Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 19-11-2017 Uruchomiony przez Remek (20-11-2017 08:22:34) Uruchomiony z C:\Users\Remek\Desktop\fixit Windows 10 Home Wersja 1703 15063.674 (X64) (2017-08-12 00:47:52) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3590818742-3342905787-1238264347-500 - Administrator - Disabled) Gość (S-1-5-21-3590818742-3342905787-1238264347-501 - Limited - Disabled) Konto domyślne (S-1-5-21-3590818742-3342905787-1238264347-503 - Limited - Disabled) Remek (S-1-5-21-3590818742-3342905787-1238264347-1001 - Administrator - Enabled) => C:\Users\Remek Serwis (S-1-5-21-3590818742-3342905787-1238264347-1002 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: adaware antivirus (Disabled - Up to date) {2C8A0DAA-E78D-4944-DB01-263173C8FFD9} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Emsisoft Anti-Malware (Enabled - Up to date) {701CB209-EBBC-AADC-11E6-DE73E7AF4C9D} AS: adaware antivirus (Disabled - Up to date) {97EBEC4E-C1B7-46CA-E1B1-1D43084FB564} AS: Emsisoft Anti-Malware (Enabled - Up to date) {CB7D53ED-CD86-A552-2B56-E5019C280620} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) "Need for Speed Rivals" (HKLM-x32\...\{E0E5B250-5C80-45ED-9AAB-829655B3E39D}_is1) (Version: 1.4.0.0 - ) µTorrent (HKU\S-1-5-21-3590818742-3342905787-1238264347-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.) 12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-e731a8e6-2649-4566-9b91-5ef7379be8d7) (Version: 3.0.2.118 - WildTangent) Hidden abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.07.2004 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated) Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3024 - Acer Incorporated) Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated) Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3007 - Acer Incorporated) Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.02.3001 - Acer Incorporated) adaware antivirus (HKLM\...\{251CFCC6-24D2-4F29-8E34-1F244D8BAC90}_AdAwareUpdater) (Version: 12.2.889.11556 - adaware) AdAwareInstaller (HKLM\...\{948F9411-B6FB-4903-9824-D49ADD19A530}) (Version: 12.2.889.11556 - adaware) Hidden AdAwareProxyEngine (HKLM\...\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C}) (Version: 1.0.0.8 - adaware) Hidden AdAwareUpdater (HKLM\...\{251CFCC6-24D2-4F29-8E34-1F244D8BAC90}) (Version: 12.2.889.11556 - adaware) Hidden Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden AntimalwareEngine (HKLM\...\{06D33B93-9458-4E28-BDEA-F5ECB2C3C30E}) (Version: 3.0.144.0 - adaware) Hidden AntispamEngine (HKLM\...\{7DE129E5-BB4A-4517-A6CD-C69EEB346781}) (Version: 2.5.337.0 - adaware) Hidden AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated) App Explorer (HKU\S-1-5-21-3590818742-3342905787-1238264347-1001\...\Host App Service) (Version: 0.273.2.301 - SweetLabs) Autodesk DWG TrueView 2018 - English (HKLM\...\DWG TrueView 2018 - English) (Version: 22.0.50.0 - Autodesk) AvcEngine (HKLM\...\{D2F2C330-FC34-4190-BA46-4BF58450F37F}) (Version: 3.13.17482.0 - adaware) Hidden Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.) Booking.com Weblink (HKLM-x32\...\{617FC0E5-23D3-437D-9D19-6754E8287A79}) (Version: 1.16.0726 - Acer) Brother MFL-Pro Suite MFC-J6520DW (HKLM-x32\...\{6A367B4D-2E1C-4843-9FF0-A1DF1DEAB1E6}) (Version: 1.0.0.0 - Brother Industries, Ltd.) CGS17_Setup_x64 (HKLM\...\{83646B67-A878-4E95-BB4B-AF4A6E61F28C}) (Version: 17.1 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM\...\{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.572 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{3B4AE1A9-C026-4D08-8004-DA9A85A411A4}) (Version: 17.1.572 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (HKLM\...\{2C91CB9D-323D-43E5-A433-229B71CFB773}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (HKLM\...\{9178F0A8-B6F6-4DA7-AD63-317CC4875F4B}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (HKLM\...\{BD036E95-A9CD-4DED-B744-95AB1DCAFF0C}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (HKLM\...\{5162E418-BB43-4C8F-ACD6-069645EF98C3}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (HKLM\...\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (HKLM\...\{D10A5CFA-FE33-4F06-AE37-554604F00A52}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (HKLM\...\{5406029B-67AD-4F8E-9F2D-F1959CD9CD86}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (HKLM\...\{EF44BCCD-13F9-4974-862C-CCFAF43EE082}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (HKLM\...\{13179AB2-69FD-459B-800F-81865A501AD4}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (HKLM\...\{C922F325-DD52-4E22-B204-431A06E63E51}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (HKLM\...\{1A73168F-5983-46A6-AAAB-FD83BC231E02}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PL (x64) (HKLM\...\{2EF3A93A-569E-4FD7-A5DF-64AF588B4FBA}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (HKLM\...\{C57EDB5A-AC8E-4E03-9F1A-DC013A2BB9B2}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (HKLM\...\{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (HKLM\...\{5672E0DC-7489-4EAC-8CFD-E01B3868FCB5}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (HKLM\...\{966996DC-D67C-40E3-8BD4-31FA0F093571}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (HKLM\...\{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.) Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.) DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3015 - Acer Incorporated) DWG TrueView 2018 - English (HKLM\...\{28B89EEF-1028-0409-0100-CF3F3A09B77D}) (Version: 22.0.50.0 - Autodesk) Hidden eBay Weblink (HKLM-x32\...\{7F3596EF-B661-43EE-A321-AD3C3EB9B525}) (Version: 1.16.0726 - Acer) ELAN HIDI2C Filter Driver X64 13.6.5.2_WHQL (HKLM\...\Elantech) (Version: 13.6.5.2 - ELAN Microelectronic Corp.) Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 2017.10 - Emsisoft Ltd.) FirewallEngine (HKLM\...\{232046DA-BB57-4114-9A0D-1119F00C4398}) (Version: 3.0.0.21 - adaware) Hidden FossaMail 38.2.0 (x64 en-US) (HKLM\...\FossaMail 38.2.0 (x64 en-US)) (Version: 38.2.0 - Mozilla) Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Home Makeover (HKLM-x32\...\WTA-119d10c6-e47d-43c5-a3bb-0e4a20ca64d4) (Version: 3.0.2.59 - WildTangent) Hidden Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Chipset Device Software (HKLM-x32\...\{61a0f1f5-c77e-4992-ba85-029f93cd8d18}) (Version: 10.1.1.27 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4494 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.0.1039 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1620.3 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation) Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) Jewel Match 3 (HKLM-x32\...\WTA-2196bb26-ac97-4f11-a273-85bd9e328ceb) (Version: 2.2.0.97 - WildTangent) Hidden Jewel Match Snowscapes (HKLM-x32\...\WTA-0a400b82-edd5-427f-b7a3-8ffc2a8e78ee) (Version: 3.0.2.118 - WildTangent) Hidden LibreOffice 5.4.0.3 (HKLM-x32\...\{A58CEA35-2B5F-4720-B5BE-D0B6A1E645FB}) (Version: 5.4.0.3 - The Document Foundation) Magic Academy (HKLM-x32\...\WTA-d82ba917-cc37-4dec-82d2-564ead8c3f97) (Version: 2.2.0.97 - WildTangent) Hidden Microsoft OneDrive (HKU\S-1-5-21-3590818742-3342905787-1238264347-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Mozilla Firefox 45.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0 (x86 en-US)) (Version: 45.0 - Mozilla) Mozilla Firefox 57.0 (x64 pl) (HKLM\...\Mozilla Firefox 57.0 (x64 pl)) (Version: 57.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.1 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Nightly 14.0a1 (x64 en-US) (HKLM\...\Nightly 14.0a1 (x64 en-US)) (Version: 14.0a1 - Mozilla) NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation) NVIDIA Graphics Driver 362.03 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 362.03 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) OnlineThreatsEngine (HKLM\...\{26F31E12-3722-45FD-903B-49012286BB4C}) (Version: 3.0.1.23 - adaware) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.5.6040 - Electronic Arts, Inc.) Panel sterowania NVIDIA 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 384.94 - NVIDIA Corporation) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.3 - pdfforge GmbH) Polar Bowler 1st Frame (HKLM-x32\...\WTA-4c7fa5ff-8e11-47ed-a70d-b14866934fd6) (Version: 3.0.2.59 - WildTangent) Hidden PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: - Kakao Corp.) Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10299 - Qualcomm Atheros) Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.191 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.) Rory's Restaurant (HKLM-x32\...\WTA-49be1b72-7a4d-4d1a-8312-49ad7927af4b) (Version: 3.0.2.126 - WildTangent) Hidden Runefall (HKLM-x32\...\WTA-79eaa9b6-7550-4a04-b2b9-112134c569cb) (Version: 3.0.2.126 - WildTangent) Hidden SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden Spotify Weblink (HKLM-x32\...\{8CADF0CB-E834-4019-9B11-B84E051F2A8E}) (Version: 1.16.1210 - Acer) Unity Web Player (HKU\S-1-5-21-3590818742-3342905787-1238264347-1001\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS) Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden Vegas World (HKLM-x32\...\WildTangentGDF-acer-vegasworld) (Version: 13.0.0.6 - WildTangent) Hidden Villagers and Heroes (HKLM-x32\...\WildTangentGDF-acer-villagersandheroes) (Version: 13.0.0.6 - WildTangent) Hidden WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.1.1.12 - WildTangent) Hidden WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) Xerox WorkCentre 3045B (HKLM-x32\...\{C4AAF2CB-7F26-4F42-AB67-6330481AF375}) (Version: 1.011.00 - Xerox) Hidden Xerox WorkCentre 3045B (HKLM-x32\...\InstallShield_{C4AAF2CB-7F26-4F42-AB67-6330481AF375}) (Version: 1.011.00 - Xerox) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3590818742-3342905787-1238264347-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3590818742-3342905787-1238264347-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - English\dwgviewr.exe (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-05-30] (Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-05-30] (Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-05-30] (Acer Incorporated) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-15] (Autodesk, Inc.) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-15] (Autodesk) ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2017-03-18] (Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers2: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\AdAwareShellExtension.dll [2017-11-01] () ContextMenuHandlers2-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd) ContextMenuHandlers2-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd) ContextMenuHandlers3: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\AdAwareShellExtension.dll [2017-11-01] () ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd) ContextMenuHandlers3-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxDTCM.dll [2017-02-07] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-07-19] (NVIDIA Corporation) ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd) ContextMenuHandlers6-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd) ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {05C2ED8A-991F-42C8-BF41-DD75C3282C4A} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2016-06-25] () Task: {05E13306-7B61-49BD-8B60-13D6BD112314} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-17] (Google Inc.) Task: {1563B2AB-85AB-49CC-9E0B-D80E961763BC} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2017-10-02] (Acer) Task: {17E59FF8-4D54-4B5F-B0F0-470251DD6537} - System32\Tasks\nlmagdghbp => C:\Users\Remek\AppData\Local\ioxoklkyagn.bat [2017-11-12] () <==== UWAGA Task: {27013D0B-3D67-4A0A-B32E-38FB7E2CCA7A} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [2016-09-20] () Task: {2A96B968-2646-4894-A343-2CA7098E4C9A} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2016-06-25] () Task: {34A877EA-6BAA-40DA-81F5-4472E0A19249} - System32\Tasks\100newsupnetsoxkziwx => "C:\Program Files\Mozilla Firefox\firefox.exe" 100newsup.net/soxkziwx <==== UWAGA Task: {3B66A831-D9C6-4444-AB0C-0C0E8C52D86A} - System32\Tasks\App Explorer => C:\Users\Remek\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2017-10-07] (SweetLabs, Inc) <==== UWAGA Task: {481332D2-A174-42BA-A130-0DBF8A1010BC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-17] (Google Inc.) Task: {4ACC7871-47CF-4CC2-86EE-4E4FB91352B3} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2016-07-29] (Acer Incorporated) Task: {4D651F15-78B9-4B71-877C-C1204237D357} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2016-06-25] () Task: {533DB7B6-3D69-4256-A536-138BC2BF8471} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2016-07-29] (Acer Incorporated) Task: {57E11604-A071-4E19-8154-3B9CEDE8E07A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated) Task: {62F46201-9386-421B-9DD4-D031D17B7EBA} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [2015-05-14] () Task: {685885CE-1B9D-43E4-AE7E-5F05148BB72D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation) Task: {734B10C1-4AFA-4F45-B2C8-CBECF9028C3E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) Task: {788D3C90-1EC7-446A-A34C-ED7FA6BF3906} - System32\Tasks\lptgjvvoitf => C:\Users\Remek\AppData\Local\bwhdiugx.bat [2017-11-12] () <==== UWAGA Task: {87383925-C7D9-47F9-9982-EC8D08E4FD10} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2016-07-29] (Acer Incorporated) Task: {A39DE2C0-CD1B-4377-BA44-0B02F0706E14} - System32\Tasks\pvcloeel => C:\Users\Remek\AppData\Local\wlzmz.bat [2017-11-12] () <==== UWAGA Task: {B3D27E5A-F965-46C1-BC14-A3FB676995F4} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-03-20] (Acer Incorporated) Task: {E7CE31AC-E513-4239-B705-C2D14616AB5C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: ) Task: {EDB7DE95-C072-4F40-8844-11B5C85C97C9} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"] Task: {EF5EDF67-D89C-486B-89DA-9C942383BE0E} - System32\Tasks\pswggvzcao => C:\Users\Remek\AppData\Local\mzqrygwxty.bat [2017-11-12] () <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Remek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,FileProtocolHandler "hxxp://www.mail.ru/cnt/20775012?gp=811144" ==================== Załadowane moduły (filtrowane) ============== 2016-03-05 04:26 - 2016-03-05 04:26 - 005570728 _____ () C:\WINDOWS\system32\IntelSSTAPO\ParameterService\libxml2-2.dll 2012-03-09 14:34 - 2012-03-09 14:34 - 000022528 _____ () C:\WINDOWS\System32\xrhr4aLM.DLL 2017-08-17 08:20 - 2005-04-22 05:36 - 000143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll 2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2016-12-10 01:38 - 2016-05-16 20:02 - 000111320 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll 2017-03-18 21:59 - 2017-03-20 05:01 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-11-12 21:39 - 2017-11-12 21:39 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-11-12 21:39 - 2017-11-12 21:39 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-11-12 21:39 - 2017-11-12 21:40 - 025461760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-11-07 13:56 - 2017-11-07 13:56 - 002552832 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\skypert.dll 2017-11-01 16:16 - 2017-11-01 16:16 - 004743640 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\AdAwareTray.exe 2017-11-01 16:16 - 2017-11-01 16:16 - 011753944 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\rpc_client.dll 2017-11-01 16:16 - 2017-11-01 16:16 - 000147416 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_filesystem-vc140-mt-1_65_1.dll 2017-11-01 16:16 - 2017-11-01 16:16 - 000032728 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_system-vc140-mt-1_65_1.dll 2017-11-01 16:16 - 2017-11-01 16:16 - 000125400 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_thread-vc140-mt-1_65_1.dll 2017-11-01 16:16 - 2017-11-01 16:16 - 000067544 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_date_time-vc140-mt-1_65_1.dll 2017-11-01 16:16 - 2017-11-01 16:16 - 000790488 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_log-vc140-mt-1_65_1.dll 2017-11-01 16:16 - 2017-11-01 16:16 - 000039896 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_chrono-vc140-mt-1_65_1.dll 2017-11-01 16:16 - 2017-11-01 16:16 - 000526296 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\boost_locale-vc140-mt-1_65_1.dll 2017-11-01 16:16 - 2017-11-01 16:16 - 003717592 _____ () C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.2.889.11556\RCF.dll 2016-06-25 03:54 - 2016-06-25 03:54 - 004644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe 2017-09-18 08:16 - 2017-09-18 08:16 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-08-11 20:24 - 2017-03-25 18:13 - 000193104 _____ () C:\Program Files\FossaMail\NSLDAP32V60.dll 2017-08-11 20:24 - 2017-03-25 18:13 - 000023120 _____ () C:\Program Files\FossaMail\NSLDAPPR32V60.dll 2017-08-11 20:24 - 2017-03-25 18:13 - 005406288 _____ () C:\Program Files\FossaMail\mozjs.dll 2016-05-17 06:50 - 2016-05-17 06:50 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-12-10 00:59 - 2016-06-15 02:14 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2017-08-17 08:20 - 2009-02-27 15:38 - 000139264 ____N () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2017-09-22 15:14 - 2017-09-22 15:14 - 000202528 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll 2017-09-22 15:17 - 2017-09-22 15:17 - 000654072 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll 2017-09-22 15:17 - 2017-09-22 15:17 - 000641312 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll 2017-09-22 15:16 - 2017-09-22 15:16 - 000119072 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll 2017-11-13 08:40 - 2017-11-13 08:40 - 000015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll 2017-03-20 14:24 - 2017-03-20 14:24 - 000013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll 2017-03-20 14:21 - 2017-03-20 14:21 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll 2017-10-02 14:56 - 2017-10-02 14:56 - 000202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll 2017-10-02 14:56 - 2017-10-02 14:56 - 000119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\adawareantivirusservice => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\adawareantivirusservice => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) HKU\S-1-5-21-3590818742-3342905787-1238264347-1001\Software\Classes\.scr: DWGTrueViewScriptFile => C:\WINDOWS\system32\notepad.exe "%1" ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2017-08-17 07:45 - 2017-08-17 07:45 - 000000998 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 iws.corel.com 127.0.0.1 mc.corel.com 127.0.0.1 iws.corel.com 127.0.0.1 apps.corel.com 127.0.0.1 deploy.akamaitechnologies.com 127.0.0.1 compute-1.amazonaws.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3590818742-3342905787-1238264347-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\Services: GamesAppIntegrationService => 2 MSCONFIG\Services: GamesAppService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: Origin Web Helper Service => 2 HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run32: => "BrHelp" HKLM\...\StartupApproved\Run32: => "Launcher3045B" HKLM\...\StartupApproved\Run32: => "StatusAutoRun3045B" HKLM\...\StartupApproved\Run32: => "BrStsMon00" HKU\S-1-5-21-3590818742-3342905787-1238264347-1001\...\StartupApproved\Run: => "go" HKU\S-1-5-21-3590818742-3342905787-1238264347-1001\...\StartupApproved\Run: => "mailruhomesearch" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{466C808B-1217-42F5-9712-C9921C9CA6A0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{97D93D07-FDEB-4754-9F71-75D6FFC01CC8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe FirewallRules: [{4EBD406B-EC2F-4A24-B7CB-F3905D50C7FF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{CDA39E99-572F-49C4-A3E4-26BA21101136}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe FirewallRules: [{D91A4456-017F-403D-9339-F4F852A197CB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe FirewallRules: [{70E59047-4641-4762-B9A4-2E7FEF92F1B1}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe FirewallRules: [{E8731D52-78AA-4A08-A346-654727F874A4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{D6EF79A1-1AFD-472D-A31D-0B566DAFEBF7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{8C389429-0861-401C-8401-0C3AFE3F2650}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe FirewallRules: [{26C0C1EF-C54B-4672-B63B-6ACB1898BEDC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{2F81C22A-4807-4022-9238-3B6A5E0956B8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe FirewallRules: [{9A71100A-7AB2-4AB0-82EA-C52DCE3AC5A0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{B2775BF4-D359-4F8A-91DB-E69DDBBC44F3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7F2FC455-515A-42F1-B4B8-74C535A5277D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{03826860-98FF-44D8-AA48-71A43805D18E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{91FF1D94-AEE4-45E7-B73C-01252D115313}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F3B8AAA9-2334-423B-B250-7078FEC7E0C5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{7CE2E0A1-055D-4E03-972A-2F792D3E9906}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{0019610A-3E2B-4878-A352-17FB9696A368}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{FEF2E33F-ED62-4AC7-AB14-F30BE07AAB09}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{E35E436A-CE18-4DB8-AA46-6C93E023A949}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{459101C4-5AC6-423F-9822-C7D3128E2908}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{F025B222-2422-4926-ABA0-9514DB2FA595}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{123D5B3E-68E4-4E11-823D-C71CC12EC206}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [{32C42830-2DCB-4C58-8E75-6C54FC431C2F}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe FirewallRules: [{B9120F8F-543D-48C4-84F4-632E2D56929E}] => (Allow) C:\Users\Remek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0E4CF105-E0F9-434E-824E-7C3CC72C3CB1}] => (Allow) C:\Users\Remek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BC6CB8E2-DCBC-4177-914A-114C214A45DE}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13c\FAXRX.EXE FirewallRules: [{FF329209-42D5-4DDC-8898-108AC1FF0901}] => (Allow) LPort=54925 FirewallRules: [{118129F1-260E-4C58-9E6C-1D2AF611BF0A}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{89158675-8F8C-49C8-AF28-E184E4CC688E}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [TCP Query User{9D220E34-FD08-4E22-BF0C-3C0E8FDCF227}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{D3BBDF61-2AB1-43DD-B2B6-4FE1404EC150}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [{67702FAC-8E4F-4CD7-91B1-C1063811181C}] => (Allow) D:\Games\Need for Speed Rivals\NFS14_x86.exe FirewallRules: [{C1077613-018A-4B74-ABE5-092A093124BB}] => (Allow) D:\Games\Need for Speed Rivals\NFS14_x86.exe FirewallRules: [{CA8E542A-938D-4B09-94AB-79463C726479}] => (Allow) D:\Games\Need for Speed Rivals\NFS14.exe FirewallRules: [{F28ADCCD-BE1A-4618-B589-6944950C280B}] => (Allow) D:\Games\Need for Speed Rivals\NFS14.exe FirewallRules: [{2CCE7C08-38F4-43F6-9171-3ED65D110EA6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{F35CDBAE-7AEC-4898-84F0-7164D30A5336}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe ==================== Punkty Przywracania systemu ========================= ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (11/19/2017 03:53:32 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname LAPTOP-LJQG14GS.local already in use; will try LAPTOP-LJQG14GS-2.local instead Error: (11/19/2017 03:53:32 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 0; will rename 4 LAPTOP-LJQG14GS.local. Addr 192.168.0.17 Error: (11/19/2017 03:53:32 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.0.17:5353 16 LAPTOP-LJQG14GS.local. AAAA 2A02:A313:0061:7480:0000:0000:0000:0003 Error: (11/19/2017 12:43:39 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Nie powiodło się wykonanie procedury otwierania dla usługi „BITS” w bibliotece DLL „C:\Windows\System32\bitsperf.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu. Error: (11/19/2017 12:43:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname LAPTOP-LJQG14GS.local already in use; will try LAPTOP-LJQG14GS-2.local instead Error: (11/19/2017 12:43:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 0; will rename 16 LAPTOP-LJQG14GS.local. AAAA 2A02:A313:0061:7480:1D9C:D515:BB31:220B Error: (11/19/2017 12:43:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from FE80:0000:0000:0000:1D9C:D515:BB31:220B:5353 16 LAPTOP-LJQG14GS.local. AAAA 2A02:A313:0061:7480:0000:0000:0000:0003 Error: (11/16/2017 12:29:10 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: NFS14.exe, wersja: 1.4.0.0, sygnatura czasowa: 0x52f0ec6f Nazwa modułu powodującego błąd: NFS14.exe, wersja: 1.4.0.0, sygnatura czasowa: 0x52f0ec6f Kod wyjątku: 0xc0000409 Przesunięcie błędu: 0x0000000000d0b980 Identyfikator procesu powodującego błąd: 0xa40 Godzina uruchomienia aplikacji powodującej błąd: 0x01d35e4acbd69289 Ścieżka aplikacji powodującej błąd: D:\Games\Need for Speed Rivals\NFS14.exe Ścieżka modułu powodującego błąd: D:\Games\Need for Speed Rivals\NFS14.exe Identyfikator raportu: 10dbcce7-c2ec-4999-9ee6-4ce8526cd34f Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (11/15/2017 11:58:42 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program firefox.exe w wersji 57.0.0.6525 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 31b4 Godzina rozpoczęcia: 01d35e652faa2d35 Godzina zakończenia: 21 Ścieżka aplikacji: C:\Program Files\Mozilla Firefox\firefox.exe Identyfikator raportu: e307d4c8-2a7d-4258-baca-68f13832e1f7 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (11/15/2017 11:48:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: svchost.exe, wersja: 10.0.15063.0, sygnatura czasowa: 0x02799ef5 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.15063.608, sygnatura czasowa: 0x8274fd8b Kod wyjątku: 0xc0000409 Przesunięcie błędu: 0x00000000000aa020 Identyfikator procesu powodującego błąd: 0x2288 Godzina uruchomienia aplikacji powodującej błąd: 0x01d35d311918ad0e Ścieżka aplikacji powodującej błąd: c:\windows\system32\svchost.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll Identyfikator raportu: 49022786-f2c8-434d-9352-9140f9088366 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Dziennik System: ============= Error: (11/20/2017 08:19:27 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Aktualizacja definicji dla: Windows Defender — KB2267602 (Definicja 1.257.713.0). Error: (11/20/2017 08:19:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Program antywirusowy Windows Defender z powodu następującego błędu: System Windows nie może zweryfikować podpisu cyfrowego tego pliku. Ostatnia zmiana sprzętu lub oprogramowania mogła spowodować zainstalowanie pliku, który jest niepoprawnie podpisany lub uszkodzony. Możliwe także, że jest to złośliwe oprogramowanie pochodzące z nieznanego źródła. Error: (11/20/2017 08:18:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Aktualizacja definicji dla: Windows Defender — KB2267602 (Definicja 1.257.660.0). Error: (11/20/2017 08:18:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Program antywirusowy Windows Defender z powodu następującego błędu: System Windows nie może zweryfikować podpisu cyfrowego tego pliku. Ostatnia zmiana sprzętu lub oprogramowania mogła spowodować zainstalowanie pliku, który jest niepoprawnie podpisany lub uszkodzony. Możliwe także, że jest to złośliwe oprogramowanie pochodzące z nieznanego źródła. Error: (11/20/2017 08:15:04 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (11/15/2017 11:48:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Update niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (11/15/2017 11:48:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Update Orchestrator Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (11/15/2017 11:48:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Menedżer połączeń usługi Dostęp zdalny niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (11/15/2017 09:06:23 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Aktualizacja definicji dla: Windows Defender — KB2267602 (Definicja 1.257.540.0). Error: (11/15/2017 09:05:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Program antywirusowy Windows Defender z powodu następującego błędu: System Windows nie może zweryfikować podpisu cyfrowego tego pliku. Ostatnia zmiana sprzętu lub oprogramowania mogła spowodować zainstalowanie pliku, który jest niepoprawnie podpisany lub uszkodzony. Możliwe także, że jest to złośliwe oprogramowanie pochodzące z nieznanego źródła. CodeIntegrity: =================================== Date: 2017-11-20 08:19:20.387 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-11-20 08:18:26.805 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-11-20 08:15:04.143 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. Date: 2017-11-19 15:53:33.223 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. Date: 2017-11-16 00:29:43.935 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. Date: 2017-11-16 00:29:39.580 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. Date: 2017-11-16 00:03:25.973 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. Date: 2017-11-15 23:55:00.533 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. Date: 2017-11-15 23:30:13.983 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. Date: 2017-11-15 23:00:11.347 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz Procent pamięci w użyciu: 68% Całkowita pamięć fizyczna: 8060.22 MB Dostępna pamięć fizyczna: 2532.94 MB Całkowita pamięć wirtualna: 12668.22 MB Dostępna pamięć wirtualna: 7340.97 MB ==================== Dyski ================================ Drive c: (System) (Fixed) (Total:466.09 GB) (Free:406.28 GB) NTFS Drive d: (Data) (Fixed) (Total:464.3 GB) (Free:324.62 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 415F21A6) Partition: GPT. ==================== Koniec Addition.txt ============================