Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 06-10-2017 Uruchomiony przez wiczi (07-10-2017 13:26:33) Uruchomiony z C:\Users\wiczi\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2017-07-15 13:39:44) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-319334698-2115631649-3299897735-500 - Administrator - Disabled) Gość (S-1-5-21-319334698-2115631649-3299897735-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-319334698-2115631649-3299897735-1002 - Limited - Enabled) wiczi (S-1-5-21-319334698-2115631649-3299897735-1000 - Administrator - Enabled) => C:\Users\wiczi ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-319334698-2115631649-3299897735-1000\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.) Aktualizacje NVIDIA 25.6.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.6.0.0 - NVIDIA Corporation) Hidden Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.76 - NVIDIA Corporation) Hidden ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) aTube Catcher wersja 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.46.1633 - BlueStack Systems, Inc.) Castle Story (HKLM-x32\...\Castle Story_is1) (Version: - ) Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) DAEMON Tools Toolbar (HKLM-x32\...\DAEMON Tools Toolbar) (Version: 1.1.0.0283 - DT Soft Ltd) <==== UWAGA Dishonored 2 (HKLM\...\Dishonored 2_is1) (Version: 1.0 - ) DreamCompress (HKLM-x32\...\DreamCompress) (Version: - ) Europa Universalis IV (HKLM\...\Steam App 236850) (Version: - Paradox Development Studio) FastDataX 1.20 (HKLM-x32\...\FastDataX_is1) (Version: 1.20 - ) FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.54.713 - Digital Wave Ltd) GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - ) GG (HKU\S-1-5-21-319334698-2115631649-3299897735-1000\...\GG) (Version: 12 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation) Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) Kingdoms and Castles (HKLM-x32\...\2067763543_is1) (Version: 104 - GOG.com) League of Legends (HKLM-x32\...\{EA8630BD-0DCC-4154-B972-AAA6C8989E1A}) (Version: 4.2.1 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) LUXONIX Purity (HKLM-x32\...\LUXONIX_Purity) (Version: 1.2.5 - LUXONIX) Malwarebytes (wersja 3.2.2.2029) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes) ManyCam 4.0.109 (HKLM-x32\...\ManyCam) (Version: 4.0.109 - Visicom Media Inc.) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Build Tools 2015 (HKLM-x32\...\{d21da0dd-4ba4-4838-ba58-64cf7a77131a}) (Version: 14.0.23107.10 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team) NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.76 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation) NVIDIA Sterownik graficzny 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.76 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.6.0 - Microleaves) Hidden <==== UWAGA OpenSubtitlesPlayer V7.X (HKLM-x32\...\OpenSubtitlesPlayer_is1) (Version: - Opensubtitles.org) Panel sterowania NVIDIA 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 384.76 - NVIDIA Corporation) Hidden Perfect Uninstaller v6.3.4.0 (HKLM\...\Perfect Uninstaller_is1) (Version: - www.PerfectUninstaller.com) Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.) RIVpemjyECl8 Updater version 1.2.0.4 (HKLM-x32\...\RIVpemjyECl8 Updater_is1) (Version: 1.2.0.4 - ) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden SimCity (HKLM-x32\...\SimCity_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.) SoundWire Server version 1.9 (HKLM-x32\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 1.9 - GeorgieLabs) Spotify (HKU\S-1-5-21-319334698-2115631649-3299897735-1000\...\Spotify) (Version: 1.0.64.399.g4637b02a - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries Engine 3.11.4 (HKLM\...\SteelSeries Engine 3) (Version: 3.11.4 - SteelSeries ApS) Stream What You Hear (SWYH) wersja 1.4 (HKLM-x32\...\{5FBEA9D3-668E-4B88-BF6C-E1BCF441ECFD}_is1) (Version: 1.4 - Sebastien.warin.fr) suUqZBp2wcSI Updater version 1.2.0.4 (HKLM-x32\...\suUqZBp2wcSI Updater_is1) (Version: 1.2.0.4 - ) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH) The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - ) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.) Tony Hawks Pro Skater 4 (HKLM-x32\...\{E0F07676-2C60-4465-A727-20DE3BFCABAC}) (Version: 1.00.0000 - Aspyr Media) Total War ROME II Emperor Edition MULTi9 - ElAmigos wersja 2.2.0.16155 (HKLM-x32\...\{E62FED7C-448C-427A-8B75-B7F5D10B8548}_is1) (Version: 2.2.0.16155 - SEGA) Twitch (HKU\S-1-5-21-319334698-2115631649-3299897735-1000\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.) VIA Platforma Menedżera urządzeń (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) Warface My.Com (HKU\S-1-5-21-319334698-2115631649-3299897735-1000\...\Warface My.Com) (Version: 1.45 - My.com B.V.) Windows Driver Package - Microsoft (xusb21) XnaComposite (08/13/2009 2.1.0.1349) (HKLM\...\0AEBEF6F936CFE16E003F7E141631FAB754D9816) (Version: 08/13/2009 2.1.0.1349 - Microsoft) WinRAR 5.40 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) YoutubeAdBlock (HKLM-x32\...\E3605470-291B-44EB-8648-745EE356599A) (Version: 2.0.0.337 - Company Inc.) <==== UWAGA Zoo Tycoon 2 - African Adventure (HKLM-x32\...\{CE7062BD-BE6F-4153-9654-3D72D0C1CC17}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden Zoo Tycoon 2 - African Adventure (HKLM-x32\...\InstallShield_{CE7062BD-BE6F-4153-9654-3D72D0C1CC17}) (Version: 1.00.0000 - Microsoft Game Studios) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-319334698-2115631649-3299897735-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\wiczi\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ContextMenuHandlers1-x32: [Uninstall] -> {84058084-7609-44D1-B3CC-7A9436CB6D92} => C:\Program Files\Perfect Uninstaller\Contextmenu.dll [2011-11-02] () ContextMenuHandlers1-x32: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\vcd\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG) ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-09-19] (Alexander Roshal) ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-09-19] (Alexander Roshal) ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\vcd\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers4-x32: [Uninstall] -> {84058084-7609-44D1-B3CC-7A9436CB6D92} => C:\Program Files\Perfect Uninstaller\Contextmenu.dll [2011-11-02] () ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-06-27] (NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-09-19] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-09-19] (Alexander Roshal) ContextMenuHandlers1_S-1-5-21-319334698-2115631649-3299897735-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\wiczi\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) ContextMenuHandlers4_S-1-5-21-319334698-2115631649-3299897735-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\wiczi\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) ContextMenuHandlers5_S-1-5-21-319334698-2115631649-3299897735-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\wiczi\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0655CCBC-A733-4DBC-AA1F-28EAFF7530C8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-15] (Google Inc.) Task: {07733C2B-B09A-48A7-B06B-2D1C0408E614} - System32\Tasks\Opera scheduled Autoupdate 1506784223 => C:\Users\wiczi\AppData\Local\Programs\Opera\launcher.exe Task: {111E2617-97A6-4DFE-91D7-68B15355CE0C} - System32\Tasks\LaCieS => C:\Disk\WebService.exe [2017-09-18] (TODO: ) Task: {27CFFA0B-9098-4F1A-809D-2A271588EC08} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation) Task: {2B63E576-EFB7-44EC-88DF-F54960B4D5D1} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe [2017-04-18] (Microleaves) <==== UWAGA Task: {38A2A7E0-A278-433F-8AA0-476C1BCF30A0} - System32\Tasks\jJKowXmxzIFxIuj => rundll32 "C:\Program Files (x86)\TQoarIXzU\CfZgRr.dll",#1 Task: {38EF46DD-79BA-46A2-B7A6-02F0F8027642} - System32\Tasks\jJKowXmxzIFxIuj2 => rundll32 "C:\Program Files (x86)\TQoarIXzU\CfZgRr.dll",#1 Task: {47958A0F-B9BA-48F3-9212-1DEC28B83E2F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-21] (NVIDIA Corporation) Task: {49D53227-99BB-4F19-A8AE-D1D7DACD2594} - System32\Tasks\FastDataX Task => C:\Program Files (x86)\FastDataX\fastdatax.exe [2017-09-14] () <==== UWAGA Task: {4DABA4CF-48BC-47E8-9B36-398229333BCA} - System32\Tasks\{7D0F0A47-0E78-7F0B-0F11-7F0F09791179} => C:\Windows\system32\WindowsPowershell\v1.0\powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwAgACAAOwAgADsAJABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMA (dane wartości zawierają 9540 znaków więcej). <==== UWAGA Task: {513A60A0-8518-4E2A-B024-2F4A8C064EBB} - System32\Tasks\ShadowsocksS => C:\Applications\Service.exe Task: {5EE02D9A-E4A4-4C40-BF68-B96C914D13CD} - System32\Tasks\{63AD27C3-C35E-E0B0-63EC-813B01F4AC0F} => C:\Windows\system32\regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\ab4f31a8\9276406a.dll" <==== UWAGA Task: {825E47C7-7F46-4900-B1D0-6BD57526414E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21] (NVIDIA Corporation) Task: {85D7E03C-E193-4D63-B9A1-8C25E517BA90} - System32\Tasks\Beeper => C:\Windows\system32\rundll32.exe "C:\Program Files\Beeper\Beeper.dll",njxVgIafTBR <==== UWAGA Task: {89E3FCB6-49E7-44DB-B00D-7D1DD39BA69E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-21] (NVIDIA Corporation) Task: {AC9C8020-ECA4-4321-921D-CB5D542567B9} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation) Task: {BBC30FDF-EF60-4308-AFFC-B5326BF1CF61} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-21] (NVIDIA Corporation) Task: {BCE3FB1E-41FF-4C74-B8C1-18BA3C2DA8FF} - System32\Tasks\Online Application V2G3 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA Task: {BD224666-23AB-47E6-819B-80B97009F82B} - System32\Tasks\Online Application V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA Task: {C599083C-3E61-4EBE-8DB5-70F7306B0B51} - System32\Tasks\Online Application V2G2 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA Task: {D07F2050-C90D-4DD0-AA1F-53F005E6B4C3} - System32\Tasks\{E9AB34FF-5E00-8354-C440-05D4A8CF09DE} => C:\ProgramData\{071E9CDE-B0B5-2B75-8F6A-A7A75FE71BC0}\1B5BA9BC-ACF0-1E17-E3EB-0667DC944503.exe [2017-10-04] () <==== UWAGA Task: {D52F9E88-0D02-4BF8-8907-9DA8CB06E06A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation) Task: {E8746C37-5B0C-4B7B-9EC4-12551D03784D} - System32\Tasks\LSjUFtTofwjkxN => rundll32 "C:\Program Files (x86)\ICBaloCIDxXU2\NCgfMZIgPRUri.dll",#1 Task: {EA876431-10B4-4FB9-98CD-A38CBE5458AA} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation) Task: {ECFA7D8F-804B-48F9-A27C-4B6F34BAD909} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-15] (Google Inc.) Task: {F3D58D31-73C0-4B62-97A3-160EBC237154} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\jJKowXmxzIFxIuj.job => C:\Program Files (x86)\TQoarIXzU\CfZgRr.dll Task: C:\Windows\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA Task: C:\Windows\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA Task: C:\Windows\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== UWAGA Task: C:\Windows\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== UWAGA ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\wiczi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://pop.yeawindows.com/ ShortcutWithArgument: C:\Users\wiczi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://pop.yeawindows.com/ ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://pop.yeawindows.com/ ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://pop.yeawindows.com/ ==================== Załadowane moduły (filtrowane) ============== 2017-07-15 16:27 - 2017-06-27 23:03 - 000133568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-09-18 09:28 - 2017-08-17 11:08 - 003780096 _____ () C:\ProgramData\Logic Cramble\set.exe 2017-07-15 16:19 - 2017-06-21 09:02 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-09-18 09:29 - 2017-09-18 07:10 - 000313344 _____ () C:\Program Files (x86)\RIVpemjyECl8 Updater\RIVpemjyECl8 Updater.exe 2017-10-05 18:52 - 2017-10-05 16:10 - 000313344 _____ () C:\Program Files (x86)\suUqZBp2wcSI Updater\suUqZBp2wcSI Updater.exe 2017-09-22 10:22 - 2017-09-21 09:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll 2017-09-22 10:22 - 2017-09-21 09:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll 2017-09-18 09:28 - 2017-09-18 09:28 - 000730624 _____ () c:\users\wiczi\appdata\local\adservice\adservice.dll 2017-07-20 23:11 - 2017-06-30 11:37 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2017-07-20 23:11 - 2017-06-30 11:37 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2017-07-20 23:11 - 2017-06-30 11:37 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2017-07-20 23:11 - 2017-06-30 11:37 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2017-07-15 16:19 - 2017-06-21 09:02 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-07-18 15:59 - 2017-08-04 23:19 - 000678176 _____ () D:\steam\SDL2.dll 2017-07-18 15:59 - 2016-09-01 03:02 - 004969248 _____ () D:\steam\v8.dll 2017-07-18 15:59 - 2016-09-01 03:02 - 001563936 _____ () D:\steam\icui18n.dll 2017-07-18 15:59 - 2016-09-01 03:02 - 001195296 _____ () D:\steam\icuuc.dll 2017-07-18 15:59 - 2017-10-05 01:49 - 002507552 _____ () D:\steam\video.dll 2017-07-18 15:59 - 2016-01-27 09:49 - 002549760 _____ () D:\steam\libavcodec-56.dll 2017-07-18 15:59 - 2016-01-27 09:49 - 000442880 _____ () D:\steam\libavutil-54.dll 2017-07-18 15:59 - 2016-01-27 09:49 - 000491008 _____ () D:\steam\libavformat-56.dll 2017-07-18 15:59 - 2016-01-27 09:49 - 000332800 _____ () D:\steam\libavresample-2.dll 2017-07-18 15:59 - 2016-01-27 09:49 - 000485888 _____ () D:\steam\libswscale-3.dll 2017-07-18 15:59 - 2017-10-05 01:49 - 000885024 _____ () D:\steam\bin\chromehtml.DLL 2017-07-18 15:59 - 2016-07-05 00:17 - 000266560 _____ () D:\steam\openvr_api.dll 2017-07-18 16:02 - 2017-07-18 00:50 - 073115424 _____ () D:\steam\bin\cef\cef.win7\libcef.dll 2017-07-18 16:02 - 2017-05-17 03:54 - 000678176 _____ () D:\steam\bin\cef\cef.win7\SDL2.dll 2017-07-18 15:59 - 2015-09-25 01:52 - 000119208 _____ () D:\steam\winh264.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) HKU\S-1-5-21-319334698-2115631649-3299897735-1000\Software\Classes\regfile: regedit.exe "%1" <==== UWAGA ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2017-10-07 10:12 - 000001362 _____ C:\Windows\system32\Drivers\etc\hosts 5.149.252.98 www.gstatic.com 5.149.252.98 www.google-analytics.com 127.0.0.1 cpm.paneladmin.pro 127.0.0.1 publisher.hmdiadmingate.xyz 127.0.0.1 distribution.hmdiadmingate.xyz 127.0.0.1 hmdicrewtracksystem.xyz 127.0.0.1 linkmate.space 127.0.0.1 space1.adminpressure.space 127.0.0.1 trackpressure.website 127.0.0.1 doctorlink.space 127.0.0.1 plugpackdownload.net 127.0.0.1 texttotalk.org 127.0.0.1 gambling577.xyz 127.0.0.1 htagdownload.space 127.0.0.1 mybcnmonetize.com 127.0.0.1 360devtraking.website 127.0.0.1 dscdn.pw 127.0.0.1 beautifllink.xyz ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-319334698-2115631649-3299897735-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\wiczi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 82.163.142.8 - 95.211.158.136 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{5CD44BD9-A47D-4CE7-95E9-BD73025F9CA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{14A56B3E-7522-494B-BD9E-95CEE2EF1490}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{A21E65F8-54CA-4FF9-82C4-64F4A13E14A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{D4584BDE-1F42-4F70-A353-06CFF6FBD89B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E89546B1-48C2-4791-96DE-3A4F2C805979}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{F6D3A1AE-175C-4830-9155-F6BF451FBD4A}D:\marinermt2.pl-10.04.2017\marinermt2.exe] => (Allow) D:\marinermt2.pl-10.04.2017\marinermt2.exe FirewallRules: [UDP Query User{5F6B8DCE-6A36-4525-B78E-190FAFEE2BC8}D:\marinermt2.pl-10.04.2017\marinermt2.exe] => (Allow) D:\marinermt2.pl-10.04.2017\marinermt2.exe FirewallRules: [{B0B72C3C-C410-4E1B-8CC2-58720CEAA1D1}] => (Allow) C:\Users\wiczi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9209554C-706E-4DA5-8B6D-4CE9A10E9326}] => (Allow) C:\Users\wiczi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6FB1DAA9-1DF3-4BB1-959C-E3ED697DD787}] => (Allow) C:\Users\wiczi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{96D1E970-992A-49D6-8482-7C99541AB5B8}] => (Allow) C:\Users\wiczi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7CC8194C-EF5D-415D-AF60-2514EFC8E6DB}] => (Allow) C:\Users\wiczi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4B4C91CE-8C82-4F1C-9F03-80ADB86DB799}] => (Allow) C:\Users\wiczi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{332E8FAF-A54F-46C1-BB7A-8B25D9E6F3F0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{4AF952C2-F18E-49C8-8237-953E2BB1DDDD}] => (Allow) D:\steam\Steam.exe FirewallRules: [{0723C7D5-09AF-42C9-9549-60541814A208}] => (Allow) D:\steam\Steam.exe FirewallRules: [{CBF2EFCF-5CFD-4669-AEFA-A6D5C99F49AE}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{ABDBF0AB-57D9-4767-B792-5698FCF93272}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{C56C26DC-A8CA-4B79-B498-976C85CC0298}] => (Allow) D:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{6FEEA69F-1105-413F-8568-793D9B9906FD}] => (Allow) D:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{A94716C6-2DF3-400C-B505-10B6E2CA6D2C}C:\users\wiczi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\wiczi\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{A7A309FA-0A3A-4423-AEF9-11D07748B9CD}C:\users\wiczi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\wiczi\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{CA49964C-931F-41A3-9B26-0AF91D545C81}C:\users\wiczi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\wiczi\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{E18A00FA-5739-41B7-B314-80154BD8B6B5}C:\users\wiczi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\wiczi\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{E405518D-1C35-43C3-A6CD-D84FFE76C3F4}C:\program files\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_144\bin\javaw.exe FirewallRules: [UDP Query User{1BB4D360-3170-4946-AAA7-25F588BF5050}C:\program files\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_144\bin\javaw.exe FirewallRules: [TCP Query User{6F64808D-4A2A-47A9-891C-991FDB26EA33}C:\users\wiczi\appdata\local\temp\rar$exa0.002\oxygen.not.included.v221697\oxygennotincluded.exe] => (Allow) C:\users\wiczi\appdata\local\temp\rar$exa0.002\oxygen.not.included.v221697\oxygennotincluded.exe FirewallRules: [UDP Query User{F8F4CED1-BEB9-4761-AB82-AAD6228878B1}C:\users\wiczi\appdata\local\temp\rar$exa0.002\oxygen.not.included.v221697\oxygennotincluded.exe] => (Allow) C:\users\wiczi\appdata\local\temp\rar$exa0.002\oxygen.not.included.v221697\oxygennotincluded.exe FirewallRules: [TCP Query User{15714D31-B339-4840-A4C4-C49BF7894241}C:\users\wiczi\desktop\oxygen.not.included.v221697\oxygennotincluded.exe] => (Block) C:\users\wiczi\desktop\oxygen.not.included.v221697\oxygennotincluded.exe FirewallRules: [UDP Query User{48A31E9D-9E13-47EE-9BA6-DE38BABA2F31}C:\users\wiczi\desktop\oxygen.not.included.v221697\oxygennotincluded.exe] => (Block) C:\users\wiczi\desktop\oxygen.not.included.v221697\oxygennotincluded.exe FirewallRules: [TCP Query User{382CFBAC-F777-473A-8297-FA7B206DC5B5}C:\users\wiczi\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\wiczi\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{7E003CD8-EEC9-47D3-8CB6-998681B81E90}C:\users\wiczi\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\wiczi\appdata\local\mycomgames\mycomgames.exe FirewallRules: [TCP Query User{B440F7A7-7ED7-49A8-BE91-56E29E17C1F1}C:\users\wiczi\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\wiczi\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{FC388F0A-DC2E-4CCB-AEBF-0BC874E48C87}C:\users\wiczi\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\wiczi\appdata\local\mycomgames\mycomgames.exe FirewallRules: [TCP Query User{CA3B400D-3F8D-418B-B0C8-A4CA0343F425}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{E61671FF-EB95-4EEE-9A43-C555D880435B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{E430BBE1-8DBA-4145-B0B5-0D0EF3BA6A7D}C:\program files (x86)\stream what you hear\swyh.exe] => (Allow) C:\program files (x86)\stream what you hear\swyh.exe FirewallRules: [UDP Query User{269474AA-0B0D-4929-BB49-1C1E175D2183}C:\program files (x86)\stream what you hear\swyh.exe] => (Allow) C:\program files (x86)\stream what you hear\swyh.exe FirewallRules: [TCP Query User{C64BDE64-CAE7-4AB7-AB7B-A4CD7335C9DC}C:\program files (x86)\soundwire server\soundwireserver.exe] => (Allow) C:\program files (x86)\soundwire server\soundwireserver.exe FirewallRules: [UDP Query User{0946E767-F5D2-43D5-A98B-5D2A5E07190E}C:\program files (x86)\soundwire server\soundwireserver.exe] => (Allow) C:\program files (x86)\soundwire server\soundwireserver.exe FirewallRules: [TCP Query User{626F9E31-D3B0-498B-9A17-ED294081C6EB}C:\program files (x86)\airfoilsatellite\airfoilsatellite.exe] => (Allow) C:\program files (x86)\airfoilsatellite\airfoilsatellite.exe FirewallRules: [UDP Query User{1A89D8F8-99E7-475D-848F-EE570912E6E9}C:\program files (x86)\airfoilsatellite\airfoilsatellite.exe] => (Allow) C:\program files (x86)\airfoilsatellite\airfoilsatellite.exe FirewallRules: [TCP Query User{3C075B65-9B3C-4C48-91EE-04AEE162835D}C:\program files (x86)\opensubtitlesplayer\alltorrent\allnode.exe] => (Allow) C:\program files (x86)\opensubtitlesplayer\alltorrent\allnode.exe FirewallRules: [UDP Query User{E47258B5-6284-4AE2-BE5F-087915EF4AD9}C:\program files (x86)\opensubtitlesplayer\alltorrent\allnode.exe] => (Allow) C:\program files (x86)\opensubtitlesplayer\alltorrent\allnode.exe FirewallRules: [{176149B8-5038-4626-A466-05355E0B9AEA}] => (Allow) D:\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{7EBADA7B-30A7-427A-9407-8E1593237882}] => (Allow) D:\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{FB1F7AFA-00CA-4DA3-8ABC-D541289AA373}] => (Allow) D:\steam\steamapps\common\Europa Universalis IV\eu4.exe FirewallRules: [{C32D3692-5C7F-4F43-AE38-C6D48A5CAA8A}] => (Allow) D:\steam\steamapps\common\Europa Universalis IV\eu4.exe FirewallRules: [{C19DDA4C-0768-415F-8813-F391659AFF91}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{C98B6F08-7731-488F-8FA1-E4E606510701}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe FirewallRules: [{9050FB8E-AEF8-4848-B8B8-D6A1F8C8687A}] => (Allow) C:\Users\wiczi\AppData\Local\Programs\Opera\48.0.2685.32\opera.exe FirewallRules: [{C1EADAE2-0049-467D-9015-C574BD957BAF}] => (Allow) D:\SimCity\SimCity\SimCity.exe FirewallRules: [{C37B4D6A-A58E-4DBC-B24F-0EE8E7D96EC6}] => (Allow) D:\SimCity\SimCity\SimCity.exe FirewallRules: [{BE072D34-E0AF-4A8F-8872-559BAB693B83}] => (Allow) C:\Users\wiczi\AppData\Local\Programs\Opera\48.0.2685.35\opera.exe FirewallRules: [{A2846A6D-CC0C-48ED-ADD1-A00CB6295714}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe FirewallRules: [{6EE77E64-0729-4F40-8E40-B4D2FD4E2160}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe FirewallRules: [{D69B2B84-CC27-4A4F-B1FA-258D3E5DCEAB}] => (Allow) C:\Windows\system32\rundll32.exe FirewallRules: [{940087D9-E10C-4923-91D6-741CFF5A5008}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{0D59AE2F-C4A4-4D16-ACA4-6C6BB8EC6CD0}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{7F685A19-BD30-4EE5-86CC-6FA0E57CFA78}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{09EE63E9-A383-40CA-881F-6AEF2BAD3671}] => (Allow) C:\Windows\System32\rundll32.exe ==================== Punkty Przywracania systemu ========================= ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Kontroler sieci Description: Kontroler sieci Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler magistrali zarządzania systemem Description: Kontroler magistrali zarządzania systemem Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (10/07/2017 10:42:34 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/07/2017 10:41:44 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: mbamtray.exe, wersja: 3.0.0.1208, sygnatura czasowa: 0x59d52b74 Nazwa modułu powodującego błąd: Qt5Core.dll, wersja: 5.6.2.0, sygnatura czasowa: 0x59a63e00 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0018de83 Identyfikator procesu powodującego błąd: 0xf34 Godzina uruchomienia aplikacji powodującej błąd: 0x01d33f4805e71069 Ścieżka aplikacji powodującej błąd: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe Ścieżka modułu powodującego błąd: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll Identyfikator raportu: 58572ec9-ab3b-11e7-b198-408d5c7e0e6e Error: (10/07/2017 10:39:04 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/07/2017 10:11:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: opera_autoupdate.exe, wersja: 48.0.2685.35, sygnatura czasowa: 0x59d1279f Nazwa modułu powodującego błąd: opera_autoupdate.exe, wersja: 48.0.2685.35, sygnatura czasowa: 0x59d1279f Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x00000000000faa2f Identyfikator procesu powodującego błąd: 0x1af4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d33f43bfda3a41 Ścieżka aplikacji powodującej błąd: C:\Users\wiczi\AppData\Local\Programs\Opera\48.0.2685.35\opera_autoupdate.exe Ścieżka modułu powodującego błąd: C:\Users\wiczi\AppData\Local\Programs\Opera\48.0.2685.35\opera_autoupdate.exe Identyfikator raportu: 0fcf6d63-ab37-11e7-a753-408d5c7e0e6e Error: (10/07/2017 10:10:27 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/06/2017 08:30:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/06/2017 05:24:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/05/2017 02:31:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: opera_autoupdate.exe, wersja: 48.0.2685.35, sygnatura czasowa: 0x59d1279f Nazwa modułu powodującego błąd: opera_autoupdate.exe, wersja: 48.0.2685.35, sygnatura czasowa: 0x59d1279f Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x00000000000faa2f Identyfikator procesu powodującego błąd: 0x1bd4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d33dd5dd556c90 Ścieżka aplikacji powodującej błąd: C:\Users\wiczi\AppData\Local\Programs\Opera\48.0.2685.35\opera_autoupdate.exe Ścieżka modułu powodującego błąd: C:\Users\wiczi\AppData\Local\Programs\Opera\48.0.2685.35\opera_autoupdate.exe Identyfikator raportu: 29de86f2-a9c9-11e7-8757-408d5c7e0e6e Error: (10/05/2017 02:28:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/04/2017 02:46:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (10/07/2017 12:00:39 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (10/07/2017 10:49:32 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (10/07/2017 10:13:34 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {F9717507-6651-4EDB-BFF7-AE615179BCCF} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (10/06/2017 10:50:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Internet Explorer 11 dla systemu Windows 7 - wersja dla systemów opartych na procesorach x64. Error: (10/06/2017 08:31:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Steam Client Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (10/06/2017 08:31:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Steam Client Service. Error: (10/06/2017 07:35:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Internet Explorer 11 dla systemu Windows 7 - wersja dla systemów opartych na procesorach x64. Error: (10/05/2017 10:50:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Internet Explorer 11 dla systemu Windows 7 - wersja dla systemów opartych na procesorach x64. Error: (10/05/2017 05:41:37 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (10/04/2017 10:43:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Internet Explorer 11 dla systemu Windows 7 - wersja dla systemów opartych na procesorach x64. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz Procent pamięci w użyciu: 41% Całkowita pamięć fizyczna: 8156.47 MB Dostępna pamięć fizyczna: 4788.77 MB Całkowita pamięć wirtualna: 16311.12 MB Dostępna pamięć wirtualna: 12516.28 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:100.11 GB) (Free:4.97 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: () (Fixed) (Total:831.3 GB) (Free:630.34 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D744F77E) Partition 1: (Active) - (Size=100.1 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=831.3 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================