Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:05-03-2016 01 Uruchomiony przez Lewandosie (2018-01-09 11:42:01) Uruchomiony z C:\Users\Lewandosie\Desktop\FRST Windows 7 Home Premium Service Pack 1 (X64) (2014-08-11 22:40:57) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1873305243-1807652570-931623353-500 - Administrator - Disabled) Gość (S-1-5-21-1873305243-1807652570-931623353-501 - Limited - Disabled) Lewandosie (S-1-5-21-1873305243-1807652570-931623353-1000 - Administrator - Enabled) => C:\Users\Lewandosie ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1873305243-1807652570-931623353-1000\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated) Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Aktualizacje NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC) DRAGON BALL XENOVERSE 2 (HKLM-x32\...\DRAGON BALL XENOVERSE 2_is1) (Version: - ) Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.1.0 - IObit) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.33.7 - Google Inc.) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3165 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation) Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.9.6 - PACE Anti-Piracy, Inc.) Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Lenovo Service Bridge (HKU\S-1-5-21-1873305243-1807652570-931623353-1000\...\dda9ca0b023f4c56) (Version: 1.6.6.0 - Lenovo) Malwarebytes (wersja 3.3.1.2183) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik graficzny 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.91 - NVIDIA Corporation) Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{aaf3655f-6961-4be2-aa4e-6de4dc1dc8f4}) (Version: 16.1.5 - Intel Corporation) Panel sterowania NVIDIA 361.91 (Version: 361.91 - NVIDIA Corporation) Hidden Photo! Editor 1.1 (HKLM-x32\...\PhotoToolkit_is1) (Version: - ) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4.5 PLK (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50709 - Microsoft Corporation) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.) Smart View 2.0 (HKLM-x32\...\{FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1}) (Version: 1.0.0.0 - Samsung) System Requirements Lab Detection (HKLM-x32\...\{A10FA0DE-F993-4917-837F-89E9BCED971D}) (Version: 6.1.6.0 - Husdawg, LLC) The Sims 4 Cats and Dogs (HKLM\...\dGhlc2ltczQ_is1) (Version: 1 - ) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.36.102.1020 - Electronic Arts Inc.) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Windows 7 Codec Pack 4.1.5 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.1.5 - Windows 7 Codec Pack) WinRAR 5.11 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {3EF15D56-0171-4F38-9BE5-FAF4309404A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {5108A14E-35A7-400C-A7FA-994845D3B6BA} - System32\Tasks\{8B31D105-6185-4680-A7E7-D27AEB8EDD4B} => pcalua.exe -a "C:\drivers\11. WLAN Driver (Atheros, Broadcom)\Setup.exe" -d "C:\drivers\11. WLAN Driver (Atheros, Broadcom)" Task: {536CD18F-21BE-4C51-895B-A4B11CD2A63C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd) Task: {6EDAF7A9-6AC1-496A-9E16-76D83A7CE2C1} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-18] (NVIDIA Corporation) Task: {70154541-122A-4C45-A05C-51D98136AE27} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1873305243-1807652570-931623353-1000 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Lewandosie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms Task: {7ACF2976-F9AC-4590-93F3-783413208FD8} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation) Task: {7AF3674B-F162-41F7-8C28-A5BFCE55732B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation) Task: {82402F97-2436-4BBE-98E3-793BA23BE152} - System32\Tasks\Driver Booster SkipUAC (Lewandosie) => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe [2017-11-16] (IObit) Task: {92D63E59-7AF1-4C55-B03A-0659A8F87793} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\Scheduler.exe [2017-10-24] (IObit) Task: {CAF94390-E4C4-497C-B2E6-B3FE5DFFF274} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation) Task: {CC4F8B62-DFBE-4044-B936-C47C035C2141} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-09] (Adobe Systems Incorporated) Task: {D33ACA65-02CE-4CB8-B6C6-E00260A7F7C2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation) Task: {EFD79353-B61B-454E-B2BC-7B3AE39EC726} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {F41E8D1F-C6D0-4969-92E7-977767675CCA} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe Task: {FEB83BD5-0E57-4157-9305-DD396A2DDDC3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2014-08-12 05:22 - 2016-02-09 09:39 - 00020536 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2014-08-12 05:26 - 2016-02-09 06:41 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-04-04 01:09 - 2013-04-04 01:09 - 04300432 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2014-08-13 18:31 - 2014-08-13 18:31 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe 2018-01-06 11:39 - 2018-01-06 13:17 - 02301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-01-06 10:10 - 2018-01-03 10:20 - 04063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll 2018-01-06 10:10 - 2018-01-03 10:20 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll 2014-08-12 05:22 - 2016-02-09 09:39 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2018-01-09 11:33 - 2017-10-16 10:14 - 00442144 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.1.0\madExcept_.bpl 2018-01-09 11:33 - 2017-10-16 10:14 - 00210720 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.1.0\madBasic_.bpl 2018-01-09 11:33 - 2017-10-16 10:14 - 00059680 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.1.0\madDisAsm_.bpl 2018-01-09 11:33 - 2016-08-01 10:48 - 00899872 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.1.0\webres.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\Lewandosie\Cookies:oVgosJpKFHQGJ5voClrpzx [2022] AlternateDataStreams: C:\Users\Lewandosie\Ustawienia lokalne:W4auzV7mFXzvrv1m3stl [2120] AlternateDataStreams: C:\Users\Lewandosie\AppData\Local:W4auzV7mFXzvrv1m3stl [2120] AlternateDataStreams: C:\Users\Lewandosie\AppData\Local\Dane aplikacji:W4auzV7mFXzvrv1m3stl [2120] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2018-01-06 13:32 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1873305243-1807652570-931623353-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lewandosie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: BCSSync => "D:\OFFICE MS\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{3B66E05C-2ACF-40D2-ABA6-AF909AD711A9}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{FD6CCD66-61AE-4AD4-9A4D-0912E5F1FD6B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{C91CC209-CF98-48CA-9EED-8A03CABF29B8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{13E4D4F1-4286-4CF0-B119-BB6EBE004533}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{37B05FEB-429E-47E7-8AAD-B1B035B3B9CB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{5634DA92-0402-4902-8676-2DD9C9C21785}] => (Allow) C:\Users\Lewandosie\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{82391104-900F-4A9E-B0F2-5C661230C1AD}] => (Allow) C:\Users\Lewandosie\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{338D1E0B-57C4-429C-AF7D-67DE1E98E2D3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{1E4266F5-DDA9-4EE4-ABBC-773B7101F35E}] => (Allow) D:\OFFICE MS\Office14\GROOVE.EXE FirewallRules: [{F5CB3525-A270-4D50-9669-E18E082A7AC5}] => (Allow) D:\OFFICE MS\Office14\GROOVE.EXE FirewallRules: [{F2C3CA1C-649A-4D73-8B43-8A0FC30EB926}] => (Allow) D:\OFFICE MS\Office14\ONENOTE.EXE FirewallRules: [{42578322-14CC-4D09-A369-88268B309198}] => (Allow) D:\OFFICE MS\Office14\ONENOTE.EXE FirewallRules: [{EBC87AB4-7052-47B6-8ABD-7C685B5EC1E9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{7C1C6AE2-22EA-4C0D-88A2-C0478882C5BB}] => (Allow) LPort=2869 FirewallRules: [{C17B4C36-753C-40DB-B936-65A503B3B6D9}] => (Allow) LPort=1900 FirewallRules: [{3118F49B-3F37-4878-8BCD-BFFD8CDE7613}] => (Allow) E:\SIMS4\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{B995382E-C6A3-414A-B932-E71243AAFE42}] => (Allow) E:\SIMS4\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{FA8BCEF1-54CA-4B3E-BBE0-882232738974}] => (Allow) E:\SIMS4\The Sims 4\Game\Bin\TS4_x64.exe FirewallRules: [{1B8D4472-DD26-4559-93B6-0A29DAD1EFD8}] => (Allow) E:\SIMS4\The Sims 4\Game\Bin\TS4_x64.exe FirewallRules: [{2F3E0DC1-4153-4036-BFA2-7A5ADD8C67E0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{5106892C-B9A5-47CB-8378-574C481AF593}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe FirewallRules: [{6369D27D-09BE-49BD-9533-D7E30A28B9CE}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe FirewallRules: [{AD894777-2C4E-4E54-AB4A-157EB350DC9C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DBDownloader.exe FirewallRules: [{E6EA5081-4B8C-4CD5-B4F9-05C0880D3ACA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DBDownloader.exe FirewallRules: [{4C7FA5BC-CDA3-4B3E-B7E2-34CD239996E0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\AutoUpdate.exe FirewallRules: [{2525A4F9-D1BC-43F2-95F0-26C84F76AD02}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.1.0\AutoUpdate.exe ==================== Punkty Przywracania systemu ========================= 27-11-2017 11:50:29 Installed Antares Auto-Tune 7 TDM. 27-11-2017 11:51:17 Installed Interlok driver setup x64. 14-12-2017 20:07:50 Zaplanowany punkt kontrolny 04-01-2018 12:52:41 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 04-01-2018 12:53:21 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 04-01-2018 12:53:54 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 06-01-2018 11:43:45 Removed Antares Auto-Tune 7 TDM. 06-01-2018 13:31:40 Restore Point Created by FRST 08-01-2018 11:44:42 Installed Microsoft Solution - B4164D8C-3813-495A-BBBC-BA51D122A226 08-01-2018 11:46:07 Installed Microsoft Solution - B4164D8C-3813-495A-BBBC-BA51D122A226 ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler Ethernet Description: Kontroler Ethernet Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler magistrali zarządzania systemem Description: Kontroler magistrali zarządzania systemem Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (01/09/2018 11:12:25 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/09/2018 11:11:58 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (01/09/2018 11:11:58 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (01/09/2018 11:11:58 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=17, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (01/08/2018 09:58:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/08/2018 09:57:51 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (01/08/2018 09:57:51 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (01/08/2018 09:57:51 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=17, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (01/08/2018 10:16:29 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/08/2018 10:16:15 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Dziennik System: ============= Error: (01/06/2018 01:34:10 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: ZARZĄDZANIE NT) Description: Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 9 Identyfikator procesora: 0 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error: (01/06/2018 01:34:10 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: ZARZĄDZANIE NT) Description: Wystąpił krytyczny błąd sprzętowy. Zgłoszone przez składnik: rdzeń procesora Źródło błędu: 3 Typ błędu: 9 Identyfikator procesora: 0 Widok szczegółów tego wpisu zawiera dodatkowe informacje. Error: (01/06/2018 01:32:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\System32\IWMSSvc.dll Error: (01/06/2018 01:32:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\System32\IWMSSvc.dll Error: (01/06/2018 01:32:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\System32\IWMSSvc.dll Error: (01/06/2018 01:32:52 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\System32\IWMSSvc.dll Error: (01/06/2018 01:32:06 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Error: (01/06/2018 01:31:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (01/06/2018 01:31:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (01/06/2018 01:31:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) PROSet/Wireless Zero Configuration Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. CodeIntegrity: =================================== Date: 2016-04-23 12:25:34.155 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-23 12:25:34.140 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-23 11:34:15.037 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-23 11:34:15.021 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-23 11:33:59.406 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-23 11:33:59.374 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-23 08:52:27.680 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-23 08:52:27.649 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-23 08:51:56.246 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-23 08:51:56.199 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz Procent pamięci w użyciu: 30% Całkowita pamięć fizyczna: 8108.36 MB Dostępna pamięć fizyczna: 5596.31 MB Całkowita pamięć wirtualna: 16214.91 MB Dostępna pamięć wirtualna: 13647.66 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:195.21 GB) (Free:64.7 GB) NTFS Drive d: () (Fixed) (Total:390.62 GB) (Free:268.97 GB) NTFS Drive e: () (Fixed) (Total:345.57 GB) (Free:224.83 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D9FA2484) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=390.6 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=345.6 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================