3CE39ED2-C776-4864-B96E-83E0602C1125}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{E36BA3FD-8262-4B9E-BFB0-C80A3335DCD7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{18B8BCED-1718-4F0D-8EEB-2D9553396A73}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{D2E53317-617C-42E7-87E8-6AC2975A9041}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{BF69E630-743B-43E9-B84F-97EC06AC05B3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{C52B881C-B7EF-466F-9612-D7DA9CFC14BB}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{1ED776BF-DFD3-4115-A7B5-1DE003997105}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{1C824406-2067-47AA-91C7-4DAECB290398}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E552ADB6-A876-4068-A7E5-0E9B612C06F5}] => (Allow) C:\Users\oem2\AppData\Local\Temp\is-O4GBJ.tmp\download\MiniThunderPlatform.exe FirewallRules: [{011B0C5F-5FC5-4746-BA50-365619B76B1C}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{121ECCD0-2462-4375-BD86-CF82D608CAE5}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe FirewallRules: [{7D451836-7630-4E71-B5B7-7FF7E6AFB91A}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{B4795632-88D2-4A54-A5E0-EAF14983B2F7}] => (Allow) C:\Program Files (x86)\Maoha\MaohaAP\MaohaWifiSvr.exe ==================== Punkty Przywracania systemu ========================= 28-01-2017 16:09:03 Windows Update 02-02-2017 12:01:19 Windows Update 06-02-2017 11:07:37 Windows Update 10-02-2017 09:28:00 Windows Update 14-02-2017 10:28:53 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/16/2017 11:57:51 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Składnik 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest. Error: (02/16/2017 11:57:33 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x8007232B Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/16/2017 11:57:29 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x8007232B Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/16/2017 11:28:52 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x8007232B Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/16/2017 11:28:50 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x8007232B Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (02/16/2017 11:25:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: oem) Description: Aktywacja aplikacji Microsoft.BingWeather_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (02/16/2017 10:56:21 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x8007232B Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/16/2017 10:56:18 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x8007232B Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (02/16/2017 10:51:02 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x8007232B Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable Error: (02/16/2017 10:50:59 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0x8007232B Argumenty wiersza polecenia: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=13 Dziennik System: ============= Error: (02/16/2017 11:57:36 AM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano alert krytyczny ze zdalnego punktu końcowego. Kod alertu krytycznego zdefiniowany przez protokół TLS to 40. Error: (02/16/2017 11:57:35 AM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano alert krytyczny ze zdalnego punktu końcowego. Kod alertu krytycznego zdefiniowany przez protokół TLS to 70. Error: (02/16/2017 11:56:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa GoogleChromeUpService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/16/2017 11:56:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa KuaizipUpdateChecker niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/16/2017 11:28:03 AM) (Source: DCOM) (EventID: 10010) (User: oem) Description: Serwer {9BA05972-F6A8-11CF-A442-00A0C90A8F39} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (02/16/2017 10:56:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Menedżer połączeń usługi Dostęp zdalny zależy od usługi Usługa Protokół SSTP, której nie można uruchomić z powodu następującego błędu: Operacja ukończona pomyślnie. Error: (02/16/2017 10:56:10 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Menedżer połączeń usługi Dostęp zdalny zależy od usługi Usługa Protokół SSTP, której nie można uruchomić z powodu następującego błędu: Operacja ukończona pomyślnie. Error: (02/16/2017 10:54:37 AM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Usługa SSSvc zaraportowała nieprawidłowy stan bieżący 32. Error: (02/16/2017 10:54:37 AM) (Source: Service Control Manager) (EventID: 7016) (User: ) Description: Usługa SSSvc zaraportowała nieprawidłowy stan bieżący 32. Error: (02/16/2017 10:50:02 AM) (Source: DCOM) (EventID: 10010) (User: oem) Description: Serwer {4545DEA0-2DFC-4906-A728-6D986BA399A9} nie zarejestrował się w modelu DCOM w wymaganym czasie. CodeIntegrity: =================================== Date: 2017-02-16 11:50:08.356 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-16 11:50:08.169 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-16 11:50:07.997 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-16 11:28:55.703 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-16 11:28:55.468 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-16 11:28:55.249 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-16 11:10:50.363 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-16 11:10:50.184 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-16 11:10:49.996 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-16 10:50:07.640 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Procent pamięci w użyciu: 66% Całkowita pamięć fizyczna: 4024.36 MB Dostępna pamięć fizyczna: 1349.85 MB Całkowita pamięć wirtualna: 11192.36 MB Dostępna pamięć wirtualna: 8556.77 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:97.66 GB) (Free:60.18 GB) NTFS Drive d: () (Fixed) (Total:125.57 GB) (Free:6.14 GB) NTFS ==================== MBR & Tablica partycji ================== ==================== Koniec Addition.txt ============================