Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 14.03.2018 Uruchomiony przez Dawid (14-04-2018 15:31:28) Uruchomiony z C:\ Windows 7 Professional Service Pack 1 (X64) (2015-03-29 07:28:17) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2189240929-4209594497-1460764873-500 - Administrator - Disabled) => C:\Users\Administrator Dawid (S-1-5-21-2189240929-4209594497-1460764873-1000 - Administrator - Enabled) => C:\Users\Dawid Gość (S-1-5-21-2189240929-4209594497-1460764873-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2189240929-4209594497-1460764873-1006 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95} AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated) Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated) Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.187 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated) Aktualizacje NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden Asystent BHP 9.0 (HKLM-x32\...\Asystent BHP 9.0_is1) (Version: 9.0.1.1 - Tarbonus) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0029 - ASUS) Brackets (HKLM-x32\...\{0ED76FF2-9370-4437-8C51-39F27DD0361B}) (Version: 1.8 - brackets.io) CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform) EagleGet version 2.0.4.10 (HKLM-x32\...\{F6D8142A-B30B-454B-9EE0-08A7B997DFE4}_is1) (Version: 2.0.4.10 - EagleGet) f.lux (HKU\S-1-5-21-2189240929-4209594497-1460764873-1000\...\Flux) (Version: - f.lux Software LLC) f.lux (HKU\S-1-5-21-2189240929-4209594497-1460764873-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142018151454167\...\Flux) (Version: - f.lux Software LLC) Farming Simulator 17 (HKLM\...\ZmFybWluZ3NpbXVsYXRvcjE3_is1) (Version: 1 - ) FileZilla Client 3.26.2 (HKLM-x32\...\FileZilla Client) (Version: 3.26.2 - Tim Kosse) Firebird 2.5.2.26540 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.2.26540 - Firebird Project) Fraps (HKLM-x32\...\Fraps) (Version: - ) Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: - FreeDownloadManager.ORG) Frozen-Bubble 1.0 (HKLM-x32\...\Frozen-Bubble_is1) (Version: - Frozen-Bubble.org) GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.317.0 - International GeoGebra Institute) GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team) HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.6.4 - Hi-Rez Studios) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Inkscape 0.92.1 (HKLM-x32\...\Inkscape) (Version: 0.92.1 - Inkscape Project) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2963 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.7.248 - Intel Corporation) Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation) Kodi (HKU\S-1-5-21-2189240929-4209594497-1460764873-1000\...\Kodi) (Version: - XBMC-Foundation) Kodi (HKU\S-1-5-21-2189240929-4209594497-1460764873-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142018151454167\...\Kodi) (Version: - XBMC-Foundation) Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains) Malwarebytes (wersja 3.2.2.2029) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation) Microsoft .NET Framework 4.7.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.7.02558 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2189240929-4209594497-1460764873-1000\...\OneDriveSetup.exe) (Version: 18.044.0301.0006 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2189240929-4209594497-1460764873-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142018151454167\...\OneDriveSetup.exe) (Version: 18.044.0301.0006 - Microsoft Corporation) Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Server Speech Recognition Language - TELE (pl-PL) (HKLM-x32\...\{BEFB9378-5E88-4266-8EB1-C92869449885}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Server Speech Text to Speech Voice (pl-PL, Paulina) (HKLM-x32\...\{6F2ACCD6-B1BC-410D-80BD-0ABB24D8D880}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Mozilla Firefox 59.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.1 (x64 en-US)) (Version: 59.0.1 - Mozilla) MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project) Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM\...\{90160000-001F-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation) NVIDIA Sterownik graficzny 388.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.59 - NVIDIA Corporation) Odkurzacz (HKLM-x32\...\Odkurzacz 14.3_is1) (Version: 14.3.0.4600 - FranmoSoftware - Maciej Opaliński) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 52.0.2871.64 (HKLM-x32\...\Opera 52.0.2871.64) (Version: 52.0.2871.64 - Opera Software) Paladins Public Test (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF403}) (Version: 0.63.2250.0 - Hi-Rez Studios) Panel sterowania NVIDIA 388.59 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.59 - NVIDIA Corporation) Hidden PIT Format 2016 (HKLM-x32\...\PIT Format 2016_is1) (Version: - Biuro Informatyki Stosowanej FORMAT) PIT-Y.pl 2018 (HKLM-x32\...\{18388CD6-6784-4FEA-B4FA-AA7450C96D7B}}_is1) (Version: 6.0.2 - GP SOFT) Program Pit 2016 - wersja: 10.0.5.48 (HKLM-x32\...\Roczne rozliczenie podatku dochodowego - PIT Gofin 2016_is1) (Version: - Wydawnictwo Podatkowe GOFIN sp. z o.o.) Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.41 - Ralink) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.27055 - Realtek Semiconduct Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8018 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.) Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.) Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.0.2 - IObit) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3115268) 64-Bit Edition (HKLM\...\{90160000-012B-0415-1000-0000000FF1CE}_Office16.PROPLUS_{5D633E34-0FA8-4C3F-8A16-D1A6C33C7015}) (Version: - Microsoft) Usługa Xperia Companion (HKLM\...\{86C9336F-6376-4E86-A09A-EA7177DEC3D5}) (Version: 1.7.2.0 - Sony) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.38 - ASUS) Wtyczka e-Deklaracje (HKLM-x32\...\{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1) (Version: 4.3.0 - Ministerstwo Finansów) Xperia Companion (HKLM-x32\...\{058506CE-4E1C-4087-878E-61D8B5F8F47A}) (Version: 1.7.2.0 - Sony) Hidden Xperia Companion (HKLM-x32\...\{65415473-2761-4ee3-85c1-5fdf086444c6}) (Version: 1.7.2.0 - Sony) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2189240929-4209594497-1460764873-1000_Classes\CLSID\{66D2E090-0288-8E0B-F116-0B18A9300ACB}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2189240929-4209594497-1460764873-1000_Classes\CLSID\{6d4c2238-c1b9-5d67-81d8-2cf6949997db}\InprocServer32 -> C:\Program Files (x86)\EagleGet\npEagleget64.dll (EagleGet) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Dawid\AppData\Local\MEGAsync\ShellExtX64.dll [2016-07-24] () ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Dawid\AppData\Local\MEGAsync\ShellExtX64.dll [2016-07-24] () ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Dawid\AppData\Local\MEGAsync\ShellExtX64.dll [2016-07-24] () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Dawid\AppData\Local\MEGAsync\ShellExtX64.dll [2016-07-24] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Dawid\AppData\Local\MEGAsync\ShellExtX64.dll [2016-07-24] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Dawid\AppData\Local\MEGAsync\ShellExtX64.dll [2016-07-24] () ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dawid\AppData\Local\MEGAsync\ShellExtX64.dll [2016-07-24] () ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => -> Brak pliku ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-01-29] (Microsoft Corporation) ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit) ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> Brak pliku ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-01-29] (Microsoft Corporation) ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Dawid\AppData\Local\MEGAsync\ShellExtX64.dll [2016-07-24] () ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-01-29] (Microsoft Corporation) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-02-21] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-12-05] (NVIDIA Corporation) ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> Brak pliku ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit) ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> Brak pliku ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {004328BB-5B3C-4A41-B489-7554109B2411} - System32\Tasks\{8971131A-445D-4553-8523-07274702144F} => C:\Users\Dawid\Desktop\MAMBA\MAMBA.EXE Task: {07537861-D9E4-47A6-B97D-2D55015615F4} - System32\Tasks\{32E00064-331C-4679-BD3D-B86F95E1DC69} => C:\Users\Dawid\Desktop\MAMBA\MAMBA.EXE Task: {07B02E00-0B05-49BC-8206-1E3290D900AA} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-12-15] (Realtek Semiconductor) Task: {0AF4E731-2999-40A9-A370-E5D287686AEC} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-12-05] (NVIDIA Corporation) Task: {15502C82-5398-40AE-9743-C32B4C1A3121} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {1A439861-FD80-4033-96C7-8878ADA0EAE1} - System32\Tasks\{A41B3401-FACC-4EB1-8776-C649FA5DC5AD} => C:\Users\Dawid\Desktop\MAMBA\MAMBA.EXE Task: {278A72B2-C782-4C6D-86C2-2F1715E25CEB} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-12-05] (NVIDIA Corporation) Task: {2879BA34-C8FB-4997-A607-D5C695F49F16} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2013-01-11] (ASUSTek Computer Inc.) Task: {2BCB22EB-A295-4E87-BB05-A7E0F4FA0F98} - System32\Tasks\{BDBCEFB8-D9E5-4CFD-97E6-C14AA4078C3C} => C:\Users\Dawid\Desktop\MAMBA.EXE Task: {2C9C8643-5DF4-461C-AC1C-041C74CE824E} - System32\Tasks\{A00411BD-712A-4586-AF7E-9D6B757EC203} => C:\Users\Dawid\Desktop\MAMBA\MAMBA.EXE Task: {3042F9B2-4DC6-4F69-A598-6D1D6EF9D769} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2018-02-01] (AVAST Software) Task: {36E97911-D87E-4A94-8FB5-3B151C90AD23} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-12-05] (NVIDIA Corporation) Task: {3B86D190-3D03-43BF-8686-1C30F1DFEE51} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-12-05] (NVIDIA Corporation) Task: {423DC9C6-883A-4716-86B2-635B82EB41F3} - System32\Tasks\{1CFC5E67-F42C-416E-B0D8-0599D49CE047} => C:\Windows\system32\pcalua.exe -a C:\Users\Dawid\Desktop\KiesSetup.exe -d C:\Users\Dawid\Desktop Task: {4BC03F5B-7929-435E-A657-8B3E16A0CBF6} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] () Task: {533A2C20-0AF0-4ACB-B194-CA3DE31C99FF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {5C0A9470-D4D7-4026-8023-D07F5B79D199} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-12-05] (NVIDIA Corporation) Task: {64B41743-CA86-45D0-BD7E-A3B1A4A11E7C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-12-05] (NVIDIA Corporation) Task: {663BBC78-972A-4973-903D-4F210D75C8C9} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-12-15] (Realtek Semiconductor) Task: {685A1D6B-FC5D-4D38-884B-55B6D390F41F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated) Task: {700E8339-37F7-401B-BC16-4D84FA9B8F6A} - System32\Tasks\{9742ACA3-D7E9-4753-BBA8-4A4737F3CACB} => C:\Windows\system32\pcalua.exe -a C:\Users\Dawid\Desktop\winsdk_web.exe -d C:\Users\Dawid\Desktop Task: {764923A9-7B2C-4C9D-807B-1755AC89682A} - System32\Tasks\{EDBF98EB-719F-4FC3-83AD-5241A3F099E4} => C:\Users\Dawid\Desktop\MAMBA\MAMBA.EXE Task: {7A4FDC3A-2E40-4AF9-B6C6-97824ECA17BD} - System32\Tasks\{1BEA72B6-44C7-4A8F-BA9D-209649882432} => C:\Users\Dawid\Desktop\MAMBA\MAMBA.EXE Task: {837A8753-8539-4659-AC9D-0A64E4751551} - System32\Tasks\{044C9D9A-82B5-4612-8B48-5AB2CE8A8486} => C:\Users\Dawid\Desktop\MAMBA.EXE Task: {84411E5A-0F41-420A-8BFD-4438BC63D642} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-12-05] (NVIDIA Corporation) Task: {850D688E-167A-4F05-916C-16F72BF07F0C} - System32\Tasks\{5CB75E58-A50B-43C9-9995-7DE57AA980F8} => C:\Users\Dawid\Desktop\MAMBA\MAMBA.EXE Task: {88FD6F0B-5522-4C3B-AA58-64D41CA3DE8D} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-03-23] (IObit) Task: {8F51D3D3-A1DD-4931-B0AC-9394BF65F571} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-12-05] (NVIDIA Corporation) Task: {90314593-97FA-4B43-BDB0-889113C332A7} - System32\Tasks\ASUS Wireless Console 3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2012-11-28] (ASUSTeK Computer Inc.) Task: {927D0753-E58D-4982-832C-B79548CAA113} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-05-16] () Task: {958335DE-E8F8-4E07-BB12-EF5D35A76DB6} - System32\Tasks\Opera scheduled Autoupdate 1427621553 => C:\Program Files (x86)\Opera\launcher.exe [2018-04-10] (Opera Software) Task: {A02FB373-508A-497A-9E6B-B06272403254} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [2017-10-27] (FreeDownloadManager.org) Task: {A703EB6F-7A84-4758-9773-B701FB48ACC3} - System32\Tasks\{44D19072-A031-4825-A9C1-98B46C02D6DF} => C:\Users\Dawid\Desktop\MAMBA\MAMBA.EXE Task: {B25C0329-4E99-4B21-8461-8A60DBA91CB5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd) Task: {B8CFB085-4D72-4EAE-8F60-5BC90D3E79A5} - System32\Tasks\update-S-1-5-21-2189240929-4209594497-1460764873-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2016-07-11] () Task: {BB10C826-2814-442E-B1EA-866913901BBE} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2189240929-4209594497-1460764873-1000 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {CB19370F-9434-47D0-89DB-167FC96B8B1C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {E6D8FE1E-C5E8-4F4E-B6E5-BC08640C43D1} - System32\Tasks\{16144DE4-D8E2-4F7B-BBD0-7FE71A1B99C0} => C:\Users\Dawid\Desktop\MAMBA\MAMBA.EXE (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\update-S-1-5-21-2189240929-4209594497-1460764873-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-12-30 16:36 - 2017-12-05 23:17 - 000019760 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2014-05-01 16:13 - 2016-07-24 18:37 - 000592384 _____ () C:\Users\Dawid\AppData\Local\MEGAsync\ShellExtX64.dll 2017-11-07 18:42 - 2017-10-27 18:26 - 000029184 _____ () C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\WinDivert.dll 2016-12-30 16:43 - 2017-12-05 23:17 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-03-10 01:04 - 2017-10-04 14:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2016-10-02 21:21 - 000000982 _____ C:\Windows\system32\Drivers\etc\hosts 37.187.170.202 forum.android.com.pl ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2189240929-4209594497-1460764873-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-2189240929-4209594497-1460764873-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142018151454167\Control Panel\Desktop\\Wallpaper -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-2189240929-4209594497-1460764873-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04142018151457435\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\Services: AdobeARMservice => 3 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: defragsvc => 3 MSCONFIG\Services: Disc Soft Lite Bus Service => 3 MSCONFIG\Services: egGetSvc => 2 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: GfExperienceService => 2 MSCONFIG\Services: HomeGroupListener => 3 MSCONFIG\Services: HomeGroupProvider => 3 MSCONFIG\Services: NvNetworkService => 2 MSCONFIG\Services: NvStreamNetworkSvc => 3 MSCONFIG\Services: NvStreamSvc => 2 MSCONFIG\Services: nvsvc => 2 MSCONFIG\Services: TapiSrv => 3 MSCONFIG\startupfolder: C:^Users^Dawid^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup MSCONFIG\startupfolder: C:^Users^Dawid^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Powiadomienia monitorowania tuszu - HP Deskjet 1510 series.lnk => C:\Windows\pss\Powiadomienia monitorowania tuszu - HP Deskjet 1510 series.lnk.Startup MSCONFIG\startupreg: ALLUpdate => "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\athbttray.exe" MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\btvstack.exe" MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" MSCONFIG\startupreg: XperiaCompanionAgent => "C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{81978136-C155-400F-A96D-3CEF6E855A63}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{47CDC61A-CD62-48F2-96C7-7240E65C726D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{AC75CDA4-8AE9-4DE6-AE46-97BF9A4690A9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{E6F0CAF9-2A08-4555-8313-300A449AB0DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{393CD154-5AF8-438C-A31B-B0D0E62B5C58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{B200C8A7-E664-4501-A560-B1019A29427F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{0B4CEE1C-FCCF-4463-880D-BCD1E117201F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{9F8991E0-D283-4D5E-9FA3-E38C834B5911}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [UDP Query User{7FB0F2D4-16CE-4748-8206-7FAD046CF70F}C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [TCP Query User{F54B3884-A716-4E07-AF39-12A1F139C4AA}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [UDP Query User{C70F3505-7100-4DA7-8F75-2CE6782F920F}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [TCP Query User{7ADD936A-5DF0-4CA0-94B6-2958F9DDF119}C:\program files\java\jre1.8.0_91\launch4j-tmp\minecraftzyczu.exe] => (Allow) C:\program files\java\jre1.8.0_91\launch4j-tmp\minecraftzyczu.exe FirewallRules: [UDP Query User{A1186D4C-7211-444B-B058-C1FF60DD5FAA}C:\program files\java\jre1.8.0_91\launch4j-tmp\minecraftzyczu.exe] => (Allow) C:\program files\java\jre1.8.0_91\launch4j-tmp\minecraftzyczu.exe FirewallRules: [{86B52DAB-B982-44AF-91E8-2AE39903CB2F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{15E40268-98EC-4A70-9E4B-6B06044E4567}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{C2C08B32-EBF5-469B-8C9B-FA2E2EE8E373}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{BCC274D7-6195-4E7F-97C9-E5A22A933D98}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{8D2E6C78-9D52-4FBC-9296-7B3E48FEBF1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe FirewallRules: [{58A30EBE-1269-4FCB-877B-6758F47DCEBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe FirewallRules: [TCP Query User{11F1B989-DEF3-4540-A019-D2D08DAA1BBA}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [UDP Query User{88E817BA-B46F-446A-9B39-8DC764E457D0}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [{E09F62E7-6B5F-465A-87FE-653778B6D584}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [{8E77D2BB-8ECC-4EA4-8FD3-B1F1CBC8C70D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [TCP Query User{B54B4C0F-89ED-4588-9358-8FCADB3BA085}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{D9129278-442F-4B19-BBED-7742640BB20E}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [{369FF270-BF13-4761-92B6-FB859AF04FA4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{71F77624-2487-4C60-9D4A-99B929A447D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{50146326-F8E1-4313-BD31-9BE00A18C6C3}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{EE434339-24FF-4DE0-8CE2-1927A42FB027}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [TCP Query User{9E8E3F51-D6E2-4C7E-AF18-958A00F0F688}C:\program files (x86)\steam\steamapps\common\drop alive\drop alive.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\drop alive\drop alive.exe FirewallRules: [UDP Query User{8A8B14C1-D883-4CAA-B16F-1C7DF7188257}C:\program files (x86)\steam\steamapps\common\drop alive\drop alive.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\drop alive\drop alive.exe FirewallRules: [{BCCFA1E6-B5FD-48D9-BFF7-1BD74F234124}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{54714341-4D1F-424B-90F1-1F311BCB123B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{43877174-0E1E-4A6B-9FEB-F6E352B9F272}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [TCP Query User{DCB2D1EB-030F-414F-B0E4-6DDA321883B8}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe FirewallRules: [UDP Query User{70C67739-CEDD-4D6B-8681-52B4557D512F}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe FirewallRules: [{02BAAF31-FD7A-46E3-811F-2E5630326DFE}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe FirewallRules: [TCP Query User{E838E1BE-07ED-4163-8F49-45478202BCD6}C:\program files (x86)\hi-rez studios\hirezgames\paladins pts\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\paladins pts\binaries\win32\paladins.exe FirewallRules: [UDP Query User{2C2BD80C-6428-4092-BB7B-3842BFA59ACE}C:\program files (x86)\hi-rez studios\hirezgames\paladins pts\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\paladins pts\binaries\win32\paladins.exe FirewallRules: [TCP Query User{9D4B8ED5-29FF-4309-93BC-B2AE68E28B05}C:\program files (x86)\hi-rez studios\hirezgames\paladins pts\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\paladins pts\binaries\win64\paladins.exe FirewallRules: [UDP Query User{A034BEE5-A2E5-49E3-8068-24440B68791F}C:\program files (x86)\hi-rez studios\hirezgames\paladins pts\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\paladins pts\binaries\win64\paladins.exe FirewallRules: [TCP Query User{60B79B1E-D31F-4D36-A0C5-2724677414B1}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe FirewallRules: [UDP Query User{296230F1-A895-4E82-96BB-AAAE3694F093}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win64\paladins.exe FirewallRules: [{10F6E7A0-57DE-4280-A183-64B5B3A1A1B3}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe FirewallRules: [{9DCF9269-B9C4-435F-A4AD-1D8154DAC5C2}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe FirewallRules: [{9ACE1F0A-C26F-472B-BB00-2CA840ADFB25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{B193610A-D465-4AB6-86AF-226C395F223E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{644A9B4F-9620-4450-A7BE-F5F52F92A0A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{C335564E-B138-4268-821D-BF07AEE410B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{CD778F09-321A-4BF4-91D8-EFCDD0130A3D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{0A8BAD3F-A547-43D9-9B1C-58F52C838613}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe FirewallRules: [{0B9837A5-DBEB-45B3-87AB-C6EEC9F6A237}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe FirewallRules: [{4E2787B8-2AE2-4152-8AC4-9A88D7BA6E49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe FirewallRules: [{45A5C0F7-32C8-4C9B-9219-83384F0EB65E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe FirewallRules: [{5CA65381-C966-4008-B953-3246FBA7CE37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{143FA261-9D07-4F81-B9EE-0F5E02116089}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{22C53F5F-8C7C-41E0-951F-2805B28A2682}] => (Allow) C:\Program Files (x86)\Opera\52.0.2871.40\opera.exe FirewallRules: [{45689948-96AD-4DEA-B525-C761132C7207}] => (Allow) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe FirewallRules: [TCP Query User{9708ECD8-5C15-45B9-B54F-97256056CFC3}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [UDP Query User{F4984823-0BC5-4650-B8FB-081BE6C4A329}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: USB2.0 HD UVC WebCam Description: Urządzenie wideo USB Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: usbvideo Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (04/14/2018 03:25:08 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program FRST64.exe w wersji 14.3.2018.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 16cc Godzina rozpoczęcia: 01d3d3f358c660b1 Godzina zakończenia: 0 Ścieżka aplikacji: C:\FRST64.exe Identyfikator raportu: e05ef182-3fe6-11e8-b4f9-240a6459bfb6 Error: (04/14/2018 03:10:15 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: ZARZĄDZANIE NT) Description: System Windows nie może załadować pliku rejestru klas. SZCZEGÓŁY — Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. Error: (04/14/2018 03:10:15 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: ZARZĄDZANIE NT) Description: System Windows nie może załadować rejestru. Częstą przyczyną tego problemu jest za mała ilość pamięci lub brak wystarczających praw zabezpieczeń. SZCZEGÓŁY - Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. for C:\Users\Dawid\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (04/13/2018 10:25:50 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program kodi.exe w wersji 17.6.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 17a4 Godzina rozpoczęcia: 01d3d3633b6bdbcf Godzina zakończenia: 171 Ścieżka aplikacji: C:\Program Files (x86)\Kodi\kodi.exe Identyfikator raportu: d5a94b38-3f58-11e8-bd52-240a6459bfb6 Error: (04/13/2018 09:51:29 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: ZARZĄDZANIE NT) Description: System Windows nie może załadować pliku rejestru klas. SZCZEGÓŁY — Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. Error: (04/13/2018 09:51:29 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: ZARZĄDZANIE NT) Description: System Windows nie może załadować rejestru. Częstą przyczyną tego problemu jest za mała ilość pamięci lub brak wystarczających praw zabezpieczeń. SZCZEGÓŁY - Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. for C:\Users\Dawid\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (04/08/2018 08:51:05 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: ZARZĄDZANIE NT) Description: System Windows nie może załadować pliku rejestru klas. SZCZEGÓŁY — Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. Error: (04/08/2018 08:51:05 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: ZARZĄDZANIE NT) Description: System Windows nie może załadować rejestru. Częstą przyczyną tego problemu jest za mała ilość pamięci lub brak wystarczających praw zabezpieczeń. SZCZEGÓŁY - Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. for C:\Users\Dawid\AppData\Local\Microsoft\Windows\\UsrClass.dat Dziennik System: ============= Error: (04/10/2018 03:42:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi eventlog. Error: (04/07/2018 06:54:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Hi-Rez Studios Authenticate and Update Service. Error: (04/07/2018 06:54:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Adobe Acrobat Update Service. Error: (04/03/2018 10:01:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Adobe Acrobat Update Service. Error: (04/01/2018 06:37:01 PM) (Source: BROWSER) (EventID: 8032) (User: ) Description: Usługa przeglądarki zbyt wiele razy nie zdołała pobrać listy kopii zapasowych w transporcie \Device\NetBT_Tcpip_{BEC78121-3DDE-4831-8DB2-758CF78DC575}. Przeglądarka zapasowa jest zatrzymywana. Error: (04/01/2018 01:59:13 PM) (Source: BROWSER) (EventID: 8032) (User: ) Description: Usługa przeglądarki zbyt wiele razy nie zdołała pobrać listy kopii zapasowych w transporcie \Device\NetBT_Tcpip_{BEC78121-3DDE-4831-8DB2-758CF78DC575}. Przeglądarka zapasowa jest zatrzymywana. Error: (03/31/2018 02:02:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi EapHost. Error: (03/29/2018 10:13:59 AM) (Source: Tcpip) (EventID: 4199) (User: ) Description: System wykrył konflikt adresów między adresem IP 192.168.1.2 a komputerem o sieciowym adresie sprzętowym 84-A6-C8-04-6C-71. W rezultacie mogą być zakłócone operacje sieciowe na tym komputerze. Windows Defender: =================================== Date: 2016-04-17 19:12:08.241 Description: Skanowanie produktu Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania:{DF7703C2-4DC0-4AF5-96FB-0C02573C6A8B} Typ skanowania:Oprogramowanie antyszpiegowskie Parametry skanowania:Szybkie skanowanie Użytkownik:Dawid-Komputer\Dawid CodeIntegrity: =================================== Date: 2016-01-20 18:19:07.147 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-20 17:46:11.098 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-19 14:15:24.868 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-19 14:04:26.224 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-19 12:47:31.748 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-18 15:07:55.020 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-18 14:51:51.688 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-18 14:41:50.635 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-2365M CPU @ 1.40GHz Procent pamięci w użyciu: 32% Całkowita pamięć fizyczna: 8075.68 MB Dostępna pamięć fizyczna: 5460.14 MB Całkowita pamięć wirtualna: 8137.86 MB Dostępna pamięć wirtualna: 5495.98 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:320.73 GB) NTFS Drive e: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 3F52D43B) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================