Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 16-04-2017 Uruchomiony przez Paweł (16-04-2017 20:13:16) Uruchomiony z E:\ Windows 10 Home Wersja 1511 (X64) (2015-12-23 22:12:13) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-4151379413-4055332468-1672967919-500 - Administrator - Disabled) E13 (S-1-5-21-4151379413-4055332468-1672967919-1003 - Administrator - Enabled) => C:\Users\E13 Gość (S-1-5-21-4151379413-4055332468-1672967919-501 - Limited - Disabled) Konto domyślne (S-1-5-21-4151379413-4055332468-1672967919-503 - Limited - Disabled) Paweł (S-1-5-21-4151379413-4055332468-1672967919-1001 - Administrator - Enabled) => C:\Users\Paweł ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Baidu Antivirus (Enabled - Up to date) {0B023102-4312-4570-585A-1BAAA3570E16} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Baidu Antivirus (Enabled - Up to date) {B063D0E6-6528-4AFE-62EA-20D8D8D044AB} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.) 911 Operator version 1.0 (HKLM-x32\...\911 Operator_is1) (Version: 1.0 - PlayWay SA) <==== UWAGA Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.3.36.1 - Suyin Optronics Corp) Action! (HKLM-x32\...\Mirillis Action!) (Version: 2.3.0 - Mirillis) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) Adobe Reader XI - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1711, 17.04.2016 - AIMP DevTeam) Aktualizacje NVIDIA 2.11.4.1 (Version: 2.11.4.1 - NVIDIA Corporation) Hidden ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) Apowersoft Online Launcher wersja 1.4.4 (HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.4 - APOWERSOFT LIMITED) Baidu Antivirus (HKLM-x32\...\Baidu Antivirus) (Version: 5.4.3.148966 - Baidu, Inc.) Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.82.95 - Broadcom Corporation) Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation) ClickOnce Bootstrapper Package for Microsoft .NET Framework (x32 Version: 4.6.01590 - Microsoft Corporation) Hidden Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version: - getcomposer.org) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) DiagnosticsHub_CollectionService (Version: 15.0.26109 - Microsoft Corporation) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 23.4.19 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.0.2.1016 - DVDVideoSoft Ltd.) Git version 2.7.3 (HKLM\...\Git_is1) (Version: 2.7.3 - The Git Development Community) Glary Utilities 5.41 (HKLM-x32\...\Glary Utilities 5) (Version: 5.41.0.61 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.) Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.00.0000 - JoWooD Productions Software AG) Half-Life (HKLM-x32\...\Half-Life) (Version: - ) Half-Life: Blue Shift (HKLM-x32\...\Half-Life: Blue Shift) (Version: - ) Half-Life: Opposing Force (HKLM-x32\...\Half-Life: Opposing Force) (Version: - ) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) icecap_collection_neutral (x32 Version: 15.0.26127 - Microsoft Corporation) Hidden icecap_collection_x64 (Version: 15.0.26127 - Microsoft Corporation) Hidden icecap_collectionresources (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden icecap_collectionresourcesx64 (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation) Intellisense Lang Pack Mobile Extension SDK 10.0.14393.0 (x32 Version: 10.1.14393.795 - Microsoft Corporation) Hidden ipla 2.9 (HKLM-x32\...\ipla) (Version: 2.9 - Cyfrowy Polsat S.A.) IRS v2.0 (HKLM-x32\...\IRS v2.0) (Version: - ) Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation) Java SE Development Kit 8 Update 73 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180730}) (Version: 8.0.730.2 - Oracle Corporation) Kits Configuration Installer (x32 Version: 10.1.14393.795 - Microsoft) Hidden Malwarebytes (wersja 3.0.6.1469) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes) Microsoft .NET Framework 4.6.2 SDK (HKLM-x32\...\{39BEF607-44E6-472B-90C1-BD62AA2B7A3F}) (Version: 4.6.01586 - Microsoft Corporation) Microsoft .NET Framework 4.6.2 Targeting Pack (HKLM-x32\...\{C07B4BC7-A37D-46A8-B2A3-620CC569D149}) (Version: 4.6.01586 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 RC Redistributable (x64) - 14.10.24911 (HKLM-x32\...\{0a898fd4-a90b-46e2-8f20-46ddb3f24b6e}) (Version: 14.10.24911.0 - Microsoft Corporation) Microsoft Visual C++ 2017 RC Redistributable (x86) - 14.10.24911 (HKLM-x32\...\{c64e9a20-df31-4b11-ada1-00909eb1b508}) (Version: 14.10.24911.0 - Microsoft Corporation) Microsoft Visual Studio 2017 (HKLM-x32\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.3.30130.1 - Microsoft Corporation) Minecraft1.9 (HKLM-x32\...\Minecraft1.9) (Version: - ) MongoDB 3.4.2 2008R2Plus SSL (64 bit) (HKLM\...\{C34E6411-747C-4205-A7F7-C721C3DF2DF3}) (Version: 3.4.2 - MongoDB) Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{2CCF32B0-2BF0-11E5-827D-F04DA23A5C58}) (Version: 13.0.955 - Sony) MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Napisy24 (HKLM-x32\...\{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 1.1 - Napisy24.pl) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Node.js (HKLM\...\{4F1DFC88-F671-4DD8-9DE1-36CDB5A4B9B8}) (Version: 6.9.5 - Node.js Foundation) NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Sterownik graficzny 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation) Obsługa programów Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Opera developer 46.0.2556.0 (HKLM-x32\...\Opera 46.0.2556.0) (Version: 46.0.2556.0 - Opera Software) Oracle VM VirtualBox 5.0.6 (HKLM\...\{D09FC154-2747-4BC8-838E-B2EC414C4F6A}) (Version: 5.0.6 - Oracle Corporation) Paladins (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF402}) (Version: 0.34.1311.2 - Hi-Rez Studios) Panel sterowania NVIDIA 353.54 (Version: 353.54 - NVIDIA Corporation) Hidden Path of Exile (HKLM-x32\...\{43d113d2-e655-40e6-bef3-df49c47f68db}) (Version: 2.6.0.8017 - Grinding Gear Games) Path of Exile (x32 Version: 2.6.0.8017 - Grinding Gear Games) Hidden PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Profesor Henry 6.0 Słownictwo poziom 1 i 2 (HKLM-x32\...\slow_12_60_is1) (Version: - ) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\Spotify) (Version: 1.0.21.143.g76c19bcd - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Sublime Text Build 3083 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH) TypeScript Power Tool (x32 Version: 2.1.5.0 - Microsoft Corporation) Hidden Universal CRT Extension SDK (x32 Version: 10.1.14393.795 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (x32 Version: 10.1.14393.795 - Microsoft Corporation) Hidden Universal CRT Redistributable (x32 Version: 10.1.14393.795 - Microsoft Corporation) Hidden Universal CRT Tools x64 (Version: 10.1.14393.795 - Microsoft Corporation) Hidden Universal CRT Tools x86 (x32 Version: 10.1.14393.795 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (x32 Version: 10.1.14393.795 - Microsoft Corporation) Hidden Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) vcpp_crt.redist.clickonce (x32 Version: 14.10.24911 - Microsoft Corporation) Hidden VS Immersive Activate Helper (x32 Version: 16.0.59.0 - Microsoft Corporation) Hidden VS Script Debugging Common (Version: 16.0.59.0 - Microsoft Corporation) Hidden vs_BlendMsi (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden vs_clickoncebootstrappermsi (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden vs_clickoncebootstrappermsires (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden vs_clickoncesigntoolmsi (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden vs_communitymsi (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden vs_communitymsires (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden vs_devenvmsi (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden vs_filehandler_amd64 (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden vs_filehandler_x86 (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden vs_Graphics_Singletonx64 (Version: 15.0.26109 - Microsoft Corporation) Hidden vs_Graphics_Singletonx86 (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden vs_minshellinteropmsi (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden vs_minshellmsi (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden vs_minshellmsires (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden vs_SQLClickOnceBootstrappermsi (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden vs_tipsmsi (x32 Version: 15.0.26109 - Microsoft Corporation) Hidden WinAppDeploy (x32 Version: 10.1.14393.795 - Microsoft Corporation) Hidden Windows SDK AddOn (HKLM-x32\...\{3BE62AA1-60B9-42EA-99BC-1A46B31C7E0C}) (Version: 10.1.0.0 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.14393.795 (HKLM-x32\...\{5eb6fbea-73ee-4a8e-9042-110704768d7f}) (Version: 10.1.14393.795 - Microsoft Corporation) WindowsTM (HKLM-x32\...\WindowsTM) (Version: 1,2,60122,1018 - ) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WinRT Intellisense Desktop - en-us (x32 Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (x32 Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (x32 Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (x32 Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.14393.795 - Microsoft Corporation) Hidden XAMPP (HKLM-x32\...\xampp) (Version: 5.6.15-1 - Bitnami) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0280CA79-D7D0-4164-9CA2-D99BE44D42C9} - System32\Tasks\Opera scheduled Autoupdate 1490521678 => C:\Program Files\Opera developer\launcher.exe [2017-04-07] (Opera Software) Task: {0E68AE57-AF6F-4DEF-8349-BEB3D209FB0C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-18] (Google Inc.) Task: {27D0B1DD-64AD-44FD-BFC3-3732874C3344} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {345DA70B-24AA-41F0-A5D3-4CCA90BA3160} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-IV3P379-Paweł => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated) Task: {3C3EC5A0-F2E4-407B-96EB-6A710CCACEB9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {62A1A222-EFD6-4BAD-BE67-4F3D5CEAEBD2} - System32\Tasks\CCleanerSkipUAC => E:\Programy\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) Task: {6FF210CF-7B90-4169-AC0E-700F9D47233D} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 15.0.26113.0 => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\VSIXAutoUpdate.exe [2017-02-02] (Microsoft Corporation) Task: {741BF4A5-B5F0-4526-BBC7-6C06BA178086} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-IV3P379-Paweł DESKTOP-IV3P379 => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation) Task: {756A0CAE-5F5D-4334-A839-798904D81CF1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {784CAA2E-A6C1-49FB-933D-057B9E9A8E80} - System32\Tasks\Baidu Antivirus Update => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BavUpdater.exe [2015-10-18] (Baidu, Inc.) Task: {80F56CC2-E258-4213-9126-CE39C7A1B9DB} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js" Task: {85B4E9C9-4DF8-425C-86BA-6916C19B97E6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {995DC2BA-0216-4860-A5F7-F793C2BE0782} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {D411078E-096D-43A5-B7C8-858E628CF424} - System32\Tasks\GU5SkipUAC => E:\Programy\Glary Utilities 5\Integrator.exe [2015-12-21] (Glarysoft Ltd) Task: {D94A12A8-CF4B-4B86-A050-9E1A0A19AACE} - System32\Tasks\GlaryInitialize 5 => E:\Programy\Glary Utilities 5\Initialize.exe [2015-12-21] (Glarysoft Ltd) Task: {DCBF9958-613A-41FB-84FD-CEE6F22BDEF4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-18] (Google Inc.) Task: {F0FB3204-9B0B-4464-9AE4-93FEBBE87F77} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\Paweł\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat () ShortcutWithArgument: C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\Program uruchamiający aplikacje Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\Paweł\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Załadowane moduły (filtrowane) ============== 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-23 23:51 - 2015-07-13 19:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-04-16 16:56 - 2017-03-22 10:24 - 02271520 _____ () E:\PROGRAMY\ANTI-MALWARE\PoliciesControllerImpl.dll 2017-04-16 16:56 - 2017-03-23 19:40 - 02267600 _____ () E:\PROGRAMY\ANTI-MALWARE\MwacLib.dll 2015-12-23 23:41 - 2015-12-23 23:41 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-23 23:41 - 2015-12-23 23:41 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-12-24 14:36 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-24 14:36 - 2015-12-07 06:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-12 21:33 - 2016-01-05 03:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-12 21:33 - 2016-01-05 03:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-12 21:33 - 2016-01-05 03:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-12 21:33 - 2016-01-05 03:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-10-18 18:14 - 2010-06-09 18:54 - 00206208 _____ () C:\Windows\PLFSetI.exe 2015-11-13 13:57 - 2015-11-13 13:57 - 02739240 _____ () E:\Programy\Rainlendar2\Rainlendar2.exe 2015-12-24 00:58 - 2015-12-24 00:58 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-09 22:56 - 2015-12-09 22:57 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2015-12-09 22:56 - 2015-12-09 22:57 - 11542016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2015-11-20 10:28 - 2015-11-20 10:28 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2016-01-09 20:00 - 2016-01-09 20:00 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.36020.0_x64__8wekyb3d8bbwe\Calculator.exe 2015-12-15 20:53 - 2015-12-15 20:53 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.36020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2015-10-18 15:34 - 2015-10-18 15:34 - 00297968 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\HipsLogger.dll 2015-10-18 15:35 - 2015-10-18 15:35 - 00540656 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\sqlite.dll 2015-10-18 15:35 - 2015-05-28 13:44 - 00198128 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\dark.dll 2015-10-18 19:17 - 2015-10-16 02:26 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2015-10-18 19:17 - 2015-10-16 02:25 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll 2015-10-18 19:17 - 2015-10-16 02:26 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll 2015-10-18 19:17 - 2015-10-16 02:25 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2015-10-18 19:17 - 2015-10-16 02:25 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2015-10-18 19:17 - 2015-10-16 02:25 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2015-10-18 13:17 - 2016-06-15 03:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-08-14 08:31 - 2015-08-14 08:31 - 00252928 _____ () E:\Programy\Rainlendar2\libical.dll 2015-08-14 08:31 - 2015-08-14 08:31 - 00051200 _____ () E:\Programy\Rainlendar2\libicalss.dll 2014-05-04 12:48 - 2014-05-04 12:48 - 00197632 _____ () E:\Programy\Rainlendar2\lua52.dll 2015-11-13 13:57 - 2015-11-13 13:57 - 00068136 _____ () E:\Programy\Rainlendar2\plugins\iCalendarPlugin.dll 2014-05-04 12:49 - 2014-05-04 12:49 - 00027648 _____ () E:\Programy\Rainlendar2\lfs.dll 2015-10-18 15:35 - 2015-10-18 15:35 - 00277488 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\Pulgin_Dark_DeleteFileTip.dll 2017-04-14 21:19 - 2017-04-14 01:30 - 00870720 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2017-02-08 08:34 - 2017-03-20 20:10 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2017-02-08 08:34 - 2017-03-20 20:10 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2017-02-08 08:34 - 2017-03-20 20:10 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2017-02-08 08:34 - 2017-04-14 01:34 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2017-02-08 08:34 - 2017-03-20 20:11 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2017-02-08 08:34 - 2017-03-20 20:10 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2017-04-14 21:19 - 2017-03-20 20:10 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2017-04-14 21:19 - 2017-03-20 20:11 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2017-04-14 21:19 - 2017-03-20 20:10 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2017-02-08 08:34 - 2017-03-20 20:13 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2017-02-08 08:34 - 2017-04-14 01:34 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2017-02-08 08:34 - 2017-03-20 20:13 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2017-04-14 21:19 - 2017-03-20 20:10 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2017-04-14 21:19 - 2017-03-20 20:13 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2017-02-08 08:34 - 2017-03-20 20:13 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2017-02-08 08:34 - 2017-04-14 01:34 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2017-02-08 08:34 - 2017-03-20 20:13 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2017-02-08 08:34 - 2017-04-14 01:34 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2017-02-08 08:34 - 2017-03-20 20:13 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2017-02-08 08:34 - 2017-03-20 20:13 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2017-02-08 08:34 - 2017-03-20 20:13 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2017-02-08 08:34 - 2017-03-20 20:13 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2017-02-08 08:34 - 2017-03-20 20:13 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2017-02-08 08:34 - 2017-03-20 20:13 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2017-02-08 08:34 - 2017-03-20 20:13 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2017-02-08 08:34 - 2017-03-20 20:12 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2017-02-08 08:34 - 2017-04-14 01:34 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2017-02-08 08:34 - 2017-03-20 20:13 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2017-02-08 08:34 - 2017-03-20 20:11 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2017-04-14 21:19 - 2017-04-14 01:34 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2017-02-08 08:34 - 2017-03-20 20:13 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2017-02-27 21:29 - 2017-04-14 01:34 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd 2017-02-08 08:34 - 2017-04-14 01:34 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd 2017-02-08 08:34 - 2017-04-14 01:34 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2017-02-08 08:34 - 2017-04-14 01:34 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2017-02-08 08:34 - 2017-04-14 01:34 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd 2017-02-08 08:34 - 2017-04-14 01:34 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd 2017-02-08 08:34 - 2017-03-20 20:13 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2017-04-14 21:19 - 2017-04-14 01:34 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd 2017-02-08 08:34 - 2017-04-14 01:34 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2017-04-14 21:19 - 2017-03-20 20:08 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2017-04-14 21:19 - 2017-04-14 01:33 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2017-04-14 21:19 - 2017-03-22 05:57 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2017-04-14 21:19 - 2017-04-14 01:33 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2017-02-08 08:34 - 2017-04-14 01:34 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd 2017-04-14 21:19 - 2017-03-20 20:17 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll 2017-04-14 21:19 - 2017-03-20 20:17 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2017-04-14 21:19 - 2017-04-14 01:33 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2017-02-08 08:34 - 2017-04-14 01:34 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2017-04-14 21:19 - 2017-04-14 01:33 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2015-12-24 00:58 - 2015-12-24 00:58 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2015-12-24 00:58 - 2015-12-24 00:58 - 02940416 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll 2015-12-24 00:58 - 2015-12-24 00:58 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll 2015-12-24 00:58 - 2015-12-24 00:58 - 01300992 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll 2015-12-24 00:58 - 2015-12-24 00:58 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2017-03-31 07:24 - 2017-03-29 04:04 - 02187096 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll 2017-03-31 07:24 - 2017-03-29 04:04 - 00086360 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll 2017-04-11 18:40 - 2017-03-31 11:49 - 17778776 _____ () C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\PepperFlash\25.0.0.148\pepflashplayer.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2015-07-31 00:42 - 2016-05-23 09:54 - 00000823 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paweł\Pictures\Tapety\Calm\universus_by_t1na-d6vp886.jpg DNS Servers: 62.179.1.62 - 62.179.1.63 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKLM\...\StartupApproved\Run: => "NvBackend" HKLM\...\StartupApproved\Run: => "RtHDVCpl" HKLM\...\StartupApproved\Run: => "SynTPEnh" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\StartupApproved\Run: => "ALLUpdate" HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\StartupApproved\Run: => "Napisy24Update" HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\StartupApproved\Run: => "Napisy24.pl" HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\StartupApproved\Run: => "GUDelayStartup" HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-4151379413-4055332468-1672967919-1001\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{39138B72-09FC-4E13-AB61-25F3A630F8DF}] => (Allow) E:\Programy\NapiProjekt\napisy.exe FirewallRules: [{307CBC28-0D79-4310-836F-F1CD45A2D782}] => (Allow) E:\Programy\NapiProjekt\napisy.exe FirewallRules: [{71854583-9C5A-4995-AC6C-6D101E0907CB}] => (Allow) E:\Programy\Skype\Phone\Skype.exe FirewallRules: [{FB62647F-CE85-4428-905F-FAAFFD0F9950}] => (Allow) E:\Programy\Adobe\Adobe Photoshop CC 2015\Photoshop.exe FirewallRules: [{6F46AED1-4B51-4F30-8C1B-906F0E5CEBA7}] => (Allow) E:\Programy\Adobe\Adobe Photoshop CC 2015\Photoshop.exe FirewallRules: [{A7F76488-0726-4D0A-860A-56879547002F}] => (Allow) E:\Programy\Adobe\Adobe Photoshop CC 2015\Photoshop.exe FirewallRules: [{563A6809-79EB-4BC8-95CE-DBD6613019BD}] => (Allow) E:\Programy\Adobe\Adobe Photoshop CC 2015\Photoshop.exe FirewallRules: [{640AD8EB-78B4-4828-BB05-7A5458B4A825}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{CBC43971-3574-4426-82CA-B6FD32B2F479}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{A06AC38E-8C80-4066-9D62-11C9D89210FA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{EFDFA956-E2FE-410B-8859-B3EE6CB8122B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{F4E0C459-54B8-4D45-90C5-778E8EE6AB3E}] => (Allow) C:\Users\Paweł\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{287B9717-3F51-4DC3-AC3A-926935B022CF}] => (Allow) C:\Users\Paweł\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0A5626D6-349C-4365-8880-2B7DFA3512C4}] => (Allow) C:\Users\Paweł\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{DACC46B7-0E92-47B0-B60C-29148EA5BAF8}] => (Allow) C:\Users\Paweł\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{14CFEC3E-6EFC-4934-8306-2F3D0CF1D86A}] => (Allow) C:\Users\Paweł\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A2D1C4C6-F529-4EC0-B637-BB7EC6832CE2}] => (Allow) C:\Users\Paweł\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{809462A0-452B-4CFA-87B2-E52D16E10EDF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{DA4FA12E-833F-4D5B-91EE-CCAB9AF1FFBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D525125A-FB84-4CF6-B5FC-7DB5022CB228}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{03195B5B-3728-4E6A-B983-02CE9960BCC7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{E413229F-BE86-493A-BE6E-B5658EE08AAB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{CE4447F8-4B0A-444C-8B8D-03E07C24C488}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{83B32760-74A1-4EA8-B242-1B642B498341}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [TCP Query User{EA6BF24E-1582-41EB-862F-01DC9594CA18}E:\programy\xampp\apache\bin\httpd.exe] => (Allow) E:\programy\xampp\apache\bin\httpd.exe FirewallRules: [UDP Query User{084C1ADE-DDEE-4B3F-8405-5D719EC7CE3C}E:\programy\xampp\apache\bin\httpd.exe] => (Allow) E:\programy\xampp\apache\bin\httpd.exe FirewallRules: [TCP Query User{B8FED942-8F0A-4A99-ABF8-1BBD7A353388}E:\programy\xampp\mysql\bin\mysqld.exe] => (Allow) E:\programy\xampp\mysql\bin\mysqld.exe FirewallRules: [UDP Query User{9237CA89-E0B5-4B89-8D0B-4BF10F2F278D}E:\programy\xampp\mysql\bin\mysqld.exe] => (Allow) E:\programy\xampp\mysql\bin\mysqld.exe FirewallRules: [TCP Query User{79CB1CA1-D191-4165-A6F0-E6E58FE9A07A}D:\winbox.exe] => (Allow) D:\winbox.exe FirewallRules: [UDP Query User{287E7D67-BE3E-4024-8B4A-546B1A90EB67}D:\winbox.exe] => (Allow) D:\winbox.exe FirewallRules: [TCP Query User{9411E02B-9B96-49B8-8F8E-AC792CFA9C29}C:\users\paweł\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\paweł\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{7C6AF370-4B1A-4AF2-BB92-508034EC285F}C:\users\paweł\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\paweł\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{3730C794-30E1-4C88-920E-8F681C8EC32B}C:\users\paweł\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\paweł\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{46B2F5F0-E5D8-4F0A-B482-A8C244E3353D}C:\users\paweł\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\paweł\appdata\roaming\spotify\spotify.exe FirewallRules: [{A518155A-0A0B-4B51-A8D7-0F450C1F9487}] => (Allow) E:\Gry\Steam\Steam.exe FirewallRules: [{E2CCEEBB-5457-4653-A3F2-13F9A6ABE391}] => (Allow) E:\Gry\Steam\Steam.exe FirewallRules: [{A0664CE6-5070-4C7B-A835-17A46494891A}] => (Allow) E:\Gry\Steam\bin\steamwebhelper.exe FirewallRules: [{3C931DFE-01D4-41B8-ADC8-B12AAA9782D6}] => (Allow) E:\Gry\Steam\bin\steamwebhelper.exe FirewallRules: [{23312E61-F845-4215-B5CF-091938C62B14}] => (Allow) E:\Gry\Steam\steamapps\common\Warface\live\nw.exe FirewallRules: [{E8308C3E-89A5-49A0-A48F-3C69AA30B8F4}] => (Allow) E:\Gry\Steam\steamapps\common\Warface\live\nw.exe FirewallRules: [TCP Query User{D3F457D7-4D61-493F-A7B3-A7D10D7CD33C}C:\program files\java\jdk1.8.0_73\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_73\bin\java.exe FirewallRules: [UDP Query User{C8425431-862E-4B0D-BDE6-B6112B196643}C:\program files\java\jdk1.8.0_73\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_73\bin\java.exe FirewallRules: [TCP Query User{5F342053-F43F-4262-B8AF-D9F0D2AD5A9A}E:\programy\cain\cain.exe] => (Allow) E:\programy\cain\cain.exe FirewallRules: [UDP Query User{2EA50800-DA6F-4F8A-B831-7CAEAC87CB4B}E:\programy\cain\cain.exe] => (Allow) E:\programy\cain\cain.exe FirewallRules: [TCP Query User{43A7A3C0-E9C8-418D-81BA-05F2CFD2404D}E:\programy\xampp\apache\bin\httpd.exe] => (Allow) E:\programy\xampp\apache\bin\httpd.exe FirewallRules: [UDP Query User{5B67D619-2C04-441B-A359-F692F5A68B43}E:\programy\xampp\apache\bin\httpd.exe] => (Allow) E:\programy\xampp\apache\bin\httpd.exe FirewallRules: [TCP Query User{84FA0E78-5070-46EE-A22A-7753F1E728D2}E:\programy\xampp\mysql\bin\mysqld.exe] => (Allow) E:\programy\xampp\mysql\bin\mysqld.exe FirewallRules: [UDP Query User{A06CA63D-307B-45DE-9165-6085C4A29FC5}E:\programy\xampp\mysql\bin\mysqld.exe] => (Allow) E:\programy\xampp\mysql\bin\mysqld.exe FirewallRules: [{80A61BE2-01AA-4DBD-AA76-5EEF08707A81}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [TCP Query User{190A942A-C3D2-4814-B056-A41CD913B963}C:\users\paweł\appdata\local\temp\rar$exa0.653\p5.exe] => (Block) C:\users\paweł\appdata\local\temp\rar$exa0.653\p5.exe FirewallRules: [UDP Query User{3459C4DF-6A90-4736-A4AC-F7820BA8A131}C:\users\paweł\appdata\local\temp\rar$exa0.653\p5.exe] => (Block) C:\users\paweł\appdata\local\temp\rar$exa0.653\p5.exe FirewallRules: [TCP Query User{0578516D-E22C-4E98-A8D7-B700CE7DDE90}C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{184B9FD3-9F13-47FF-BA7D-F26EE6B1839C}C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe FirewallRules: [TCP Query User{6E06528A-E920-4FBE-A115-A075EBB61CEC}C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{67023995-D93D-461E-8C72-CCC65BEDB1EE}C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe FirewallRules: [{EB6E0A9A-40C6-4D56-9835-43BFE3F9C437}] => (Allow) E:\Gry\Steam\steamapps\common\Warface\live\gflauncher.exe FirewallRules: [{7FD18D82-35BC-4744-AD30-5BEC7D810224}] => (Allow) E:\Gry\Steam\steamapps\common\Warface\live\gflauncher.exe FirewallRules: [TCP Query User{C343B1D6-D7F7-4529-B4FA-784B11218A89}E:\programy\nodejs\node.exe] => (Allow) E:\programy\nodejs\node.exe FirewallRules: [UDP Query User{80135932-C999-4F2E-B4FB-433F0443018A}E:\programy\nodejs\node.exe] => (Allow) E:\programy\nodejs\node.exe FirewallRules: [TCP Query User{9820F254-FE5A-4BFD-8A66-1ED8685485FE}E:\programy\mongodb\server\3.4\bin\mongod.exe] => (Allow) E:\programy\mongodb\server\3.4\bin\mongod.exe FirewallRules: [UDP Query User{719B6BE5-C5F9-4222-A186-E7C72FEFA30B}E:\programy\mongodb\server\3.4\bin\mongod.exe] => (Allow) E:\programy\mongodb\server\3.4\bin\mongod.exe FirewallRules: [{64FC97EE-2FCB-40E1-9CCA-40038D3A97A0}] => (Allow) C:\Program Files\Opera developer\45.0.2548.0\opera.exe FirewallRules: [{EEB649D6-7437-4E7A-9604-AF303C1AA939}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{559D2B16-5F95-4A58-9972-FCF5048CAE51}] => (Block) %ProgramFiles% (x86)\Mirillis\Action!\Action.exe FirewallRules: [{A821D8C6-0AD7-4D8F-8E38-76EF6843415E}] => (Block) %ProgramFiles% (x86)\Mirillis\Action!\Action.exe FirewallRules: [{F19E4F1B-F444-4EBF-AB19-18612F8F47B5}] => (Allow) C:\Program Files\Opera developer\46.0.2556.0\opera.exe FirewallRules: [{BACABDD8-FD8B-4BC0-80B8-A0C2C60914EA}] => (Block) E:\Gry\911 Operator\911.exe FirewallRules: [{2FB8ACFE-484C-4E4F-817C-C0CAB03691FF}] => (Block) E:\Gry\911 Operator\911.exe FirewallRules: [{521C46EB-C2D7-41C6-A8E0-78626FC76C78}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Punkty Przywracania systemu ========================= 27-03-2017 07:51:30 Zaplanowany punkt kontrolny 08-04-2017 16:29:24 Zaplanowany punkt kontrolny 16-04-2017 18:41:36 Punkt przywracania utworzony przez HitmanPro ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (04/16/2017 06:47:35 PM) (Source: HiRezSoftwareManagerSvc) (EventID: 0) (User: ) Description: Nie można uruchomić usługi. System.NullReferenceException: Odwołanie do obiektu nie zostało ustawione na wystąpienie obiektu. w Hirez.Patcher.WorkItem.get_TotalTimeSpentWorking() w Hirez.Patcher.UpdateWork.ToString() w Hirez.Patcher.PatchNetworkClient.(NewMessageCallback ) w Hirez.Patcher.PatchNetworkClient..ctor(String appConfigFilePath, NewMessageCallback logCallback) w Hirez.Patcher.HiPatchService.InternalStart() w Hirez.Patcher.HiPatchService.OnStart(String[] badDontWorkMicrosoftBugArgs) w System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (04/16/2017 06:41:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (04/16/2017 06:41:35 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {bdead733-ead2-4a6d-8629-ec170201254f} Error: (04/16/2017 06:09:15 PM) (Source: HiRezSoftwareManagerSvc) (EventID: 0) (User: ) Description: Nie można uruchomić usługi. System.NullReferenceException: Odwołanie do obiektu nie zostało ustawione na wystąpienie obiektu. w Hirez.Patcher.WorkItem.get_TotalTimeSpentWorking() w Hirez.Patcher.UpdateWork.ToString() w Hirez.Patcher.PatchNetworkClient.(NewMessageCallback ) w Hirez.Patcher.PatchNetworkClient..ctor(String appConfigFilePath, NewMessageCallback logCallback) w Hirez.Patcher.HiPatchService.InternalStart() w Hirez.Patcher.HiPatchService.OnStart(String[] badDontWorkMicrosoftBugArgs) w System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (04/16/2017 04:51:20 PM) (Source: HiRezSoftwareManagerSvc) (EventID: 0) (User: ) Description: Nie można uruchomić usługi. System.NullReferenceException: Odwołanie do obiektu nie zostało ustawione na wystąpienie obiektu. w Hirez.Patcher.WorkItem.get_TotalTimeSpentWorking() w Hirez.Patcher.UpdateWork.ToString() w Hirez.Patcher.PatchNetworkClient.(NewMessageCallback ) w Hirez.Patcher.PatchNetworkClient..ctor(String appConfigFilePath, NewMessageCallback logCallback) w Hirez.Patcher.HiPatchService.InternalStart() w Hirez.Patcher.HiPatchService.OnStart(String[] badDontWorkMicrosoftBugArgs) w System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (04/16/2017 04:33:55 PM) (Source: HiRezSoftwareManagerSvc) (EventID: 0) (User: ) Description: Nie można uruchomić usługi. System.NullReferenceException: Odwołanie do obiektu nie zostało ustawione na wystąpienie obiektu. w Hirez.Patcher.WorkItem.get_TotalTimeSpentWorking() w Hirez.Patcher.UpdateWork.ToString() w Hirez.Patcher.PatchNetworkClient.(NewMessageCallback ) w Hirez.Patcher.PatchNetworkClient..ctor(String appConfigFilePath, NewMessageCallback logCallback) w Hirez.Patcher.HiPatchService.InternalStart() w Hirez.Patcher.HiPatchService.OnStart(String[] badDontWorkMicrosoftBugArgs) w System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (04/16/2017 01:39:09 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (04/15/2017 07:32:47 PM) (Source: HiRezSoftwareManagerSvc) (EventID: 0) (User: ) Description: Nie można uruchomić usługi. System.NullReferenceException: Odwołanie do obiektu nie zostało ustawione na wystąpienie obiektu. w Hirez.Patcher.WorkItem.get_TotalTimeSpentWorking() w Hirez.Patcher.UpdateWork.ToString() w Hirez.Patcher.PatchNetworkClient.(NewMessageCallback ) w Hirez.Patcher.PatchNetworkClient..ctor(String appConfigFilePath, NewMessageCallback logCallback) w Hirez.Patcher.HiPatchService.InternalStart() w Hirez.Patcher.HiPatchService.OnStart(String[] badDontWorkMicrosoftBugArgs) w System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (04/15/2017 05:28:15 PM) (Source: HiRezSoftwareManagerSvc) (EventID: 0) (User: ) Description: Nie można uruchomić usługi. System.NullReferenceException: Odwołanie do obiektu nie zostało ustawione na wystąpienie obiektu. w Hirez.Patcher.WorkItem.get_TotalTimeSpentWorking() w Hirez.Patcher.UpdateWork.ToString() w Hirez.Patcher.PatchNetworkClient.(NewMessageCallback ) w Hirez.Patcher.PatchNetworkClient..ctor(String appConfigFilePath, NewMessageCallback logCallback) w Hirez.Patcher.HiPatchService.InternalStart() w Hirez.Patcher.HiPatchService.OnStart(String[] badDontWorkMicrosoftBugArgs) w System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (04/15/2017 03:46:04 PM) (Source: HiRezSoftwareManagerSvc) (EventID: 0) (User: ) Description: Nie można uruchomić usługi. System.NullReferenceException: Odwołanie do obiektu nie zostało ustawione na wystąpienie obiektu. w Hirez.Patcher.WorkItem.get_TotalTimeSpentWorking() w Hirez.Patcher.UpdateWork.ToString() w Hirez.Patcher.PatchNetworkClient.(NewMessageCallback ) w Hirez.Patcher.PatchNetworkClient..ctor(String appConfigFilePath, NewMessageCallback logCallback) w Hirez.Patcher.HiPatchService.InternalStart() w Hirez.Patcher.HiPatchService.OnStart(String[] badDontWorkMicrosoftBugArgs) w System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Dziennik System: ============= Error: (04/16/2017 06:57:14 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IV3P379) Description: Zgodnie z ustawieniami uprawnienia domyślne ustawienia komputera nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} i identyfikatorem aplikacji APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} użytkownikowi DESKTOP-IV3P379\Paweł o identyfikatorze zabezpieczeń SID (S-1-5-21-4151379413-4055332468-1672967919-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/16/2017 06:57:14 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IV3P379) Description: Zgodnie z ustawieniami uprawnienia domyślne ustawienia komputera nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} i identyfikatorem aplikacji APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} użytkownikowi DESKTOP-IV3P379\Paweł o identyfikatorze zabezpieczeń SID (S-1-5-21-4151379413-4055332468-1672967919-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/16/2017 06:57:14 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IV3P379) Description: Zgodnie z ustawieniami uprawnienia domyślne ustawienia komputera nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} i identyfikatorem aplikacji APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} użytkownikowi DESKTOP-IV3P379\Paweł o identyfikatorze zabezpieczeń SID (S-1-5-21-4151379413-4055332468-1672967919-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/16/2017 06:57:14 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IV3P379) Description: Zgodnie z ustawieniami uprawnienia domyślne ustawienia komputera nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} i identyfikatorem aplikacji APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} użytkownikowi DESKTOP-IV3P379\Paweł o identyfikatorze zabezpieczeń SID (S-1-5-21-4151379413-4055332468-1672967919-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/16/2017 06:57:14 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IV3P379) Description: Zgodnie z ustawieniami uprawnienia domyślne ustawienia komputera nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} i identyfikatorem aplikacji APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} użytkownikowi DESKTOP-IV3P379\Paweł o identyfikatorze zabezpieczeń SID (S-1-5-21-4151379413-4055332468-1672967919-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/16/2017 06:57:14 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IV3P379) Description: Zgodnie z ustawieniami uprawnienia domyślne ustawienia komputera nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} i identyfikatorem aplikacji APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} użytkownikowi DESKTOP-IV3P379\Paweł o identyfikatorze zabezpieczeń SID (S-1-5-21-4151379413-4055332468-1672967919-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/16/2017 06:57:06 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IV3P379) Description: Zgodnie z ustawieniami uprawnienia domyślne ustawienia komputera nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} i identyfikatorem aplikacji APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} użytkownikowi DESKTOP-IV3P379\Paweł o identyfikatorze zabezpieczeń SID (S-1-5-21-4151379413-4055332468-1672967919-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/16/2017 06:57:06 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IV3P379) Description: Zgodnie z ustawieniami uprawnienia domyślne ustawienia komputera nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} i identyfikatorem aplikacji APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} użytkownikowi DESKTOP-IV3P379\Paweł o identyfikatorze zabezpieczeń SID (S-1-5-21-4151379413-4055332468-1672967919-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/16/2017 06:57:02 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IV3P379) Description: Zgodnie z ustawieniami uprawnienia domyślne ustawienia komputera nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} i identyfikatorem aplikacji APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} użytkownikowi DESKTOP-IV3P379\Paweł o identyfikatorze zabezpieczeń SID (S-1-5-21-4151379413-4055332468-1672967919-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/16/2017 06:57:02 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IV3P379) Description: Zgodnie z ustawieniami uprawnienia domyślne ustawienia komputera nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} i identyfikatorem aplikacji APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} użytkownikowi DESKTOP-IV3P379\Paweł o identyfikatorze zabezpieczeń SID (S-1-5-21-4151379413-4055332468-1672967919-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. CodeIntegrity: =================================== Date: 2017-03-26 20:05:38.904 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-26 20:05:38.892 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2016-11-23 18:09:45.914 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-11-18 19:15:30.801 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-11-18 15:25:55.985 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-10-30 20:02:58.684 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-27 20:18:07.599 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-20 21:11:31.470 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-17 13:13:24.064 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-07 21:29:59.989 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz Procent pamięci w użyciu: 70% Całkowita pamięć fizyczna: 2998.7 MB Dostępna pamięć fizyczna: 893.35 MB Całkowita pamięć wirtualna: 4662.7 MB Dostępna pamięć wirtualna: 1893.3 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:224.87 GB) (Free:7.81 GB) NTFS Drive e: (Dysk lokalny) (Fixed) (Total:225.16 GB) (Free:80.5 GB) NTFS Drive x: (911operator) (CDROM) (Total:0.36 GB) (Free:0 GB) CDFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 36C46F56) Partition 1: (Not Active) - (Size=15.6 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=224.9 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=225.2 GB) - (Type=OF Extended) ==================== Koniec Addition.txt ============================