Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 28-05-2017 Uruchomiony przez Piotr (30-05-2017 22:05:34) Uruchomiony z D:\Frst Windows 8.1 (Update) (X64) (2016-08-08 23:00:41) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1709962814-1474008365-844802666-500 - Administrator - Disabled) Gość (S-1-5-21-1709962814-1474008365-844802666-501 - Limited - Enabled) => C:\Users\Gość Gry (S-1-5-21-1709962814-1474008365-844802666-1004 - Limited - Enabled) => C:\Users\Gry Piotr (S-1-5-21-1709962814-1474008365-844802666-1001 - Administrator - Enabled) => C:\Users\Piotr ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET Smart Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET Smart Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Zapora osobista ESET (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) "XCOM - Enemy Within" (HKLM-x32\...\{EE377223-72A9-4995-B3B6-8A056CA4CE5D}_is1) (Version: 1.0.0.926 - ) µTorrent (HKU\S-1-5-21-1709962814-1474008365-844802666-1001\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.) Aktualizacje NVIDIA 24.0.0.0 (Version: 24.0.0.0 - NVIDIA Corporation) Hidden Ansel (Version: 382.05 - NVIDIA Corporation) Hidden Aslain's WoT Modpack (wersja 9.18.0.19) (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 9.18.0.19 - Aslain) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.1.3 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS) Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.13.160818 - ) Bilder-CD Fachkunde Elektrotechnik, 30. Aufl. - Einzellizenz (HKU\S-1-5-21-1709962814-1474008365-844802666-1001\...\Bilder-CD Fachkunde Elektrotechnik 30_is1) (Version: - Verlag Europa-Lehrmittel) Brother MFL-Pro Suite DCP-7030 (HKLM-x32\...\{46E1B1F2-A279-4356-9B17-029F9CC72EAE}) (Version: 2.0.0.0 - Brother Industries, Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6499 - CDBurnerXP) Cool Edit Pro 2.0 (HKLM-x32\...\Cool Edit Pro 2.0) (Version: - ) Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform) DiRT Showdown (HKLM\...\Steam App 201700) (Version: - Codemasters Racing Studio) EaseUS Partition Master 11.5 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) ESET Smart Security (HKLM\...\{4381D174-1253-459D-96C1-50F37EF92330}) (Version: 10.1.204.1 - ESET, spol. s r.o.) Fallout 1.5 - Resurrection version 1.5 EN (HKLM-x32\...\{E9C6352B-9B0D-4C4F-9374-72F3F20CB75F}_is1) (Version: 1.5 EN - Resurrection team) Fallout 2 2.03 (HKLM-x32\...\{0DEDD94A-BA75-4997-974D-BE3C5D695589}_is1) (Version: - Interplay Productions) Fallout New Vegas (HKLM-x32\...\Fallout New Vegas_is1) (Version: - ) FastStone Image Viewer 5.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.7 - FastStone Soft) Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.3.25.1124 - Foxit Software Inc.) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.) GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team) GlassWire 1.1 (remove only) (HKLM-x32\...\GlassWire 1.1) (Version: 1.1.21 - SecureMix LLC) Grand Master Chess 3 (HKLM-x32\...\Grand Master Chess 3_is1) (Version: - FreeGamePick) IDM Crack 6.25 build 15 (HKLM-x32\...\IDM Crack 6.25 build 15) (Version: build 15 - SandySeedings Team) IDM Crack 6.27 build 1 (HKLM-x32\...\IDM Crack 6.27 build 1) (Version: build 2 - Crackingpatching.com Team) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.6.1082 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) K-Lite Codec Pack 11.5.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.5.0 - ) Knights Gambit (HKLM-x32\...\Knights Gambit_is1) (Version: 1.0 - GameTop Pte. Ltd.) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Lazesoft Recovery Suite version 4.1 Home Edition (HKLM-x32\...\LS-32CB12D5-CC47-4BC8-BC97-0613CDCB0406_is1) (Version: 4.1 - Lazesoft) LibreOffice 5.2.0.4 (HKLM-x32\...\{8FA59B7B-1D26-408F-A798-BD11A65A68B9}) (Version: 5.2.0.4 - The Document Foundation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 53.0.3 (x64 pl) (HKLM\...\Mozilla Firefox 53.0.3 (x64 pl)) (Version: 53.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NASCAR® Racing 2003 Season (HKLM-x32\...\{ACC2E059-40E9-4464-B18D-C9BDD9A02CED}) (Version: - Sierra Entertainment) NVIDIA GeForce Experience 3.5.0.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.76 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation) NVIDIA Sterownik graficzny 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation) NvNodejs (Version: 3.5.0.76 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.4.8.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenTTD 1.6.1 (HKLM-x32\...\OpenTTD) (Version: 1.6.1 - OpenTTD) Pakiet sterowników systemu Windows - ASUS (ATP) Mouse (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS) Panel sterowania NVIDIA 382.05 (Version: 382.05 - NVIDIA Corporation) Hidden PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) RACE 07 - Formula RaceRoom Add-On (HKLM\...\Steam App 44630) (Version: - ) RACE 07 (HKLM\...\Steam App 8600) (Version: - SimBin) Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.21.909.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.) RegRun Reanimator (HKLM-x32\...\UnHackMe Update - Reanimator_is1) (Version: - Greatis Software, LLC.) Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) SHIELD Streaming (Version: 7.1.0360 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.5.0.76 - NVIDIA Corporation) Hidden Shutdown8 (HKU\S-1-5-21-1709962814-1474008365-844802666-1001\...\Shutdown8) (Version: 1.08 - Bandisoft.com) Skype™ 7.35 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.35.103 - Skype Technologies S.A.) Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16104.4 - Samsung Electronics Co., Ltd.) Smart Switch (x32 Version: 4.1.16104.4 - Samsung Electronics Co., Ltd.) Hidden Sonarca Sound Recorder Free 3.8.3.a (HKLM-x32\...\655B116F-5CF5-4376-9A36-9FB163ED609F_is1) (Version: - SSRF) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stronghold 2 Deluxe (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.000 - Firefly Studios) Subtitle Edit 3.5.0 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.5.0.0 - Nikse) Thrustmaster FFB Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 2.FFD.2009 - Thrustmaster) Thrustmaster FFB Wheel driver (HKLM-x32\...\{57F9C8E9-A9B8-4E19-9AC2-F21EC5094B84}) (Version: 2.FFJ.2007 - Thrustmaster) Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 9.0 beta 8 - Ghisler Software GmbH) VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.16 - IDRIX) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) World of Tanks (HKU\S-1-5-21-1709962814-1474008365-844802666-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {04AD8A58-7D33-4084-AE6A-3D50D98A4E05} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-04-13] (Realtek Semiconductor) Task: {07E02936-0C45-40BE-AD37-C75A7A0935EB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-04-26] (NVIDIA Corporation) Task: {2BABCC12-8FAF-486B-9C57-59062F9F6524} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-04-26] (NVIDIA Corporation) Task: {4C5A1895-6452-406F-AA00-DAF64844BCFB} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-01-16] (AsusTek) Task: {5C10C730-29E7-4CC5-9EE9-2FB3EE5EA704} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-26] (NVIDIA Corporation) Task: {6F126185-93DE-4870-8D45-83AD44B33E18} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-26] (NVIDIA Corporation) Task: {80AF2B00-3988-440F-826B-F8F3B68BED57} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-04-26] (NVIDIA Corporation) Task: {9E315170-E107-43FC-B99E-C1C23DF98F4C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-26] (NVIDIA Corporation) Task: {F1C26971-4143-4C4D-9A0D-ECA6A00BF15F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd) Task: {F63D0007-6FF0-4400-B15B-B8E9837E270A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-26] (NVIDIA Corporation) Task: {FD9BC90F-33FD-45B5-B55B-B5153EED7B65} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-04-13] (Realtek Semiconductor) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-09-10 09:48 - 2017-04-26 07:40 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-08-09 04:00 - 2017-05-01 22:51 - 00133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-10-01 13:02 - 2013-10-01 13:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2017-05-30 21:02 - 2017-05-06 13:12 - 00380928 _____ () D:\Gmer\88cg4tdv.exe 2017-05-21 18:53 - 2017-05-21 18:53 - 04110280 _____ () D:\Download\aProgramy\adwcleaner_6.047.exe 2015-07-30 08:09 - 2015-07-30 08:09 - 00246304 _____ () C:\Program Files (x86)\GlassWire\GeoIP.dll 2016-09-10 09:48 - 2017-04-26 07:40 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-09-10 09:48 - 2017-04-26 07:03 - 02442360 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2016-09-10 09:48 - 2017-04-26 07:03 - 00361920 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2016-09-10 09:48 - 2017-04-26 07:03 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2016-09-10 09:48 - 2017-04-26 07:03 - 00384120 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2016-09-10 09:48 - 2017-04-26 07:03 - 00467392 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2016-09-10 09:48 - 2017-04-26 07:03 - 00572024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\69820160.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\69820160.sys => ""="Driver" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2017-01-29 14:59 - 2013-08-22 15:25 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1709962814-1474008365-844802666-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKLM\...\StartupApproved\Run: => "BTMTrayAgent" HKLM\...\StartupApproved\Run32: => "EaseUS Cleanup" HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray" HKLM\...\StartupApproved\Run32: => "BrMfcWnd" HKLM\...\StartupApproved\Run32: => "ControlCenter3" HKU\S-1-5-21-1709962814-1474008365-844802666-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-1709962814-1474008365-844802666-1001\...\StartupApproved\Run: => "Steam" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{B2FFB24B-F920-4C1E-B8FE-BF024955F29A}] => (Allow) e:\World_of_Tanks\WoTLauncher.exe FirewallRules: [{53165346-97E3-406C-A056-6FEFFE73227F}] => (Allow) e:\World_of_Tanks\WorldofTanks.exe FirewallRules: [{770B31F2-8D14-4D4C-BAF2-C9C4369E6365}] => (Allow) E:\Steam\Steam.exe FirewallRules: [{297F3DC4-971F-477B-884E-DF0AEB59F34A}] => (Allow) E:\Steam\Steam.exe FirewallRules: [{05E5DCCF-5A9E-412D-BB55-F41978149424}] => (Allow) E:\Steam\steamapps\common\race 07\SteamProxy.exe FirewallRules: [{6B6587E7-24D2-4449-97A1-75B15087D24F}] => (Allow) E:\Steam\steamapps\common\race 07\SteamProxy.exe FirewallRules: [{03F556DB-5EB5-49E5-8218-FE7C90DA4154}] => (Allow) E:\Steam\steamapps\common\race 07\Config.exe FirewallRules: [{6A1CAA6F-D703-4E0E-B5A6-41E1C8AF9CD8}] => (Allow) E:\Steam\steamapps\common\race 07\Config.exe FirewallRules: [{63A1F823-096D-419E-8D20-3118541EB9E9}] => (Allow) E:\Steam\steamapps\common\race 07\SteamExpansionApp.exe FirewallRules: [{3FFBE7ED-1E8F-434A-9198-5C5BA1D20529}] => (Allow) E:\Steam\steamapps\common\race 07\SteamExpansionApp.exe FirewallRules: [{C964F19F-9D1C-4979-885A-91B42F2713A9}] => (Allow) E:\Gry\XCOM - Enemy Within\Binaries\Win32\XComEW.exe FirewallRules: [{43D69406-1169-432C-A098-5FBC96528B43}] => (Allow) E:\Gry\XCOM - Enemy Within\Binaries\Win32\XComEW.exe FirewallRules: [{5A439EF8-7023-44AF-B4D1-700162F9E355}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe FirewallRules: [{F6EF88A9-F52B-43D9-8CA7-1DC69DA08AED}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe FirewallRules: [{B9172C60-A561-410B-920E-10607D7ADC0C}] => (Allow) C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{87D0422E-D637-4ECE-8956-C1E22A9A79A2}] => (Allow) C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F7935AB6-FAE3-46C0-AE27-7A8A1568DA5A}] => (Allow) C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5FA582C6-6784-4446-A3A2-B9E58419F07E}] => (Allow) C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CC1C0C3B-3C7D-4347-9285-4503C47D5358}] => (Allow) C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0F045E9D-8CCE-45A4-A36B-4A993C4582DE}] => (Allow) C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F55D2AD9-4527-46E0-B01E-B1B2BE208AC0}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{99FE50EC-F4A9-4A87-9341-01BADD1F59A3}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{04E875B6-E2A3-4FE1-8FC9-FCE8F911D2AA}] => (Allow) E:\Gry\Stronghold 2\Stronghold2.exe FirewallRules: [{40ABB93C-FEFE-4C49-8E66-43373CE14E5A}] => (Allow) E:\Gry\Stronghold 2\Stronghold2.exe FirewallRules: [{FCDB23D3-F40E-46BA-8461-5CAD3798C7FB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{575B30C0-57AB-4F78-9654-7F0C2BFCE3FF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{94935BD4-73B5-4A16-A5C2-B9F935E61526}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{B9208F73-D4E0-4B2D-BE24-F51FFD529916}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{C54C9442-8A15-4C74-86D4-E858741299E3}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{BE944DBA-CA2F-421F-86C0-93FFF4C4F9C4}] => (Allow) E:\Steam\steamapps\common\DiRT Showdown\showdown.exe FirewallRules: [{56924B52-FBEC-42CF-B7F9-F745D709D19B}] => (Allow) E:\Steam\steamapps\common\DiRT Showdown\showdown.exe FirewallRules: [{EEB8105D-C3B5-4805-83E2-C4595ADBF463}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{79A68EA9-F6D1-4F1C-935D-3FB458CDF3D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{DEC9B249-CA60-4E82-B450-F7C9E2C94E3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{65BEA01C-468B-4E0F-A765-D513675B3C1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{C6ED3D8A-51C8-467F-A9B5-8D3B0996558D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe ==================== Punkty Przywracania systemu ========================= 17-05-2017 00:12:11 UnHackMe Malware Removal 20-05-2017 09:26:20 Windows Update 23-05-2017 14:26:04 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (05/30/2017 06:15:24 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Error: (05/29/2017 06:09:54 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Error: (05/28/2017 04:31:21 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Error: (05/27/2017 04:54:00 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Error: (05/26/2017 09:53:45 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1110 Error: (05/26/2017 09:53:45 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1110 Error: (05/26/2017 09:53:45 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/26/2017 06:33:15 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Error: (05/25/2017 12:47:21 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Error: (05/24/2017 10:47:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1078 Dziennik System: ============= Error: (05/30/2017 02:44:50 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \SystemRoot\SysWow64\DRIVERS\papycpu2.sys Error: (05/30/2017 02:44:50 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \SystemRoot\SysWow64\DRIVERS\papyjoy.sys Error: (05/30/2017 06:27:04 AM) (Source: DCOM) (EventID: 10010) (User: PI) Description: Serwer {1B1F472E-3221-4826-97DB-2C2324D389AE} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (05/30/2017 06:26:34 AM) (Source: DCOM) (EventID: 10010) (User: PI) Description: Serwer {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (05/30/2017 06:07:42 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \SystemRoot\SysWow64\DRIVERS\papycpu2.sys Error: (05/30/2017 06:07:42 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \SystemRoot\SysWow64\DRIVERS\papyjoy.sys Error: (05/29/2017 06:52:54 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: ZARZĄDZANIE NT) Description: H:\Device\HarddiskVolume123 Error: (05/29/2017 06:52:53 PM) (Source: Ntfs) (EventID: 55) (User: ZARZĄDZANIE NT) Description: Wykryto uszkodzenie w strukturze systemu plików woluminu H:. W strukturze indeksu systemu plików znaleziono uszkodzenie. Numer odwołania do pliku: 0x5000000000005. Nazwa pliku: „”. Atrybut uszkodzonego indeksu: „:$I30:$INDEX_ALLOCATION”. Error: (05/29/2017 06:00:54 PM) (Source: disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR3. Error: (05/29/2017 05:26:30 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: ZARZĄDZANIE NT) Description: H:\Device\HarddiskVolume103 CodeIntegrity: =================================== Date: 2017-02-21 00:24:47.103 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-21 00:24:46.575 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-21 00:24:46.267 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-21 00:24:45.981 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-21 00:24:45.659 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-21 00:24:45.364 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-21 00:24:45.003 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-21 00:24:44.716 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-21 00:24:44.343 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-21 00:24:44.056 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-3537U CPU @ 2.00GHz Procent pamięci w użyciu: 46% Całkowita pamięć fizyczna: 8077.55 MB Dostępna pamięć fizyczna: 4336.67 MB Całkowita pamięć wirtualna: 9357.55 MB Dostępna pamięć wirtualna: 5580.49 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:109.25 GB) (Free:65.77 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive d: () (Fixed) (Total:307.89 GB) (Free:179.93 GB) NTFS Drive e: () (Fixed) (Total:269.87 GB) (Free:84.42 GB) NTFS Drive f: () (Fixed) (Total:244.28 GB) (Free:70.65 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 08B98172) Partition: GPT. ==================== Koniec Addition.txt ============================