Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 14.03.2018 Uruchomiony przez pc (12-04-2018 10:25:47) Uruchomiony z C:\Users\pc\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2013-08-01 12:15:19) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2351139496-3042340083-1055096574-500 - Administrator - Enabled) => C:\Users\Administrator Gość (S-1-5-21-2351139496-3042340083-1055096574-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2351139496-3042340083-1055096574-1003 - Limited - Enabled) pc (S-1-5-21-2351139496-3042340083-1055096574-1000 - Administrator - Enabled) => C:\Users\pc ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Microsoft Security Essentials (Enabled - Up to date) {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Up to date) {2C040BB5-2B06-7275-5A21-2B969A740B4B} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.24 - GIGABYTE) µTorrent (HKU\S-1-5-21-2351139496-3042340083-1055096574-1000\...\uTorrent) (Version: 3.3.1.29812 - BitTorrent Inc.) µTorrent (HKU\S-1-5-21-2351139496-3042340083-1055096574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018102053190\...\uTorrent) (Version: 3.3.1.29812 - BitTorrent Inc.) µTorrent (HKU\S-1-5-21-2351139496-3042340083-1055096574-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018102058120\...\uTorrent) (Version: 3.3.1.29812 - BitTorrent Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Audition CS6 (HKLM-x32\...\{30FD541D-3C9D-41C4-B240-A994EE4E0231}) (Version: 5.0 - Adobe Systems Incorporated) Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated) Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Aktualizacje NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden ALLPlayer Pilot (HKLM-x32\...\{146BDBDD-ACD9-4B04-A286-C27471841E8E}_is1) (Version: 1.3 - ALLPlayer Group, Ltd.) ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) AMD Catalyst Install Manager (HKLM\...\{57600D04-FB29-9138-679E-EB20F6A93228}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AutoGreen B12.0206.1 (HKLM-x32\...\{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) Hidden AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) AutoHotkey 1.1.26.01 (HKLM\...\AutoHotkey) (Version: 1.1.26.01 - Lexikos) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform) CPUID HWMonitor 1.29 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0335 - Disc Soft Ltd) Easy Tune 6 B12.0509.1 (HKLM-x32\...\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Hidden Easy Tune 6 B12.0509.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Endless Space 2 Galactic Statecraft (HKLM-x32\...\Endless Space 2 Galactic Statecraft_is1) (Version: - ) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.01 - SEIKO EPSON Corp.) Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION) f.lux (HKU\S-1-5-21-2351139496-3042340083-1055096574-1000\...\Flux) (Version: - f.lux Software LLC) f.lux (HKU\S-1-5-21-2351139496-3042340083-1055096574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018102053190\...\Flux) (Version: - f.lux Software LLC) FIFA 18 (HKLM-x32\...\{213CC10A-B8CB-4EBA-B277-6B08B7C22A65}) (Version: 1.0.51.48166 - Electronic Arts) GG (HKU\S-1-5-21-2351139496-3042340083-1055096574-1000\...\GG) (Version: 11 - GG Network S.A.) GG (HKU\S-1-5-21-2351139496-3042340083-1055096574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018102053190\...\GG) (Version: 11 - GG Network S.A.) GG (HKU\S-1-5-21-2351139496-3042340083-1055096574-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018102058120\...\GG) (Version: 11 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: - ) Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains) Litecoin (HKU\S-1-5-21-2351139496-3042340083-1055096574-1000\...\Litecoin) (Version: 0.8.5.1 - Litecoin project) Litecoin (HKU\S-1-5-21-2351139496-3042340083-1055096574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018102053190\...\Litecoin) (Version: 0.8.5.1 - Litecoin project) Litecoin (HKU\S-1-5-21-2351139496-3042340083-1055096574-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018102058120\...\Litecoin) (Version: 0.8.5.1 - Litecoin project) Malwarebytes (wersja 3.4.5.2467) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01055 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 59.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 59.0.2 (x64 pl)) (Version: 59.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla) NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) OEM Application Profile (HKLM-x32\...\{ADAED067-B399-069C-3B99-29D93AACA64E}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) OpenOffice 4.0.1 (HKLM-x32\...\{DA0106A3-216E-48DE-9CF6-655DA8FC1D22}) (Version: 4.01.9714 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 10.5.16.49299 - Electronic Arts, Inc.) Panel sterowania NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden Podręczniki firmy EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) PZ Signer (wersja 1.1) (HKLM-x32\...\{3534EE46-29C9-47C7-811E-2AE93B2D6745}_is1) (Version: 1.1 - Pentacomp Systemy Informatyczne S.A.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7779 - Realtek Semiconductor Corp.) Skype™ 7.39 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.39.102 - Skype Technologies S.A.) SteelSeries Engine 3.10.9 (HKLM\...\SteelSeries Engine 3) (Version: 3.10.9 - SteelSeries ApS) Stellaris Apocalypse (HKLM-x32\...\Stellaris Apocalypse_is1) (Version: - ) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKU\S-1-5-21-2351139496-3042340083-1055096574-1000\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKU\S-1-5-21-2351139496-3042340083-1055096574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018102053190\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) The Elder Scrolls V Skyrim Legendary Edition wersja 1.9.32.8 (HKLM-x32\...\The Elder Scrolls V Skyrim Legendary Edition_is1) (Version: 1.9.32.8 - GTX Box Team) Unity Web Player (HKU\S-1-5-21-2351139496-3042340083-1055096574-1000\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-2351139496-3042340083-1055096574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018102053190\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-2351139496-3042340083-1055096574-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018102058120\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS) Valkyria Chronicles (HKLM-x32\...\Valkyria Chronicles_is1) (Version: - ) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2351139496-3042340083-1055096574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018102053190_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\pc\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) CustomCLSID: HKU\S-1-5-21-2351139496-3042340083-1055096574-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\pc\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-08] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-08] (Alexander Roshal) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes) ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-08] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-08] (Alexander Roshal) ContextMenuHandlers1_S-1-5-21-2351139496-3042340083-1055096574-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\pc\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2013-01-17] (GG Network S.A.) ContextMenuHandlers4_S-1-5-21-2351139496-3042340083-1055096574-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\pc\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2013-01-17] (GG Network S.A.) ContextMenuHandlers5_S-1-5-21-2351139496-3042340083-1055096574-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\pc\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2013-01-17] (GG Network S.A.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0DAB29D5-D4D0-4CF0-B4A2-4CBEE8E6D336} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-16] (NVIDIA Corporation) Task: {1A7F5725-89F3-4107-B22B-606CA5652BF6} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-16] (NVIDIA Corporation) Task: {1F8BA700-EAF1-4A70-B7A3-1E5BC99FBE0B} - System32\Tasks\googleupdatetaskmachineua => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-29] (Google Inc.) Task: {2080EB20-0FB4-49EB-AF66-8BB8007DB7CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd) Task: {2C123FF4-A8B1-4B8D-8ED7-F117E9A1623C} - System32\Tasks\update-S-1-5-21-2351139496-3042340083-1055096574-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: ) Task: {3503F0B5-38C4-47E5-A77A-DCB4B412E1D2} - System32\Tasks\{685B6E71-A748-4757-955C-52CA98CB4D01} => C:\Windows\system32\pcalua.exe -a "D:\GRY\FIFA 13\__Installer\dotnet\dotnet35sp1\redist\dotnetfx35.exe" -d "D:\GRY\FIFA 13\__Installer\dotnet\dotnet35sp1\redist" Task: {390D2150-A96C-427C-AF34-9F7BAC3DF0D6} - System32\Tasks\googleupdatetaskmachinecore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-29] (Google Inc.) Task: {459F6DF4-F0B0-44C6-B2A0-E4CC5231FB64} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-16] (NVIDIA Corporation) Task: {52B573CE-4006-4FAE-851F-9409E8BA99E4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-16] (NVIDIA Corporation) Task: {5351E2B1-B751-4604-B8AC-983B3BB32C32} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-12-19] (Oracle Corporation) Task: {54CA77F9-FA27-4802-82B7-85E1E5D8797F} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation) Task: {589C7263-18BB-42D6-876E-CE09EFF72668} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated) Task: {5F5F0C85-DD72-4E66-BD1D-3709598C62EC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-16] (NVIDIA Corporation) Task: {6CE709F1-5D08-4AA5-857D-5F7BDECFEF74} - System32\Tasks\{E3CCC30B-D9FE-4F04-9965-A7319DC55A85} => C:\Windows\system32\pcalua.exe -a C:\Users\pc\AppData\Roaming\sweet-page\UninstallManager.exe -c -ptid=cor Task: {6D83EEDD-9188-4BE5-B17A-D9C91E1458EA} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation) Task: {70A7A959-260E-438E-8A8A-9602452E703A} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: ) Task: {79505D88-1F58-40F0-9B64-8D549C61097D} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe Task: {7B1E6EB5-B2DB-4BF0-973B-5214A656138C} - System32\Tasks\{2FD59695-BBF2-4A1E-8DA6-CFE13691E5D4} => C:\Program Files (x86)\Steam\Steam.exe [2018-04-03] (Valve Corporation) Task: {8BA0C699-D3E9-4F3A-9739-CE98093C731D} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated) Task: {8FE74D92-919B-425D-B502-FF5A9089C2BD} - System32\Tasks\ALLPlayer => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [2015-07-28] (ALLPlayer Group Ltd.) Task: {A0447167-FF45-4FDA-BD5F-79E01DA42DC9} - System32\Tasks\{7568228F-30DA-473F-921F-E970B1C01202} => C:\Windows\system32\pcalua.exe -a C:\Users\pc\Downloads\multibit-0.5.14-windows-setup.exe -d C:\Users\pc\Downloads Task: {B1F4965E-C7D3-4DFA-8F3A-9180112E2A56} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-16] (NVIDIA Corporation) Task: {C3C61678-F6CA-4D99-ABA8-2077669BA641} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [2018-04-10] (Adobe Systems Incorporated) Task: {C41D43A6-BADE-4429-A2CB-73D68D4FEE66} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-16] (NVIDIA Corporation) Task: {DD826837-0E2F-4DB0-A03C-72C80D1E073E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-10] (Adobe Systems Incorporated) Task: {EC175949-4D66-471B-B672-DA4F88F5FFF2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-16] (NVIDIA Corporation) Task: {EFEED8A2-7498-4080-BDBA-AA89C5267036} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {F492390F-BA97-432E-895A-90C58A93798F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Task: {FAF9F277-1E03-4E33-9983-79E799E9D99F} - System32\Tasks\hqfokcomiew => "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" hqfok.com/iew <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\update-S-1-5-21-2351139496-3042340083-1055096574-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2017-09-29 16:28 - 2017-09-16 21:23 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-04-11 19:51 - 2018-03-12 15:09 - 002300192 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-04-11 19:51 - 2018-03-27 13:47 - 002492704 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2010-01-09 20:17 - 2010-01-09 20:17 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-01-21 01:40 - 2010-01-21 01:40 - 008794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2017-09-29 16:28 - 2017-09-16 21:23 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2016-12-20 13:30 - 000000826 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2351139496-3042340083-1055096574-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-2351139496-3042340083-1055096574-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018102053190\Control Panel\Desktop\\Wallpaper -> C:\Users\pc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-2351139496-3042340083-1055096574-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04122018102058120\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) mpsdrv => Usługa "Zapora systemu Windows" nie jest uruchomiona. MpsSvc => Usługa "Zapora systemu Windows" nie jest uruchomiona. ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\Services: FontCache => 2 MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey MSCONFIG\startupreg: uTorrent => "C:\Users\pc\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{51C76FA9-D608-4D85-A050-48BD99F573A6}] => (Allow) C:\Users\pc\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{FA3C43B3-3C20-433A-8151-45D572A58CAE}] => (Allow) C:\Users\pc\AppData\Roaming\uTorrent\uTorrent.exe ==================== Punkty Przywracania systemu ========================= 11-04-2018 11:43:42 Windows Update 11-04-2018 20:59:52 Windows Update 11-04-2018 22:43:38 Zainstalowany program DirectX ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Karta tunelowania Teredo firmy Microsoft Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: RHDISK_AMD64 Description: RHDISK_AMD64 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: RHDISK_AMD64 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (04/12/2018 10:19:37 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/12/2018 12:39:34 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/11/2018 10:35:14 PM) (Source: Steam Client Service) (EventID: 1) (User: ) Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Error: (04/11/2018 10:35:14 PM) (Source: Steam Client Service) (EventID: 1) (User: ) Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe Error: (04/11/2018 10:18:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/11/2018 08:10:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/11/2018 11:30:58 AM) (Source: Steam Client Service) (EventID: 1) (User: ) Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe Error: (04/11/2018 11:30:58 AM) (Source: Steam Client Service) (EventID: 1) (User: ) Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe Dziennik System: ============= Error: (04/12/2018 10:19:39 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia. Error: (04/12/2018 10:19:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi RHDISK_AMD64 z powodu następującego błędu: System nie może odnaleźć określonej ścieżki. Error: (04/12/2018 10:18:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Adapter odbiornika Net.Tcp zależy od usługi Usługa udostępniania portów Net.Tcp, której nie można uruchomić z powodu następującego błędu: Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia. Error: (04/12/2018 10:18:51 AM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Usługa Adapter odbiornika Net.Pipe zależy od następującej usługi: was. Ta usługa może nie być zainstalowana. Error: (04/12/2018 10:18:51 AM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Usługa Adapter odbiornika Net.Msmq zależy od następującej usługi: msmq. Ta usługa może nie być zainstalowana. Error: (04/12/2018 10:18:35 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: ZARZĄDZANIE NT) Description: Funkcje zarządzania zasilaniem dotyczące wydajności dla procesora 3 w grupie 0 zostały wyłączone z powodu problemu z oprogramowaniem układowym. Skontaktuj się z producentem komputera w celu uzyskania aktualizacji oprogramowania układowego. Error: (04/12/2018 10:18:35 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: ZARZĄDZANIE NT) Description: Funkcje zarządzania zasilaniem dotyczące wydajności dla procesora 2 w grupie 0 zostały wyłączone z powodu problemu z oprogramowaniem układowym. Skontaktuj się z producentem komputera w celu uzyskania aktualizacji oprogramowania układowego. Error: (04/12/2018 10:18:35 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 35) (User: ZARZĄDZANIE NT) Description: Funkcje zarządzania zasilaniem dotyczące wydajności dla procesora 1 w grupie 0 zostały wyłączone z powodu problemu z oprogramowaniem układowym. Skontaktuj się z producentem komputera w celu uzyskania aktualizacji oprogramowania układowego. CodeIntegrity: =================================== Date: 2016-06-27 23:11:56.775 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\pc\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-06-27 23:11:56.677 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\pc\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-06-27 23:11:56.415 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-06-27 23:11:56.303 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: AMD FX(tm)-4130 Quad-Core Processor Procent pamięci w użyciu: 34% Całkowita pamięć fizyczna: 8189.55 MB Dostępna pamięć fizyczna: 5330.28 MB Całkowita pamięć wirtualna: 16377.28 MB Dostępna pamięć wirtualna: 13300.8 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:100 GB) (Free:16.38 GB) NTFS Drive d: () (Fixed) (Total:365.66 GB) (Free:35.17 GB) NTFS Drive f: (Endless Space 2 Galactic Statecr) (CDROM) (Total:7.39 GB) (Free:0 GB) UDF \\?\Volume{f6faf2de-fad4-11e2-9064-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 1893A63D) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=365.7 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================