Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 30-11-2017 Uruchomiony przez hj (02-12-2017 16:04:35) Uruchomiony z D:\#download Windows 7 Ultimate Service Pack 1 (X64) (2017-05-31 01:54:28) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-681908984-3436804994-3010444629-500 - Administrator - Disabled) Gość (S-1-5-21-681908984-3436804994-3010444629-501 - Limited - Disabled) hj (S-1-5-21-681908984-3436804994-3010444629-1000 - Administrator - Enabled) => C:\Users\hj HomeGroupUser$ (S-1-5-21-681908984-3436804994-3010444629-1002 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-681908984-3436804994-3010444629-1000\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.) ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5102-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden ACAD Private (HKLM\...\{28B89EEF-0001-0000-3102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.) Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated) Adobe Reader 9.5.0 - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-A95000000001}) (Version: 9.5.0 - Adobe Systems Incorporated) AIDA64 Extreme v5.92 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.92 - FinalWire Ltd.) AMD Ryzen Master (HKLM\...\{03213877-8001-4F2C-8917-26B127DE1540}) (Version: 1.0.1.0239 - Advanced Micro Devices, Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) AutoCAD 2017 - English (HKLM\...\{28B89EEF-0001-0409-2102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden AutoCAD 2017 Language Pack - English (HKLM\...\{28B89EEF-0001-0409-1102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk) Autodesk AutoCAD 2017 - English (HKLM\...\AutoCAD 2017 - English) (Version: 21.0.52.0 - Autodesk) Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.0.45.5 - Autodesk) Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk) Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software) Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.51.47047 - Electronic Arts) Catalyst Control Center Next Localization BR (HKLM\...\{5CD729EF-176B-E0D4-52A6-5ED6CBC88520}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{5EB4E2AE-AC5E-2977-817F-9A5A0505367A}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{37C16D90-A5F9-63D1-ECCA-F7910802D01F}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{0ACA2B4F-0424-D68C-367D-C955920B7075}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{C67E6B85-8B16-635B-73A0-E2CDAFAED94B}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{A353AA66-92A5-C78A-9ACB-2D5DEE034586}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{C508BBBF-D0AB-3AD6-F64A-60B134E765F5}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{5A1F456F-F35F-FAF4-62E1-CBBE468FDB7C}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{B185C2D3-9396-72C4-97DD-7D8D3079C549}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{AC38A6EA-F40B-4A44-5CEB-D6FE1955289D}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{94D76FFE-B4BA-3997-9634-33ADCC722207}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{D556E147-7130-7B59-CCF7-489A02EE82D3}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{6BC655E2-6D19-F1B9-49B6-056676F8B2BF}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{DB0B66AD-D4E8-9C5A-6018-7E0F5C077DF8}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{F9E832F4-8FC7-2B20-6C9E-CA5E1BF463EB}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{485CC700-71A5-F7FF-A9B0-E03E1C7C628B}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{9B319932-2A29-29E8-7E65-3CAF1C161D2B}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{10671AF2-1285-FBB8-A478-219EE15E12E7}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{D3497ED2-6CD3-BFFB-8C29-1AF02201EBC7}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{AFB0BC0D-B426-C3B6-0330-16AB1E8B8394}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{A2CB08E7-C06A-907A-6797-2BFF8E444222}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform) CPUID CPU-Z 1.81.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.81.1 - ) CPUID HWMonitor 1.31 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) DIAL Communication Framework (HKLM-x32\...\{562D0D31-FBAF-4505-8B27-4EC92EEA91D6}) (Version: 1.3.1.215 - DIAL GmbH) DIAL Data Dispatcher (HKLM-x32\...\DIAL Data Dispatcher1.0) (Version: 1.0 - DIAL GmbH) DIALux 4.13 (HKLM-x32\...\DIALux) (Version: 4.13.0.1 - DIAL GmbH) Eaton Software (HKLM-x32\...\Eaton Software) (Version: 1.2.12 - Eaton) foobar2000 v0.9.5.4 (HKLM-x32\...\foobar2000) (Version: 0.9.5.4 - Peter Pawlowski) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - ) HWiNFO64 Version 5.60 (HKLM\...\HWiNFO64_is1) (Version: 5.60 - Martin Malík - REALiX) MEmu (HKLM-x32\...\MEmu) (Version: 3.0.8.0 - Microvirt Software Technology Co. Ltd.) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 53.0.3 (x64 pl) (HKLM\...\Mozilla Firefox 53.0.3 (x64 pl)) (Version: 53.0.3 - Mozilla) MSI Afterburner 4.4.0 (HKLM-x32\...\Afterburner) (Version: 4.4.0 - MSI Co., LTD) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.5.6.6235 - Electronic Arts, Inc.) PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: - Kakao Corp.) PowerISO (HKLM-x32\...\PowerISO) (Version: 6.8 - Power Software Ltd) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.103.1007.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.) SketchUp Import 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) Tlen.pl (HKLM-x32\...\Tlen.pl) (Version: 6.0.3.67 - o2.pl Sp. z o. o.) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 b2 - Ghisler Software GmbH) Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-681908984-3436804994-3010444629-1000_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-681908984-3436804994-3010444629-1000_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-681908984-3436804994-3010444629-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\en-US\acadficn.dll (Autodesk, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-19] (AVAST Software) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-07] (Autodesk) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-19] (AVAST Software) ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-19] (AVAST Software) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Ltd) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-06-12] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-19] (AVAST Software) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-02-02] (Power Software Ltd) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {158DCC12-B144-4DC0-9715-D702EFB60D4D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-19] (AVAST Software) Task: {A03B6500-162B-4F2A-B51E-104997C2A27C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-31] (Google Inc.) Task: {AFE17869-1363-429F-95B6-007560DD4E60} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2017-10-31] () Task: {B20CF790-D515-4D6C-9B53-12ABC52F9F0F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-31] (Google Inc.) Task: {ECDF6CDA-7848-4368-B916-5BEE90E376B8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2017-06-07 22:35 - 2010-03-04 16:56 - 000289280 _____ () C:\Windows\System32\HP1100LM.DLL 2017-06-07 22:35 - 2010-03-04 16:56 - 000074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL 2017-06-07 22:05 - 2017-06-07 22:04 - 000008192 _____ () C:\Windows\SysWOW64\srvany.exe 2017-06-07 22:05 - 2017-06-07 22:04 - 000151552 _____ () C:\Windows\KMService.exe 2017-10-31 10:05 - 2017-10-31 10:05 - 000722216 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe 2017-11-19 00:24 - 2017-11-19 00:24 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll 2017-11-19 00:24 - 2017-11-19 00:24 - 000169832 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll 2017-11-19 00:24 - 2017-11-19 00:24 - 000859216 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll 2017-11-19 00:24 - 2017-11-19 00:24 - 000292408 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll 2017-03-30 10:02 - 2016-01-16 05:00 - 000895320 _____ () C:\Program Files\Microvirt\MEmu\adb.exe 2017-11-08 14:34 - 2017-11-02 18:48 - 000021848 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe 2017-11-19 00:24 - 2017-11-19 00:24 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll 2017-11-19 00:24 - 2017-11-19 00:24 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-11-19 00:24 - 2017-11-19 00:24 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-11-19 00:24 - 2017-11-19 00:24 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-11-19 00:24 - 2017-11-19 00:24 - 000151104 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll 2017-12-01 20:39 - 2017-12-01 20:39 - 005892848 _____ () C:\Program Files\AVAST Software\Avast\defs\17120110\algo.dll 2017-11-19 00:24 - 2017-11-19 00:24 - 000710056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-12-02 11:34 - 2017-12-02 11:34 - 005892848 _____ () C:\Program Files\AVAST Software\Avast\defs\17120202\algo.dll 2017-10-29 21:01 - 2017-10-29 21:01 - 000071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll 2017-10-29 21:00 - 2017-10-29 21:00 - 000056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll 2017-10-29 21:01 - 2017-10-29 21:01 - 000232448 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll 2017-10-29 21:01 - 2017-10-29 21:01 - 000357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll 2017-10-29 21:01 - 2017-10-29 21:01 - 000565760 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll 2017-07-11 06:35 - 2017-07-11 06:36 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-03-30 10:02 - 2016-01-16 05:01 - 000128552 _____ () C:\Program Files\Microvirt\MEmu\libgcc_s_dw2-1.dll 2017-03-30 10:02 - 2016-01-16 05:01 - 001040608 _____ () C:\Program Files\Microvirt\MEmu\libstdc++-6.dll 2017-03-30 10:02 - 2016-01-16 05:01 - 002771568 _____ () C:\Program Files\Microvirt\MEmu\icuin53.dll 2017-03-30 10:02 - 2016-01-16 05:01 - 001736912 _____ () C:\Program Files\Microvirt\MEmu\icuuc53.dll 2017-03-30 10:02 - 2016-09-22 12:25 - 001335432 _____ () C:\Program Files\Microvirt\MEmu\icudt53.dll 2017-06-12 22:14 - 2017-06-12 22:14 - 000356744 _____ () C:\Windows\SysWOW64\GameManager32.dll 2017-11-08 14:34 - 2017-11-08 14:34 - 000015360 _____ () C:\Program Files (x86)\Origin\libEGL.DLL 2017-11-08 14:34 - 2017-11-08 14:34 - 003090944 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) HKU\S-1-5-21-681908984-3436804994-3010444629-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2017-06-01 18:46 - 000008578 ____R C:\Windows\system32\Drivers\etc\hosts 0.0.0.0 storeedgefd.dsx.mp.microsoft.com 0.0.0.0 settings-ssl.xboxlive.com.nsatc.net 0.0.0.0 tiles.xbox.com.nsatc.net 0.0.0.0 musicmatch-ssl.xboxlive.com.nsatc.net 0.0.0.0 epix.xbox.com.nsatc.net 0.0.0.0 vdlimages.xboxlive.com.nsatc.net 0.0.0.0 download-ssl.xbox.com.nsatc.net 0.0.0.0 a-msedge.net 0.0.0.0 a-0001.a-msedge.net 0.0.0.0 a-0002.a-msedge.net 0.0.0.0 a-0003.a-msedge.net 0.0.0.0 a-0004.a-msedge.net 0.0.0.0 a-0005.a-msedge.net 0.0.0.0 a-0006.a-msedge.net 0.0.0.0 a-0007.a-msedge.net 0.0.0.0 a-0008.a-msedge.net 0.0.0.0 a-0009.a-msedge.net 0.0.0.0 ads.msn.com 0.0.0.0 ads1.msads.net 0.0.0.0 a.ads1.msn.com 0.0.0.0 a.ads2.msn.com 0.0.0.0 a.rad.msn.com 0.0.0.0 aidps.atdmt.com 0.0.0.0 apps.skype.com 0.0.0.0 az361816.vo.msecnd.net 0.0.0.0 az512334.vo.msecnd.net 0.0.0.0 b.ads1.msn.com 0.0.0.0 b.rad.msn.com 0.0.0.0 bs.serving-sys.com 0.0.0.0 c.atdmt.com Wykryto więcej niż wyliczono: 164 linii. ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-681908984-3436804994-3010444629-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\hj\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 62.179.1.62 - 62.179.1.63 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\Services: wuauserv => 2 MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{DC67DAC4-CC65-4A8A-B94D-63668CBF649F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{8FE6E61B-A010-4620-975D-E26DD3325D72}] => (Allow) C:\Program Files\Microvirt\MEmu\MEmu.exe FirewallRules: [{9EC3CFA8-A67D-426F-A32F-2ECFE93193FD}] => (Allow) C:\Program Files\Microvirt\MEmu\MEmu.exe FirewallRules: [{11B84706-3417-473F-AC58-79E078AC33CA}] => (Allow) C:\Users\hj\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B2746083-9D70-45E5-BB89-2EF8375096D3}] => (Allow) C:\Users\hj\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E97ECD26-96D7-43B6-AF3B-471E1A1FB428}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{47626346-70EC-4D97-AC0A-E5C0B6266ED4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{87C54432-1C1F-47CC-8D97-EBD634AABAF7}] => (Allow) LPort=9100 FirewallRules: [{93AF3461-E8EA-4095-B10C-D82F4CCB881A}] => (Allow) LPort=427 FirewallRules: [{30D58809-D6BD-453C-8295-F720486963C8}] => (Allow) LPort=161 FirewallRules: [TCP Query User{0CE7DCD4-9B96-47EE-9A17-E8B72A0EB733}C:\program files (x86)\tlen.pl\tlen.exe] => (Allow) C:\program files (x86)\tlen.pl\tlen.exe FirewallRules: [UDP Query User{B22F9352-787C-483A-91D9-055E3C908285}C:\program files (x86)\tlen.pl\tlen.exe] => (Allow) C:\program files (x86)\tlen.pl\tlen.exe FirewallRules: [{C14EBED2-8005-443A-9F2A-9778172AEA28}] => (Allow) C:\Steam\Steam.exe FirewallRules: [{1C6F6983-4E6E-4C7E-AE9A-882B025C411A}] => (Allow) C:\Steam\Steam.exe FirewallRules: [{117687EB-A3EC-416C-B6A1-619D9ED69205}] => (Allow) C:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B4093ADE-0BCD-4A0B-8F11-7BBFC1E448BE}] => (Allow) C:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{3E77961F-BB3B-47BD-8A84-E44E59F3AB0C}] => (Allow) C:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe FirewallRules: [{02D5DFC7-59A5-4E4B-8E69-7184054C3799}] => (Allow) C:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe FirewallRules: [TCP Query User{6D844FC8-1AA1-42C3-A901-87EFA32B8648}C:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [UDP Query User{E308D6AB-25B3-4B7E-817A-1171356359DF}C:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [{C8B10308-E796-48C9-8709-B7B222F965A0}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe FirewallRules: [{211CDBAD-6A14-4DF6-9869-19279A0B03C7}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe FirewallRules: [{F327FCFF-DA99-46F6-A39E-8E86BD0FD3C0}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe FirewallRules: [{70C0636B-9F4D-435D-9FEB-FF418412374D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe FirewallRules: [TCP Query User{43CE0103-75AD-4736-9C9A-CC34AFE62409}C:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe FirewallRules: [UDP Query User{24E992BD-701C-4AEA-B4B2-DC5DEB17D4E3}C:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/02/2017 11:34:19 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/01/2017 10:17:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: bf1.exe, wersja: 1.0.51.47047, sygnatura czasowa: 0x59fa9b9f Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.23796, sygnatura czasowa: 0x59029714 Kod wyjątku: 0x887a0005 Przesunięcie błędu: 0x000000000001a06d Identyfikator procesu powodującego błąd: 0x1154 Godzina uruchomienia aplikacji powodującej błąd: 0x01d36ae64dea92ff Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\KERNELBASE.dll Identyfikator raportu: 17c232a0-d6dd-11e7-94e9-7085c23a72a7 Error: (12/01/2017 08:39:31 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/01/2017 02:57:23 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (12/02/2017 11:34:18 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (12/02/2017 11:34:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (12/02/2017 11:34:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (12/01/2017 08:39:30 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (12/01/2017 08:39:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (12/01/2017 08:39:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (12/01/2017 03:01:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Serwer zakończyła działanie; wystąpił następujący błąd: Usługa nie została uruchomiona. Error: (12/01/2017 03:01:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa modułu wyliczającego urządzenia przenośne z powodu następującego błędu: Trwa proces zamykania systemu. Error: (12/01/2017 03:01:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Dostęp do urządzeń interfejsu HID z powodu następującego błędu: Trwa proces zamykania systemu. Error: (12/01/2017 03:01:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Host usługi diagnostyki z powodu następującego błędu: Usługa nie została uruchomiona z powodu nieudanego logowania. ==================== Statystyki pamięci =========================== Procesor: AMD Ryzen 5 1600 Six-Core Processor Procent pamięci w użyciu: 12% Całkowita pamięć fizyczna: 16316.89 MB Dostępna pamięć fizyczna: 14298.95 MB Całkowita pamięć wirtualna: 32631.97 MB Dostępna pamięć wirtualna: 30396.8 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:223.47 GB) (Free:74.96 GB) NTFS Drive d: () (Fixed) (Total:622.99 GB) (Free:579.86 GB) NTFS Drive e: () (Fixed) (Total:621.48 GB) (Free:602.2 GB) NTFS Drive f: (Dysk lokalny) (Fixed) (Total:618.42 GB) (Free:595.62 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: ACCF86E2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt ============================