Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 12-11-2017 Uruchomiony przez wiczi (12-11-2017 14:43:23) Uruchomiony z C:\Users\wiczi\Desktop\Nowy folder (6) Windows 7 Home Premium Service Pack 1 (X64) (2017-07-15 13:39:44) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-319334698-2115631649-3299897735-500 - Administrator - Disabled) Gość (S-1-5-21-319334698-2115631649-3299897735-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-319334698-2115631649-3299897735-1002 - Limited - Enabled) wiczi (S-1-5-21-319334698-2115631649-3299897735-1000 - Administrator - Enabled) => C:\Users\wiczi ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-319334698-2115631649-3299897735-1000\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.) µTorrent (HKU\S-1-5-21-319334698-2115631649-3299897735-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11122017143837779\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.) Aktualizacje NVIDIA 25.6.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.6.0.0 - NVIDIA Corporation) Hidden Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.76 - NVIDIA Corporation) Hidden ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach) aTube Catcher wersja 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Bandicam (HKLM-x32\...\Bandicam) (Version: 4.0.1.1339 - Bandicam.com) Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com) BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.46.1633 - BlueStack Systems, Inc.) Castle Story (HKLM-x32\...\Castle Story_is1) (Version: - ) Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine) Cossacks 3 (HKLM-x32\...\Cossacks 3_is1) (Version: - ) Dishonored 2 (HKLM\...\Dishonored 2_is1) (Version: 1.0 - ) DreamCompress (HKLM-x32\...\DreamCompress) (Version: - ) Epic Games Launcher (HKLM-x32\...\{47BF3B09-07F0-4411-BB00-3EB481DB3220}) (Version: 1.1.125.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - ) Fallout 4 Polish Language Pack (HKLM-x32\...\Fallout 4 Polish Language Pack_is1) (Version: - ) FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) Flvto YouTube Downloader (HKLM-x32\...\Flvto YouTube Downloader) (Version: 1.0.9 - Hotger) Free Screen Video Recorder (HKLM-x32\...\Free Screen Video Recorder_is1) (Version: 3.0.45.1027 - Digital Wave Ltd) Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.54.713 - Digital Wave Ltd) GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - ) GG (HKU\S-1-5-21-319334698-2115631649-3299897735-1000\...\GG) (Version: 12 - GG Network S.A.) GG (HKU\S-1-5-21-319334698-2115631649-3299897735-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11122017143837779\...\GG) (Version: 12 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.89 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation) Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) Kingdoms and Castles (HKLM-x32\...\2067763543_is1) (Version: 104 - GOG.com) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\{EA8630BD-0DCC-4154-B972-AAA6C8989E1A}) (Version: 4.2.1 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) LUXONIX Purity (HKLM-x32\...\LUXONIX_Purity) (Version: 1.2.5 - LUXONIX) Malwarebytes (wersja 3.2.2.2029) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes) ManyCam 4.0.109 (HKLM-x32\...\ManyCam) (Version: 4.0.109 - Visicom Media Inc.) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Build Tools 2015 (HKLM-x32\...\{d21da0dd-4ba4-4838-ba58-64cf7a77131a}) (Version: 14.0.23107.10 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team) MU LEGEND GLOBAL (HKLM-x32\...\{MU2GB92C-VH2O-Z2AQ-N26J-M2VJEWJEUE52}_is1) (Version: 1.0.0.0 - Webzen) NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.76 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation) NVIDIA Sterownik graficzny 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.76 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden OpenSubtitlesPlayer V7.X (HKLM-x32\...\OpenSubtitlesPlayer_is1) (Version: - Opensubtitles.org) Opera Stable 49.0.2725.34 (HKU\S-1-5-21-319334698-2115631649-3299897735-1000\...\Opera 49.0.2725.34) (Version: 49.0.2725.34 - Opera Software) Opera Stable 49.0.2725.34 (HKU\S-1-5-21-319334698-2115631649-3299897735-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11122017143837779\...\Opera 49.0.2725.34) (Version: 49.0.2725.34 - Opera Software) Panel sterowania NVIDIA 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 384.76 - NVIDIA Corporation) Hidden Perfect Uninstaller v6.3.4.0 (HKLM\...\Perfect Uninstaller_is1) (Version: - www.PerfectUninstaller.com) Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden SimCity (HKLM-x32\...\SimCity_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.) SoundWire Server version 1.9 (HKLM-x32\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 1.9 - GeorgieLabs) SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts) Spotify (HKU\S-1-5-21-319334698-2115631649-3299897735-1000\...\Spotify) (Version: 1.0.66.478.g1296534d - Spotify AB) Spotify (HKU\S-1-5-21-319334698-2115631649-3299897735-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11122017143837779\...\Spotify) (Version: 1.0.66.478.g1296534d - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries Engine 3.11.4 (HKLM\...\SteelSeries Engine 3) (Version: 3.11.4 - SteelSeries ApS) Stream What You Hear (SWYH) wersja 1.4 (HKLM-x32\...\{5FBEA9D3-668E-4B88-BF6C-E1BCF441ECFD}_is1) (Version: 1.4 - Sebastien.warin.fr) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH) The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - ) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.) Tony Hawks Pro Skater 4 (HKLM-x32\...\{E0F07676-2C60-4465-A727-20DE3BFCABAC}) (Version: 1.00.0000 - Aspyr Media) Total War ROME II Emperor Edition MULTi9 - ElAmigos wersja 2.2.0.16155 (HKLM-x32\...\{E62FED7C-448C-427A-8B75-B7F5D10B8548}_is1) (Version: 2.2.0.16155 - SEGA) Twitch (HKU\S-1-5-21-319334698-2115631649-3299897735-1000\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.) Twitch (HKU\S-1-5-21-319334698-2115631649-3299897735-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11122017143837779\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.) VIA Platforma Menedżera urządzeń (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) Warface My.Com (HKU\S-1-5-21-319334698-2115631649-3299897735-1000\...\Warface My.Com) (Version: 1.45 - My.com B.V.) Warface My.Com (HKU\S-1-5-21-319334698-2115631649-3299897735-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11122017143837779\...\Warface My.Com) (Version: 1.45 - My.com B.V.) Windows Driver Package - Microsoft (xusb21) XnaComposite (08/13/2009 2.1.0.1349) (HKLM\...\0AEBEF6F936CFE16E003F7E141631FAB754D9816) (Version: 08/13/2009 2.1.0.1349 - Microsoft) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR 5.40 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Wireshark 1.10.2 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.2 - The Wireshark developer community, hxxp://www.wireshark.org) Zoo Tycoon 2 - African Adventure (HKLM-x32\...\{CE7062BD-BE6F-4153-9654-3D72D0C1CC17}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden Zoo Tycoon 2 - African Adventure (HKLM-x32\...\InstallShield_{CE7062BD-BE6F-4153-9654-3D72D0C1CC17}) (Version: 1.00.0000 - Microsoft Game Studios) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-319334698-2115631649-3299897735-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11122017143837779_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\wiczi\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) CustomCLSID: HKU\S-1-5-21-319334698-2115631649-3299897735-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\wiczi\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ContextMenuHandlers1-x32: [Uninstall] -> {84058084-7609-44D1-B3CC-7A9436CB6D92} => C:\Program Files\Perfect Uninstaller\Contextmenu.dll [2011-11-02] () ContextMenuHandlers1-x32: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\vcd\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG) ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-09-19] (Alexander Roshal) ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-09-19] (Alexander Roshal) ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => D:\vcd\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers4-x32: [Uninstall] -> {84058084-7609-44D1-B3CC-7A9436CB6D92} => C:\Program Files\Perfect Uninstaller\Contextmenu.dll [2011-11-02] () ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-06-27] (NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-09-19] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-09-19] (Alexander Roshal) ContextMenuHandlers1_S-1-5-21-319334698-2115631649-3299897735-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\wiczi\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) ContextMenuHandlers4_S-1-5-21-319334698-2115631649-3299897735-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\wiczi\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) ContextMenuHandlers5_S-1-5-21-319334698-2115631649-3299897735-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\wiczi\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {793121E4-6A29-4C10-A5E4-25AFCDA46306} - System32\Tasks\Opera scheduled Autoupdate 1510426413 => C:\Users\wiczi\AppData\Local\Programs\Opera\launcher.exe [2017-11-07] (Opera Software) Task: {C7C69DF1-A701-430D-8F2F-8DDC273BC2FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-12] (Google Inc.) Task: {E803C823-741C-4FAB-BD51-706DC22FD5DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-12] (Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2017-07-15 15:19 - 2017-06-21 08:02 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-11-12 14:36 - 2017-11-05 10:12 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.89\libglesv2.dll 2017-11-12 14:36 - 2017-11-05 10:12 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.89\libegl.dll 2017-10-07 09:20 - 2017-10-04 12:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2017-07-20 22:11 - 2017-06-30 10:37 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2017-07-20 22:11 - 2017-03-20 16:06 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2017-07-20 22:11 - 2017-03-20 16:06 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2017-07-20 22:11 - 2017-03-20 16:06 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2017-07-15 15:19 - 2017-06-21 08:02 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-10-03 13:21 - 2017-10-03 13:21 - 000393608 _____ () C:\Users\wiczi\AppData\Roaming\Twitch\Bin\opus.dll 2017-10-03 13:21 - 2017-11-10 20:45 - 000535872 _____ () C:\Users\wiczi\AppData\Roaming\Twitch\Bin\Curse.Presto.Interface.dll 2017-10-03 13:21 - 2017-10-03 13:21 - 001950528 _____ () C:\Users\wiczi\AppData\Roaming\Twitch\Bin\Electron\ffmpeg.dll 2017-10-03 13:21 - 2017-10-03 13:21 - 002270528 _____ () C:\Users\wiczi\AppData\Roaming\Twitch\Bin\Electron\libglesv2.dll 2017-10-03 13:21 - 2017-10-03 13:21 - 000088384 _____ () C:\Users\wiczi\AppData\Roaming\Twitch\Bin\Electron\libegl.dll 2017-07-19 21:42 - 2017-10-28 14:46 - 068211824 _____ () C:\Users\wiczi\AppData\Roaming\Spotify\libcef.dll 2017-07-19 21:42 - 2017-10-28 14:46 - 003110512 _____ () C:\Users\wiczi\AppData\Roaming\Spotify\libglesv2.dll 2017-07-19 21:42 - 2017-10-28 14:46 - 000087152 _____ () C:\Users\wiczi\AppData\Roaming\Spotify\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2017-10-07 14:18 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-319334698-2115631649-3299897735-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\wiczi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-319334698-2115631649-3299897735-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11122017143837779\Control Panel\Desktop\\Wallpaper -> C:\Users\wiczi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{EC1141C5-084D-441D-B8C8-CEF7C577C09F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{63B36A57-1884-46E0-945B-8073A0AC2CAE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{678E084D-4BFC-4993-8EC7-FCBFE3A00A0B}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{41D70A33-D269-4554-B91C-11E0FF94FCDE}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [TCP Query User{AD20DB85-CECC-4EBC-81F2-D717F7BDB871}C:\users\wiczi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\wiczi\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{B1B58C61-F33C-4399-9EB6-3EC00BBF1271}C:\users\wiczi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\wiczi\appdata\roaming\spotify\spotify.exe FirewallRules: [{E6EB091D-3188-42AF-8346-438D859A6647}] => (Allow) D:\steam\Steam.exe FirewallRules: [{B07AEBB2-1241-4B64-B8B9-AC8BE15AED12}] => (Allow) D:\steam\Steam.exe FirewallRules: [{F0FFCB08-7A9F-481F-8589-62C0439AA477}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B500C1FD-4082-4723-8FF0-D59B683B0F37}] => (Allow) D:\steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{73F7F9A1-A190-4519-9FDB-D250DDF7819F}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe FirewallRules: [UDP Query User{45812C34-DFEA-41AD-80BF-B5D9B20047F7}D:\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\steam\steamapps\common\counter-strike global offensive\csgo.exe FirewallRules: [TCP Query User{EE93DC9C-D0D4-438D-8F85-79801073BD9B}C:\program files\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_144\bin\javaw.exe FirewallRules: [UDP Query User{5F9DCDFC-9E08-4D46-B3D8-C00F3EFFE0DB}C:\program files\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_144\bin\javaw.exe FirewallRules: [TCP Query User{E5C13DEA-C8A2-4E6F-A637-65EA9BBE5D50}D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{CA5E5889-D6C7-4A9E-9E68-FFDC66C833AE}D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{06C6BC7B-8020-41F1-8014-A5BFF487AC18}D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{31F10645-DE23-44AC-89CA-EACC65270DB3}D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\fortnite\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{42740E71-0897-448E-AB7C-4686B57522AA}C:\users\wiczi\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\wiczi\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{81351740-556C-4150-8B63-7337272704C4}C:\users\wiczi\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\wiczi\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{8E800ACA-CFA9-43D9-92D9-7427AD2C5311}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{8081A870-DB5F-43BB-9234-0D4EE26FFB40}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{B67B89EB-7DC8-4C39-8665-30DD4376FEF0}] => (Allow) D:\steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [{B02C683B-B5D1-4342-9751-8ED1D5DB293D}] => (Allow) D:\steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [TCP Query User{4E9CCBA0-EB62-4A79-8117-6B35718F5463}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [UDP Query User{D4AC890D-65F1-4CF7-A3FF-AE148EFAC681}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [TCP Query User{059992ED-38A9-40F2-93B0-FE7A6CCBCAFD}C:\users\wiczi\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\wiczi\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{A70A2B11-E2AF-43A8-9977-F06C35C0904B}C:\users\wiczi\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\wiczi\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{85914988-F142-4378-8FA8-76B87939D9F4}D:\virtualmt2\virtualcafe_launcher.exe] => (Allow) D:\virtualmt2\virtualcafe_launcher.exe FirewallRules: [UDP Query User{9A6B05A2-D733-41B5-AC29-E09D582827DD}D:\virtualmt2\virtualcafe_launcher.exe] => (Allow) D:\virtualmt2\virtualcafe_launcher.exe FirewallRules: [{0A743DB5-953C-4A25-B777-30FBA444965F}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe FirewallRules: [TCP Query User{80236F53-9ED3-4D09-9AA3-A1203637490B}D:\games\fallout 4\creationkit.exe] => (Allow) D:\games\fallout 4\creationkit.exe FirewallRules: [UDP Query User{367ACD7E-B0C7-403B-ADFE-74CBD8B094A6}D:\games\fallout 4\creationkit.exe] => (Allow) D:\games\fallout 4\creationkit.exe FirewallRules: [{02D130F0-3C9A-4168-819C-E8FA44385735}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= 10-11-2017 21:45:03 Windows Update 11-11-2017 15:25:18 Zainstalowany program DirectX 11-11-2017 23:37:30 Restore Point Created by FRST 12-11-2017 01:07:39 Windows Update 12-11-2017 14:25:47 Restore Point Created by FRST ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Kontroler magistrali zarządzania systemem Description: Kontroler magistrali zarządzania systemem Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler sieci Description: Kontroler sieci Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (11/12/2017 02:28:44 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/12/2017 02:25:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/12/2017 02:25:47 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {aea67a1a-1ad8-401c-bdfd-52531014a613} Error: (11/12/2017 10:51:06 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Users\wiczi\Downloads\Cossacks 3.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/12/2017 10:48:52 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Users\wiczi\Downloads\Cossacks 3.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/12/2017 10:37:14 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/11/2017 11:54:15 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Users\wiczi\Downloads\Cossacks 3.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/11/2017 11:40:50 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (11/12/2017 02:36:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Usługa Google Update (gupdate) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (11/12/2017 02:26:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Centrum zabezpieczeń zakończyła działanie; wystąpił następujący błąd: Usługa uwierzytelniania jest nieznana. Error: (11/12/2017 02:26:15 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Usługa udostępniania w sieci programu Windows Media Player, ale ta akcja nie powiodła się przy następującym błędzie: Jedno wystąpienie usługi już działa. . Error: (11/12/2017 02:26:15 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: Jedno wystąpienie usługi już działa. . Error: (11/12/2017 02:25:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (11/12/2017 02:25:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (11/12/2017 02:25:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Skype Updater niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (11/12/2017 02:25:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa NVIDIA Telemetry Container niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 1000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (11/12/2017 02:25:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa NVIDIA LocalSystem Container niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 6000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (11/12/2017 02:25:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Digital Wave Update Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz Procent pamięci w użyciu: 40% Całkowita pamięć fizyczna: 8156.47 MB Dostępna pamięć fizyczna: 4854.79 MB Całkowita pamięć wirtualna: 16311.12 MB Dostępna pamięć wirtualna: 12190.98 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:100.11 GB) (Free:33.08 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: () (Fixed) (Total:831.3 GB) (Free:513.51 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D744F77E) Partition 1: (Active) - (Size=100.1 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=831.3 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================