Anonim / 1 rok, 3 miesiące temu | Download | Plaintext | Odpowiedz |

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja: 11-01-2017
Uruchomiony przez ppp (12-01-2017 10:48:29)
Uruchomiony z C:\Users\ppp\AppData\Local\Temp\scoped_dir1556_14918
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) (2008-12-31 23:37:38)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-3962199-2463911024-3041523983-500 - Administrator - Disabled)
Blood (S-1-5-21-3962199-2463911024-3041523983-1001 - Administrator - Enabled) => C:\Users\Blood
Gość (S-1-5-21-3962199-2463911024-3041523983-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3962199-2463911024-3041523983-1005 - Limited - Enabled)
ppp (S-1-5-21-3962199-2463911024-3041523983-1000 - Administrator - Enabled) => C:\Users\ppp
Przybysławscy (S-1-5-21-3962199-2463911024-3041523983-1002 - Administrator - Enabled) => C:\Users\Przybysławscy

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

µTorrent (HKU\S-1-5-21-3962199-2463911024-3041523983-1000\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Adobe Flash Player 24 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
Anvi Smart Defender 2.5 (HKLM\...\Anvi Smart Defender) (Version: 2.5 - Anvisoft)
Autorun Organizer wersja 2.21 (HKLM\...\Autorun Organizer_is1) (Version: 2.21 - ChemTable Software)
AVI ReComp 1.5.6 (HKLM\...\AVI ReComp) (Version: 1.5.6 - Mateusz Gola (aka Prozac))
AviSynth 2.5 (HKLM\...\Avisynth) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Freemake Video Converter wersja 4.1.5 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Intel Android Device USB driver (HKLM\...\Intel Android Device USB driver) (Version: 1.1.5 - Intel)
Java 8 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Last.fm Scrobbler 2.1.37 (HKLM\...\LastFM_is1) (Version:  - Last.fm)
Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MiniTool Power Data Recovery Free Edition 7.0 (HKLM\...\MiniTool Power Data Recovery Free Edition_is1) (Version:  - MiniTool Solution Ltd.)
MPC-HC 1.7.7 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.7 - MPC-HC Team)
NapiProjekt (2.2.0.2399) (HKLM\...\NapiProjekt_is1) (Version:  - )
Opera Stable 38.0.2220.29 (HKLM\...\Opera 38.0.2220.29) (Version: 38.0.2220.29 - Opera Software)
Opera Stable 42.0.0.239320787 (HKLM\...\Opera 42.0.0.239320787) (Version: 42.0.0.239320787 - Opera Software)
Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Power Drill Massacre version 0.04 (HKLM\...\{98F8A8BF-B6FE-4A16-9737-9B8154BF8E8F}_is1) (Version: 0.04 - Vague Scenario)
qTox (HKLM\...\qTox) (Version: 1.0 - The qTox Project)
Reg Organizer wersja 7.35 (HKLM\...\Reg Organizer_is1) (Version: 7.35 - ChemTable Software)
Registry Life wersja 3.29 (HKLM\...\Registry Life_is1) (Version: 3.29 - ChemTable Software)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
SopCast 3.9.3 (HKLM\...\SopCast) (Version: 3.9.3 - www.sopcast.com)
SoulseekQt (HKLM\...\SoulseekQt) (Version:  - )
TP-LINK 150Mbps Wireless N USB Adapter Driver (HKLM\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
VMware Player (HKLM\...\VMware_Player) (Version: 5.0.4 - VMware, Inc)
VMware Player (Version: 5.0.4 - VMware, Inc.) Hidden
VobSub 2.23 (HKLM\...\VobSub) (Version: 2.23 - Gabest)
WebCamera Plus 2.1.1 (HKLM\...\WebCamera Plus_is1) (Version: 2.1.1 - Ateksoft)
Winamp (HKLM\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows Phone app for desktop (HKLM\...\{99759E36-8961-43DC-A7E6-4601D6AEF166}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
YoutubeMovieMaker (HKLM\...\{E084C471-FA8F-4468-93F1-25B3A13ED942}) (Version: 16.02 - Youtube Movie Maker)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-3962199-2463911024-3041523983-1000_Classes\CLSID\{1aad99ea-ee10-5c3a-8174-84c63a67adde}\InprocServer32 -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll (Anvisoft)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {13069556-E1DF-4345-B0AB-FD69AF196F49} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {13AEB8BA-D40F-42CF-8F5D-173FED591244} - System32\Tasks\Better Installer Logon => C:\Users\ppp\AppData\Roaming\Better Installer\Better Installer.exe
Task: {1A9444F0-514F-434B-8400-73CD66F3C201} - System32\Tasks\ASD_Main => C:\Program Files\Anvisoft\Anvi Smart Defender\ASD2.exe [2015-09-17] (Anvisoft)
Task: {39D5E295-9ECD-441A-BB6D-8F2E0D28DCEB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {575F09DD-2FAD-46EF-9611-3A9725D50239} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {67F3E1A7-CCFC-4EA4-93B0-C913CDFF90D4} - \Softcomp Software Viewer -> Brak pliku <==== UWAGA
Task: {C35A39ED-0BA1-4DFA-A981-02016CB6D0B7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {E3AAE063-36EF-49AE-90D7-73B21D8BABC9} - System32\Tasks\Opera scheduled Autoupdate 1420887467 => C:\Program Files\Opera\launcher.exe [2017-01-10] (Opera Software)
Task: {E4F493E4-07D7-4DD1-A89A-F385EBFD2E83} - System32\Tasks\Opera scheduled Autoupdate 1484135192 => C:\Program Files\Opera\launcher.exe [2017-01-10] (Opera Software)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Skróty =============================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)

Shortcut: C:\Users\ppp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnet Ехplorеr.lnk -> C:\Users\ppp\AppData\Roaming\Browsers\exe.erolpxei.bat (Brak pliku) <===== Cyrillic
Shortcut: C:\Users\ppp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnet Ехрlorеr (Nо Add-ons).lnk -> C:\Users\ppp\AppData\Roaming\Browsers\exe.erolpxei.bat (Brak pliku) <===== Cyrillic
Shortcut: C:\Users\ppp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunch Intеrnet Eхplоrеr Browser.lnk -> C:\Users\ppp\AppData\Roaming\Browsers\exe.erolpxei.bat (Brak pliku) <===== Cyrillic
Shortcut: C:\Users\ppp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnet Eхplorеr.lnk -> C:\Users\ppp\AppData\Roaming\Browsers\exe.erolpxei.bat (Brak pliku) <===== Cyrillic
Shortcut: C:\Users\ppp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Оpеra 38.lnk -> C:\Users\ppp\AppData\Roaming\Browsers\exe.rehcnual.bat (Brak pliku) <===== Cyrillic

==================== Załadowane moduły (filtrowane) ==============

2015-09-17 05:54 - 2015-09-17 05:54 - 00499336 _____ () C:\Program Files\Anvisoft\Anvi Smart Defender\http_hook.dll
2014-04-30 03:04 - 2014-04-30 03:04 - 00088080 _____ () C:\Program Files\Anvisoft\Anvi Smart Defender\libglog.dll
2015-09-17 05:54 - 2015-09-17 05:54 - 00909448 _____ () C:\Program Files\Anvisoft\Anvi Smart Defender\ASD2Engine.dll
2014-04-30 03:04 - 2014-04-30 03:04 - 00038928 _____ () C:\Program Files\Anvisoft\Anvi Smart Defender\fuzzy.dll
2014-04-30 03:04 - 2014-04-30 03:04 - 00093712 _____ () C:\Program Files\Anvisoft\Anvi Smart Defender\zlibwapi.dll
2015-09-17 05:54 - 2015-09-17 05:54 - 00130696 _____ () C:\Program Files\Anvisoft\Anvi Smart Defender\ExtractImpl.dll
2015-09-17 05:55 - 2015-09-17 05:55 - 00026760 _____ () C:\Program Files\Anvisoft\Anvi Smart Defender\UnpackImpl.dll
2015-09-17 05:55 - 2015-09-17 05:55 - 00257160 _____ () C:\Program Files\Anvisoft\Anvi Smart Defender\pyunpacker.dll
2015-09-17 05:54 - 2015-09-17 05:54 - 00038024 _____ () C:\Program Files\Anvisoft\Anvi Smart Defender\fsmlib.dll
2014-04-30 02:27 - 2014-04-30 02:27 - 00649744 _____ () C:\Program Files\Anvisoft\Anvi Smart Defender\sqlite3.dll
2014-07-02 00:09 - 2014-07-02 00:09 - 01261272 _____ () C:\Program Files\VMware\VMware Player\libxml2.dll
2014-11-20 03:14 - 2012-10-18 15:28 - 00846848 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2014-11-20 03:14 - 2012-10-18 15:28 - 01411072 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2014-11-20 03:14 - 2012-06-12 14:43 - 00193024 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2014-11-20 03:14 - 2012-10-18 15:28 - 00137728 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
2014-11-20 03:14 - 2012-10-18 15:28 - 00116224 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL
2017-01-12 10:35 - 2017-01-12 10:35 - 00018944 _____ () C:\Users\ppp\AppData\Local\Temp\WPLAF8.tmp\ml_online.lng
2017-01-12 10:35 - 2017-01-12 10:35 - 00035328 _____ () C:\Users\ppp\AppData\Local\Temp\WPLAF8.tmp\ombrowser.lng
2013-12-13 03:47 - 2013-12-13 03:47 - 00333824 _____ () C:\Program Files\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
2015-08-17 17:11 - 2015-04-20 01:00 - 00738784 _____ () C:\Program Files\Last.fm\unicorn.dll
2015-08-17 17:11 - 2015-04-20 01:00 - 00034784 _____ () C:\Program Files\Last.fm\logger.dll
2015-08-17 17:11 - 2015-04-20 01:00 - 00353248 _____ () C:\Program Files\Last.fm\lastfm.dll
2015-08-17 17:11 - 2015-04-20 01:00 - 00128992 _____ () C:\Program Files\Last.fm\listener.dll
2015-08-17 17:11 - 2015-04-20 00:59 - 00304608 _____ () C:\Program Files\Last.fm\phonon.dll
2015-08-17 17:11 - 2015-04-20 01:00 - 00184800 _____ () C:\Program Files\Last.fm\plugins\phonon_backend\phonon_vlc.dll
2015-08-17 17:11 - 2015-04-20 00:59 - 00113120 _____ () C:\Program Files\Last.fm\libvlc.dll
2015-08-17 17:11 - 2015-04-20 00:59 - 02288608 _____ () C:\Program Files\Last.fm\libvlccore.dll
2015-08-17 17:11 - 2015-04-20 01:00 - 00051680 _____ () C:\Program Files\Last.fm\plugins\audio_output\libaout_directx_plugin.dll
2016-04-27 17:38 - 2016-03-21 12:22 - 03472128 _____ () C:\Program Files\Autorun Organizer\StartupCheckingService.exe
2017-01-11 12:46 - 2017-01-10 12:44 - 68787288 _____ () C:\Program Files\Opera\42.0.0.239320787\opera.dll
2017-01-11 12:46 - 2017-01-10 12:44 - 01893976 _____ () C:\Program Files\Opera\42.0.0.239320787\libglesv2.dll
2017-01-11 12:46 - 2017-01-10 12:44 - 00086616 _____ () C:\Program Files\Opera\42.0.0.239320787\libegl.dll

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)


==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)


==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


==================== Hosts - zawartość: ===============================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-3962199-2463911024-3041523983-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ppp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.10.251
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Zapora systemu Windows [funkcja włączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==


==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [{E56CA31C-0091-443C-BEFC-1599AFE3C155}] => C:\Program Files\Winamp\winamp.exe
FirewallRules: [{256BF2F3-5FD3-489F-A09F-81336A8103BB}] => C:\Program Files\Winamp\winamp.exe
FirewallRules: [{70B489FF-66FB-4273-A8E3-85C310BF61E0}] => C:\Program Files\NapiProjekt\napisy.exe
FirewallRules: [{575F2E10-8EDB-4F08-812D-C1F9D33E9E24}] => C:\Program Files\NapiProjekt\napisy.exe
FirewallRules: [TCP Query User{49FE2394-5903-468B-853E-F8E5ED259FBB}C:\program files\sopcast\sopcast.exe] => C:\program files\sopcast\sopcast.exe
FirewallRules: [UDP Query User{5B4407DC-2592-46D7-A100-D29A2FAEB34C}C:\program files\sopcast\sopcast.exe] => C:\program files\sopcast\sopcast.exe
FirewallRules: [{7CC22A7D-C40F-43C0-A94B-2B339A2BD569}] => C:\Program Files\Opera\launcher.exe
FirewallRules: [{FF6A0CC6-EE98-4E29-B2DA-7A6594A1C8F6}] => C:\Program Files\Opera\launcher.exe
FirewallRules: [{5864E400-FDFC-4C87-AA8D-D29728357353}] => C:\Program Files\Opera\launcher.exe
FirewallRules: [{B90E99E4-BEDD-4CC7-A576-A7B9BF066DD1}] => C:\Program Files\Opera\launcher.exe
FirewallRules: [{F260A3CD-E909-476D-B0C2-FCB1AE356AD8}] => C:\Windows\System32\taskhost.exe
FirewallRules: [{02B20BB2-A69D-4F5C-B6E4-53C2DD1EE477}] => C:\Windows\System32\taskhost.exe
FirewallRules: [{944E8DF7-F28B-4193-8B8D-E3B47AA24AC2}] => C:\Windows\explorer.exe
FirewallRules: [{70C87B6C-673E-4C97-A70B-7D681E0DD8AE}] => C:\Windows\explorer.exe
FirewallRules: [{8639A659-6FFD-438D-9473-0FE7AC853A0B}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{E28B2867-B35D-4B3B-846C-BCFACC6BA760}C:\users\blood\desktop\gts\easy\mbot_vsro110.exe] => C:\users\blood\desktop\gts\easy\mbot_vsro110.exe
FirewallRules: [UDP Query User{F8F3DE44-AE2B-4465-B226-BBE3C2A26900}C:\users\blood\desktop\gts\easy\mbot_vsro110.exe] => C:\users\blood\desktop\gts\easy\mbot_vsro110.exe
FirewallRules: [{E10C65E3-8B57-4D74-BBEC-9D973AE81CE9}] => C:\Program Files\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{35BBB2C6-9BB6-424A-983D-A7749120CFD0}] => C:\Program Files\VMware\VMware Player\vmware-authd.exe
FirewallRules: [TCP Query User{9A699D5B-0210-4419-A257-B516E1CC8CE6}C:\program files\soulseekqt\soulseekqt.exe] => C:\program files\soulseekqt\soulseekqt.exe
FirewallRules: [UDP Query User{DF20D168-5BF7-43A5-8539-D2958B8CEC5D}C:\program files\soulseekqt\soulseekqt.exe] => C:\program files\soulseekqt\soulseekqt.exe
FirewallRules: [{D3311DC5-8712-4659-9DB6-0A59D8F0DE09}] => C:\Program Files\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe
FirewallRules: [{5C82084A-BCE7-44AA-A58A-E56950E0D33C}] => C:\Program Files\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe
FirewallRules: [{B3CE8A3C-7A9B-44E7-9C6B-3AEB2E30F931}] => C:\Program Files\Ateksoft\WebCamera Plus\camviewer.exe
FirewallRules: [{F2F28E9D-B319-47B2-96BC-A89B9F621142}] => C:\Program Files\Ateksoft\WebCamera Plus\camviewer.exe
FirewallRules: [TCP Query User{1336BAB1-DCA8-4CFF-806D-75452477F3F3}C:\program files\qtox\bin\qtox.exe] => C:\program files\qtox\bin\qtox.exe
FirewallRules: [UDP Query User{BBC1B6F6-9D02-4F8C-8199-4C9499D06EDF}C:\program files\qtox\bin\qtox.exe] => C:\program files\qtox\bin\qtox.exe
FirewallRules: [{5577542A-54B2-4E88-BCC7-0406BFF97A4B}] => C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{65D298CB-C934-4EAD-9A0C-9042563A5649}] => C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{19493A60-363D-40EA-AB6A-E31E2E958E4E}] => C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{844BCE02-5F52-4BA5-8474-3F8AD28BC36B}] => C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FC1B161C-BF0C-4BC6-9E9F-16C86887CEC6}] => C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{75EB248E-619F-47D3-87F9-99E6988DCB1A}] => C:\Users\ppp\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{E7016954-7F78-4D1F-A2CA-2037DF2869E8}C:\program files\soulseekqt\soulseekqt.exe] => C:\program files\soulseekqt\soulseekqt.exe
FirewallRules: [UDP Query User{59C0BFE0-689D-4618-A188-95F4566955B1}C:\program files\soulseekqt\soulseekqt.exe] => C:\program files\soulseekqt\soulseekqt.exe
FirewallRules: [TCP Query User{CCAC15BD-39EB-4257-BD1A-63E0ACAD2BFF}C:\program files\qtox\bin\qtox.exe] => C:\program files\qtox\bin\qtox.exe
FirewallRules: [UDP Query User{5084420D-C94B-4F01-BFF7-29ABA78F6DC2}C:\program files\qtox\bin\qtox.exe] => C:\program files\qtox\bin\qtox.exe
FirewallRules: [TCP Query User{7101FFDD-0038-4320-B416-71FD915D94DE}C:\users\ppp\appdata\roaming\utorrent\updates\3.4.8_42576.exe] => C:\users\ppp\appdata\roaming\utorrent\updates\3.4.8_42576.exe
FirewallRules: [UDP Query User{E727251E-8DD5-4360-90F7-BDA2A083196F}C:\users\ppp\appdata\roaming\utorrent\updates\3.4.8_42576.exe] => C:\users\ppp\appdata\roaming\utorrent\updates\3.4.8_42576.exe
FirewallRules: [TCP Query User{4EB263F8-0602-4B3B-981A-A5232E45C69E}C:\users\ppp\appdata\roaming\utorrent\updates\3.4.9_42973.exe] => C:\users\ppp\appdata\roaming\utorrent\updates\3.4.9_42973.exe
FirewallRules: [UDP Query User{6C15C88A-7E48-497F-B8D0-75C3E47CE252}C:\users\ppp\appdata\roaming\utorrent\updates\3.4.9_42973.exe] => C:\users\ppp\appdata\roaming\utorrent\updates\3.4.9_42973.exe
FirewallRules: [TCP Query User{A81B01ED-06AC-4A67-8BDA-654F8C0C92E0}C:\users\ppp\appdata\roaming\utorrent\updates\3.4.9_43085.exe] => C:\users\ppp\appdata\roaming\utorrent\updates\3.4.9_43085.exe
FirewallRules: [UDP Query User{C126DAC5-9A4D-46C6-B5C0-E298676AD75F}C:\users\ppp\appdata\roaming\utorrent\updates\3.4.9_43085.exe] => C:\users\ppp\appdata\roaming\utorrent\updates\3.4.9_43085.exe

==================== Punkty Przywracania systemu =========================

11-01-2017 13:30:27 Instalacja pakietu sterownika urządzenia: Anvisoft Usługa sieciowa

==================== Wadliwe urządzenia w Menedżerze urządzeń =============

Name: Karta tunelowania Teredo firmy Microsoft
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (01/12/2017 10:35:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/12/2017 10:34:07 AM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2017-01-12T10:34:07.381+01:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (01/11/2017 01:07:48 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2017-01-11T13:07:48.036+01:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (01/11/2017 01:07:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/11/2017 01:06:11 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: ZARZĄDZANIE NT)
Description: Nie można ponownie uruchomić aplikacji lub usługi Spybot-S&D 2 Security Center Service.

Error: (01/11/2017 12:31:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/11/2017 12:31:08 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2017-01-11T12:31:08.627+01:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (01/11/2017 12:26:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/11/2017 12:24:52 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2017-01-11T12:24:52.218+01:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (01/11/2017 11:45:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


Dziennik System:
=============
Error: (01/12/2017 10:36:46 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Usługa Usługa inteligentnego transferu w tle zakończyła działanie; wystąpił specyficzny dla niej błąd %%-2147024873 = Błąd danych (CRC)..

Error: (01/12/2017 10:36:46 AM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: ZARZĄDZANIE NT)
Description: Uruchomienie usługi BITS nie powiodło się. Błąd 2147942423.

Error: (01/12/2017 10:36:46 AM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

Error: (01/12/2017 10:36:43 AM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

Error: (01/12/2017 10:36:40 AM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

Error: (01/12/2017 10:36:37 AM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

Error: (01/12/2017 10:36:34 AM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

Error: (01/12/2017 10:36:30 AM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

Error: (01/12/2017 10:36:27 AM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.

Error: (01/12/2017 10:36:24 AM) (Source: Disk) (EventID: 7) (User: )
Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok.


CodeIntegrity:
===================================
  Date: 2017-01-12 10:48:18.616
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\asd2fsm.sys because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-12 10:48:18.575
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\asd2fsm.sys because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-12 10:47:54.929
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\asd2fsm.sys because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-12 10:47:54.888
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\asd2fsm.sys because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-12 10:35:47.995
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\asd2fsm.sys because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-12 10:35:47.872
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\asd2fsm.sys because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-12 10:34:01.317
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\asd2fsm.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-12 10:34:01.317
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\asd2fsm.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-12 10:34:01.087
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\asd2fsm.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-01-12 10:34:01.087
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\asd2fsm.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Statystyki pamięci =========================== 

Procesor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Procent pamięci w użyciu: 58%
Całkowita pamięć fizyczna: 3326.42 MB
Dostępna pamięć fizyczna: 1372.94 MB
Całkowita pamięć wirtualna: 6651.16 MB
Dostępna pamięć wirtualna: 4344.88 MB

==================== Dyski ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:7.46 GB) NTFS
Drive d: (Nowy) (Fixed) (Total:833.85 GB) (Free:475.15 GB) NTFS

==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E0DEA7D2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)

==================== Koniec  Addition.txt ============================