Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja: 23.04.2018 Uruchomiony przez Piotr (24-04-2018 16:05:54) Uruchomiony z C:\Users\Piotr\Desktop Microsoft Windows 10 Home Wersja 1709 16299.371 (X86) (2018-01-15 17:30:44) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2399471354-2781755390-4139130681-500 - Administrator - Enabled) => C:\Users\Administrator Gość (S-1-5-21-2399471354-2781755390-4139130681-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2399471354-2781755390-4139130681-1003 - Limited - Enabled) Konto domyślne (S-1-5-21-2399471354-2781755390-4139130681-503 - Limited - Disabled) Piotr (S-1-5-21-2399471354-2781755390-4139130681-1000 - Administrator - Enabled) => C:\Users\Piotr WDAGUtilityAccount (S-1-5-21-2399471354-2781755390-4139130681-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: COMODO Antivirus (Enabled - Up to date) {08B84BA8-CC77-5A8B-A100-3F522B1B6106} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: COMODO Advanced Protection (Enabled - Up to date) {B3D9AA4C-EA4D-5505-9BB0-0420509C2BBB} FW: COMODO Firewall (Enabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.) 7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Acrobat Reader DC - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated) Adobe AIR (HKLM\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated) Adobe Digital Editions 3.0 (HKLM\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated) Adobe Flash Player 29 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated) Aktualizacje NVIDIA 15.3.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 15.3.33 - NVIDIA Corporation) Hidden AviSynth 2.5 (HKLM\...\AviSynth) (Version: - ) Badanie mające na celu poprawę produktów HP Deskjet 3540 series (HKLM\...\{5579F718-CA53-4E74-AB43-4E22DB774E93}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) BankBrowser (HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\...\BankBrowser) (Version: 3.6 - DialCom24 Sp. z o.o.) BitPim 1.0.6 (HKLM\...\{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1) (Version: 1.0.6 - Joe Pham ) Brackets (HKLM\...\{73C9B88C-61DF-4DC1-9F38-8FBB2AF45816}) (Version: 1.12.1 - brackets.io) calibre (HKLM\...\{7EA1BF8A-65C7-4780-8F2E-3612F22FE8AA}) (Version: 3.14.0 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6229 - CDBurnerXP) COMODO Internet Security Premium (HKLM\...\{B8984934-ED63-43B4-B1CF-B3928B55F05D}) (Version: 10.1.0.6476 - COMODO Security Solutions Inc.) Hidden COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 10.1.0.6476 - COMODO Security Solutions Inc.) COMODO Secure Shopping (HKLM\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA430655}) (Version: 1.3.134.0 - COMODO) Hidden COMODO Secure Shopping (HKLM\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.3.430655.134 - Comodo) Document Express DjVu Plug-in (HKLM\...\{CC83DD3A-5989-4C4E-986B-46B302D0B719}) (Version: 6.1.33592 - Cuminas Corporation) e-pity 9.3.1 za rok 2017 (HKLM\...\{80D8170E-5590-218-B9ED-E24E4C99A11D}_is1) (Version: 9.3.1 - e-file sp. z o.o. sp.k.) EuroOffice 2017 (HKLM\...\{E8FD8964-F15D-479D-A4F4-634482CE89C4}) (Version: 2017 - MultiRacio Ltd.) FLAC 1.2.1b (remove only) (HKLM\...\FLAC) (Version: 1.2.1b - Xiph.org) foobar2000 v1.1.13 (HKLM\...\foobar2000) (Version: 1.1.13 - Peter Pawlowski) Foxit PDF Editor (HKLM\...\Foxit PDF Editor) (Version: 2.2.0.0205 - Foxit Software) Foxit PDF IFilter (HKLM\...\{761B4ADA-254C-461F-A446-A167E41FA6DD}) (Version: 2.1.1.1503 - Foxit Software) Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.) Git version 2.17.0 (HKLM\...\Git_is1) (Version: 2.17.0 - The Git Development Community) Google Chrome (HKLM\...\Google Chrome) (Version: 66.0.3359.117 - Google Inc.) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden Hack Fonts version 1.6.0 (HKLM\...\HackWindowsInstaller_is1) (Version: 1.6.0 - Michael Hex / Source Foundry) HP Deskjet 3540 series — podstawowe oprogramowanie urządzenia (HKLM\...\{4EDA7928-5429-46E4-8933-B231FBA0009D}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Deskjet 3540 series Pomoc (HKLM\...\{327F1AB6-8DD7-4F5D-9227-3D8B9CFBF1C1}) (Version: 30.0.0 - Hewlett Packard) HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Internet Security Essentials (HKLM\...\ComodoIse) (Version: 1.3.436779.133 - Comodo) Java 7 Update 79 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217079FF}) (Version: 7.0.790 - Oracle) Java 8 Update 151 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) Java SE Development Kit 8 Update 151 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180151}) (Version: 8.0.1510.12 - Oracle Corporation) JavaFX Scene Builder 2.0 (HKLM\...\{B4665EB1-1F7A-44F5-AD07-C20A938E8BC2}) (Version: 2.0 - Oracle) Koala -- A cool tool for web developers (HKLM\...\Koala) (Version: 2.3.0 - koala-app.com) Legimi dla Kindle (HKLM\...\{21FB815F-CF7D-48DA-96EC-E51CA896D27B}) (Version: 1.0.43.0 - Legimi) Lizardtech DjVu Control (HKLM\...\{105CFC7C-6992-11D5-BD9D-000102C10FD8}) (Version: - ) Magical Jelly Bean KeyFinder (HKLM\...\KeyFinder_is1) (Version: 2.0.10.13 - Magical Jelly Bean) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (Polish) (HKLM\...\{95120000-00AF-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation) Microsoft Visual Studio Code (HKLM\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 1.22.2 - Microsoft Corporation) MozBackup 1.4.10 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 59.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x86 en-US)) (Version: 59.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.7.0 - Mozilla) Mozilla Thunderbird 52.7.0 (x86 pl) (HKLM\...\Mozilla Thunderbird 52.7.0 (x86 pl)) (Version: 52.7.0 - Mozilla) Mp3tag v2.84a (HKLM\...\Mp3tag) (Version: 2.84a - Florian Heidenreich) MrvlUsgTracking (HKLM\...\{A82D052A-0806-42DF-80CD-1730A1AC0ED3}) (Version: 1.0.7 - Marvell) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Node.js (HKLM\...\{F961A17E-D7B0-44D9-9C3D-EC3C644ED69F}) (Version: 8.9.4 - Node.js Foundation) Notepad++ (32-bit x86) (HKLM\...\Notepad++) (Version: 7.5.4 - Notepad++ Team) NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) Odkurzacz (HKLM\...\Odkurzacz 14.3_is1) (Version: 14.3.0.4600 - FranmoSoftware - Maciej Opaliński) OpenOffice 4.1.5 (HKLM\...\{7076105B-6FE8-464A-AC28-FFBB2686B68F}) (Version: 4.15.9789 - Apache Software Foundation) Panel sterowania NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden Polski (Akcent) (HKLM\...\{E09BE865-9D80-4440-A740-B1E620ABCC7C}) (Version: 1.0.3.40 - FontyPL) Polski ISO (HKLM\...\{0252C05A-6AD1-429B-A776-043A99AFF59C}) (Version: 1.0.3.40 - FontyPL) Prepros (HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\...\io) (Version: 6.1.1 - Subash Pathak) Rainlendar2 (remove only) (HKLM\...\Rainlendar2) (Version: 2.14 - Rainy) Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.97.1001.2015 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Rejestracja użytkownika drukarki Canon MG3500 series (HKLM\...\Rejestracja użytkownika drukarki Canon MG3500 series) (Version: - ‭Canon Inc.) Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.) Ruby 2.4.3-1-x86 (HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\...\RubyInstaller-2.4-i386-mingw32_is1) (Version: 2.4.3-1 - RubyInstaller Team) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.100 - NVIDIA Corporation) Hidden Simple Adblock (HKLM\...\{3B1BB051-1DC0-4108-B447-EE6D8FEABA06}) (Version: 0.8.4 - Simple Adblock) Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.) Smart 6 B10.0422.1 (HKLM\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE) Sp5 (HKLM\...\{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}) (Version: 5.1.4324.0 - Microsoft) Hidden Sp5Intl (HKLM\...\{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}) (Version: 5.1.4324.0 - Microsoft) Hidden Sp5TTInt (HKLM\...\{E415C943-37E5-473F-8BAE-043C56734124}) (Version: 5.1.4324.0 - Microsoft) Hidden SpCommon (HKLM\...\{6C3959C6-943E-44B3-BAAD-570B04B134E5}) (Version: 5.1.4324.0 - Microsoft) Hidden SpPhones (HKLM\...\{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}) (Version: 6.0.3122.0 - Microsoft) Hidden Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 9.12 - Ghisler Software GmbH) TP-LINK TL-WN725N_TL-WN723N Driver (HKLM\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation) WiScan (HKLM\...\{C584F8EF-CFA4-4493-95AA-C43F66A74D61}) (Version: 1.3.0 - GroupWyse.com) XviD MPEG4 Video Codec (remove only) (HKLM\...\XviD MPEG4 Video Codec) (Version: - ) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => -> Brak pliku ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => -> Brak pliku ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => -> Brak pliku ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-12-05] () ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-01-09] (COMODO) ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-01-09] (COMODO) ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-04] () ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2018-01-02] (Piriform Ltd) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-01-09] (COMODO) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2018-01-02] (Piriform Ltd) ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-04] () ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {02F9A597-BF52-4291-8380-8DCF68628420} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17613.18039-0\MpCmdRun.exe [2018-04-13] (Microsoft Corporation) Task: {10307DDC-90CC-4567-8DD5-0254CD11A02D} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-01-09] (COMODO) Task: {107DD5BA-D579-4A7B-8137-D8AD20B7C146} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17613.18039-0\MpCmdRun.exe [2018-04-13] (Microsoft Corporation) Task: {182C39AB-11F8-4973-9A0A-B6C38DAFD22B} - System32\Tasks\Git for Windows Updater => C:\Program Files\Git\git-bash.exe [2018-04-03] (The Git Development Community) Task: {1A1121A1-08F0-4942-BBA5-31DFDFB089C3} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {1A5A7E48-676B-4B33-86A5-E49758E01BC6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17613.18039-0\MpCmdRun.exe [2018-04-13] (Microsoft Corporation) Task: {1ACB854E-E0CF-4341-8D2D-75BBB958BC20} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2C30B1CF-012D-462F-842A-6E1EEA9DAEF5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated) Task: {2D80E162-C606-49B8-A421-A69650ADD4FC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-04-10] (Microsoft Corporation) Task: {39B1A940-F6AB-4957-878E-403DAEA2F90D} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3DB59E2F-43A4-4ACD-B327-FD185A1D914C} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-01-09] (COMODO) Task: {4AB7AE1D-6892-45BA-99AD-2EEC55B64E0E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-04-12] (Piriform Ltd) Task: {51242544-E3A3-4964-BAD4-46E741D6F550} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-01-09] (COMODO) Task: {5285C375-7313-4C5F-80EE-9C6C3406962E} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRCreate => %windir%\system32\rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SrCmdCLR.exe" -c 1 Task: {5AF24127-A8EF-4D41-8089-5909BFFAB13F} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {65AC2595-1FD2-493D-8920-8B699ABE48E6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {675F9F75-DFA9-4005-80F5-55B01B1D41A2} - System32\Tasks\HPCustParticipation HP Deskjet 3540 series => C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPCustPartic.exe [2017-05-17] (Hewlett-Packard Co.) Task: {72001CCE-615B-4525-AD47-C65773853DAB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {79EE17EB-E58F-4F95-A60A-468BAD5DACE0} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRFilter => %windir%\system32\rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SRFilter.exe" /GBSMART6 -kdl Task: {83B19D6B-54A3-4D42-8CF2-193CFE15E429} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2018-02-17] (Google Inc.) Task: {8BB94B14-6B75-45C8-92C8-F54FE6CDA16A} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-01-09] (COMODO) Task: {8D1E148B-48BA-4F95-BA99-D39D5895368D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {8EE43131-902E-4597-B76D-8598710666F2} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {916BA7FD-A5E6-4F6C-9CD1-A7021817A082} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {977012BC-715A-4E89-87A4-44A7EA454052} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {98FFE0D5-FC49-46E7-9F91-B9DC9D19C5AC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9AE90ADC-AC65-4A10-96DB-CAE8DF88CEF8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9BFB8F36-5F82-4B87-9462-45D30A8B346E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A901EADA-7274-4037-AE9D-8DFEFA5630AC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {AC5E7E33-4E1D-4EE5-AF3E-AF524C98C7C4} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {AC9C1C09-B09F-4E50-9D54-540EC05DC0CB} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2018-01-09] (COMODO) Task: {B3037A25-B8E8-4C3F-B5DF-F3E05B4E9E80} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {BAFAD736-A111-4B8D-B4AF-0AC2E0F50CDD} - System32\Tasks\e-pity2017_styczen => C:\Program Files\e-file\e-pity\Assets\signxml.exe [2018-04-10] (e-file sp. z o.o. sp. k.) Task: {BCDD542D-7506-4C2B-91F7-BF4B57E6199E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {BDA8EBF5-6289-4824-923E-BA8DEAFF743B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {BDCE220E-46ED-4FC1-B88E-B32CA4E8BA49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17613.18039-0\MpCmdRun.exe [2018-04-13] (Microsoft Corporation) Task: {C3A24FBB-73A9-48BB-AD49-A125AD889504} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {C63FBABA-983F-44D4-8081-8ABB3C2BE749} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C8D35E35-A0D2-4CAD-8837-84DCBD6AFCE4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-04-12] (Piriform Ltd) Task: {C95798F8-9A8D-4E72-BD09-B996F933D29F} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2018-01-09] (COMODO) Task: {CA37CCCF-4EDA-4652-B4BE-43684A71576A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [2018-04-11] (Adobe Systems Incorporated) Task: {D61C034F-CE9C-4CF0-B63D-AA2E8628E56D} - System32\Tasks\e-pity2017_kwiecien => C:\Program Files\e-file\e-pity\Assets\signxml.exe [2018-04-10] (e-file sp. z o.o. sp. k.) Task: {DB72DED9-55FD-4560-A407-95A760292927} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-11] (Adobe Systems Incorporated) Task: {DC8C2362-3C09-4DCD-984B-F9B8E5ABA4D8} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-01-09] (COMODO) Task: {E0E57650-35B3-49CA-9053-A3F7C158CD08} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {E212E4C0-BE79-4451-B884-1F1133D69D9A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2018-02-17] (Google Inc.) Task: {E4CA5B54-EE6F-40D6-8EB8-2C57F7373988} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-01-09] (COMODO) Task: {EC983AE2-8277-43E5-8615-D0D3D9047EC2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {ED892FF9-CCCB-4AB8-ABDD-EC2C9393173C} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Piotr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6c0b951e69aa5b9e\Koala.lnk -> E:\Program Files\Koala\Koala.exe (The NWJS Community) -> --user-data-dir="C:\Users\Piotr\AppData\Local\Koala\User Data" --profile-directory=Default --app-id=nbcfhoaboniogapedbkoengejahmpnbi ==================== Załadowane moduły (filtrowane) ============== 2017-09-29 13:49 - 2017-09-29 13:49 - 000149840 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2016-08-20 22:34 - 2016-11-14 13:00 - 000123448 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2018-01-09 01:16 - 2018-01-09 01:16 - 000132520 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll 2018-01-09 01:15 - 2018-01-09 01:15 - 000096168 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll 2018-01-09 01:15 - 2018-01-09 01:15 - 000195496 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll 2017-09-07 09:37 - 2017-09-07 09:37 - 000067264 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2018-03-14 11:59 - 2018-02-22 02:12 - 007817728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2018-03-14 11:59 - 2018-02-22 02:09 - 001518592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-04-17 07:33 - 2018-04-17 07:33 - 000048128 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11803.1001.8.0_x86__8wekyb3d8bbwe\WinStoreTasksWrapper.dll 2018-04-17 07:33 - 2018-04-17 07:33 - 000157184 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11803.1001.8.0_x86__8wekyb3d8bbwe\WinStore.Preview.dll 2015-11-13 13:57 - 2015-11-13 13:57 - 002739240 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe 2015-08-14 08:31 - 2015-08-14 08:31 - 000252928 _____ () C:\Program Files\Rainlendar2\libical.dll 2015-08-14 08:31 - 2015-08-14 08:31 - 000051200 _____ () C:\Program Files\Rainlendar2\libicalss.dll 2014-05-04 12:48 - 2014-05-04 12:48 - 000197632 _____ () C:\Program Files\Rainlendar2\lua52.dll 2015-11-13 13:57 - 2015-11-13 13:57 - 000068136 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll 2014-05-04 12:49 - 2014-05-04 12:49 - 000027648 _____ () C:\Program Files\Rainlendar2\lfs.dll 2017-09-29 13:50 - 2017-09-29 13:50 - 000518144 _____ () C:\Windows\System32\msjetoledb40.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\JTHTML_portable.zip:$CmdTcID [64] AlternateDataStreams: C:\JTHTML_portable.zip:$CmdZnID [26] AlternateDataStreams: C:\WINDOWS\system32\AcpiServiceVnA.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\AERTACap.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\AERTARen.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-core-file-l1-2-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-core-file-l2-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-eventing-provider-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\audioLibVc.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\CX32APO.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DDPA32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DDPD32A.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DDPO32A.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DDPP32A.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\DolbyDAX2APOProp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DolbyDAX2APOv201.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DolbyDAX2APOv211.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DTSGFXAPO.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DTSLFXAPO.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DTSLimiterDLL.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DTSS2SpeakerDLL.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DTSSymmetryDLL.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DTSU2PGFX32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DTSU2PLFX32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DTSU2PREC32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DTSVoiceClarityDLL.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\FMAPO.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\HiFiDAX2API.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\hpinkcoiC711.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\hpinkinsC711.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\HPScanTRDrv_DJ3540.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\HPWia2_DJ3540.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\ICEsoundAPO.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\java.exe:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\jswscsup.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\KAAPORT.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO20.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO30.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO40.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO50.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO60.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPO70.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioAPOShell.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioEQ.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\MaxxAudioRealtek.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MaxxSpeechAPO.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO20.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO30.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MaxxVoiceAPO40.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MaxxVolumeSDAPO.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\MISS_APO.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\mshtmlmedia.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msstdfmt.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\NAHIMICAPOlfx.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\NahimicAPONSControl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\NAHIMICV2apo.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvcompiler.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvcuda.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvcuvid.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvd3dum.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispco3234144.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispco3234174.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispco3234200.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispco3234201.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco3234144.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco3234174.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco3234200.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco3234201.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\NvFBC.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvhdagenco3220103.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvhdap32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\NvIFR.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvoglv32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvopencl.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\powertracker.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RdpGroupPolicyExtension.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RP3DAA32.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\RP3DHT32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RTEED32A.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RTEEG32A.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RTEEL32A.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RTEEP32A.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RtkApoApi.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RtkPgExt.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RtNicProp32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RTNUninst32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\RTSndMgr.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SEAPO32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SECOMN32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SEHDRA32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SFAPO.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SFCOM.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SFNHK.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SFSS_APO.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\sl3apo32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\slcnt32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\slprp32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\sltech32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SRAPO.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SRCOM.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SRRPTR.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SRSHP360.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SRSTSHD.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SRSTSXT.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\SRSWOW.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\tadefxapo.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\tadefxapo2.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\TepeqAPO.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\tosade.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\tosasfapo32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\toseaeapo32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\tossaeapo32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\tossaemaxapo32.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WavesGUILib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WavesLib.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\jswpslwf.sys:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvhda32v.sys:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvlddmkm.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\RimSerial.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\Rt86win7.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHDA.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbaapl.sys:$CmdTcID [130] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:04 - 2018-01-12 09:54 - 000000059 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 awwab.adsbtrack.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Piotr\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSCN1343.JPG DNS Servers: 194.204.152.34 - 194.204.159.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon MSCONFIG\startupreg: EasyTuneVI => C:\Program Files\GIGABYTE\ET6\ETCall.exe MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE MSCONFIG\startupreg: ISUSPM Startup => "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" HKLM\...\StartupApproved\StartupFolder: => "TP-LINK Wireless Configuration Utility.lnk" HKLM\...\StartupApproved\Run: => "vdcss" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "tvncontrol" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run: => "PrnStatusMX" HKLM\...\StartupApproved\Run: => "UnlockerAssistant" HKLM\...\StartupApproved\Run: => "HP Software Update" HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\...\StartupApproved\Run: => "Uninstall C:\Users\Piotr\AppData\Local\Microsoft\OneDrive\17.3.5892.0626" HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_555C9C84E87400ED348C4CD617569470" HKU\S-1-5-21-2399471354-2781755390-4139130681-1000\...\StartupApproved\Run: => "Legimi dla Kindle" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe FirewallRules: [{706EDD75-F891-40C7-868D-733D9C76C8C2}] => (Block) C:\ruby24\bin\ruby.exe FirewallRules: [{C2C26D52-7570-46D1-A34F-238FEF6A72CC}] => (Block) C:\ruby24\bin\ruby.exe FirewallRules: [UDP Query User{709BADE5-0833-4F78-A8C1-1309923A11C0}C:\ruby24\bin\ruby.exe] => (Allow) C:\ruby24\bin\ruby.exe FirewallRules: [TCP Query User{9E305176-5317-4817-B2E9-AD33141F564F}C:\ruby24\bin\ruby.exe] => (Allow) C:\ruby24\bin\ruby.exe FirewallRules: [{E7CB37E1-5870-410C-8C45-144FC2FE2D1E}] => (Allow) C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F90A49C8-448F-454C-A2DE-9A5695281AE1}] => (Allow) C:\Users\Piotr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [UDP Query User{84E5BB07-BBB8-4009-98D5-24C937FC8EB1}C:\programdata\oracle\java\javapath_target_757543015\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_757543015\java.exe FirewallRules: [TCP Query User{D2402465-782D-475D-BF1D-A4A0BA6BB616}C:\programdata\oracle\java\javapath_target_757543015\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_757543015\java.exe FirewallRules: [TCP Query User{BF08F033-B2C9-490D-AA49-A55A4994A040}C:\users\piotr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\piotr\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{F0BDC61E-9E28-4F23-B341-3898D4789C52}C:\users\piotr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\piotr\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{1807BBC0-08F9-450D-B15B-F6BF934F4715}C:\users\piotr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\piotr\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{5F487A3E-2D30-4C84-A68D-FFAB319292F0}C:\users\piotr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\piotr\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{2BF0E750-EE4F-4AD3-BE24-82006D3472F2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{A46C83B3-A956-4B12-9A3B-42C5D7DB72F1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{8EF99C57-3D06-4F0E-8730-063D62A09E5A}C:\program files\foobar2000\foobar2000.exe] => (Allow) C:\program files\foobar2000\foobar2000.exe FirewallRules: [UDP Query User{CA7D27D4-0049-4A4B-BE46-A3FC657FF3EB}C:\program files\foobar2000\foobar2000.exe] => (Allow) C:\program files\foobar2000\foobar2000.exe FirewallRules: [{259DF7F6-280C-40F7-98A9-79976720B4EE}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{FB81DB10-6D6B-4430-BF62-3D0DF9877222}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe FirewallRules: [{E21AF28E-AC4D-4D11-B9C8-65BF1AB4EC7C}] => (Allow) LPort=5357 FirewallRules: [{18E4886E-15A1-4FC3-98F6-2708457F3A98}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [TCP Query User{56806550-E4AE-4831-AAC0-F0C448DF24B6}C:\program files\java\jdk1.8.0_151\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_151\jre\bin\java.exe FirewallRules: [UDP Query User{19FA1AC0-78F0-4BFA-853F-CEB7E94CFCB2}C:\program files\java\jdk1.8.0_151\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_151\jre\bin\java.exe FirewallRules: [TCP Query User{B19460EA-3F78-4396-8ACB-726673E88F22}C:\program files\brackets\node.exe] => (Allow) C:\program files\brackets\node.exe FirewallRules: [UDP Query User{4E4095AB-9AD9-478F-8831-958ED06522FD}C:\program files\brackets\node.exe] => (Allow) C:\program files\brackets\node.exe FirewallRules: [{8063C4B9-B999-48F0-A37A-3C0FE161CE9E}] => (Block) C:\program files\brackets\node.exe FirewallRules: [{2E098574-0F49-44B1-A489-50ADC1FD7EEE}] => (Block) C:\program files\brackets\node.exe FirewallRules: [TCP Query User{E5FB33D1-27B1-4F7E-8A42-DEA5267B9F25}E:\totalcmd\totalcmd.exe] => (Allow) E:\totalcmd\totalcmd.exe FirewallRules: [UDP Query User{F0BB5E42-C4D6-4369-B15A-6A9AD92D9D95}E:\totalcmd\totalcmd.exe] => (Allow) E:\totalcmd\totalcmd.exe FirewallRules: [{6C21C07C-D2FE-4C0C-8744-7CAC3CA54A51}] => (Block) E:\totalcmd\totalcmd.exe FirewallRules: [{1C491EE8-89EE-422C-9A8E-F6BF9C43991F}] => (Block) E:\totalcmd\totalcmd.exe FirewallRules: [TCP Query User{C8A3557E-1BFC-4EED-A88E-A96CB5A79B12}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [UDP Query User{E1B73483-5E1F-4B97-81D2-C2238E1EF9C7}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [{E27CA3BB-EF2F-473A-BF7F-876835BF1A74}] => (Block) C:\windows\system32\java.exe FirewallRules: [{1297B171-C437-49BF-BA6E-C7AE9C812D70}] => (Block) C:\windows\system32\java.exe FirewallRules: [TCP Query User{C5A637E3-028F-41DB-A852-8FEBEA35B37B}C:\users\piotr\appdata\local\io\app-6.1.1\prepros.exe] => (Allow) C:\users\piotr\appdata\local\io\app-6.1.1\prepros.exe FirewallRules: [UDP Query User{5081756F-50C0-4B87-99FC-FABCA1B17102}C:\users\piotr\appdata\local\io\app-6.1.1\prepros.exe] => (Allow) C:\users\piotr\appdata\local\io\app-6.1.1\prepros.exe FirewallRules: [{10A53972-AE77-4BFE-828F-38A34EF41C6F}] => (Block) C:\users\piotr\appdata\local\io\app-6.1.1\prepros.exe FirewallRules: [{B7336035-0276-4FB7-80DF-FB2E57D8ADE7}] => (Block) C:\users\piotr\appdata\local\io\app-6.1.1\prepros.exe FirewallRules: [TCP Query User{D115E295-AFB0-47D6-B9F3-540F8D34717F}E:\program files\nodejs\node.exe] => (Allow) E:\program files\nodejs\node.exe FirewallRules: [UDP Query User{43ED19A7-75E1-4486-8316-50E41C48D12C}E:\program files\nodejs\node.exe] => (Allow) E:\program files\nodejs\node.exe FirewallRules: [{E07F3A8C-6139-4322-AA3A-14DD02436D44}] => (Block) E:\program files\nodejs\node.exe FirewallRules: [{7AE2516F-D929-4805-AA31-31FC36229EF3}] => (Block) E:\program files\nodejs\node.exe FirewallRules: [TCP Query User{034F843D-556C-4D88-9065-B96EF36389D1}C:\program files\microsoft vs code\code.exe] => (Allow) C:\program files\microsoft vs code\code.exe FirewallRules: [UDP Query User{C230B5ED-21D9-4B3B-9C56-4297EB000BA1}C:\program files\microsoft vs code\code.exe] => (Allow) C:\program files\microsoft vs code\code.exe FirewallRules: [{BCFDE0AF-2D19-4118-AF68-F2026E577CFD}] => (Block) C:\program files\microsoft vs code\code.exe FirewallRules: [{DA070ECB-62C8-4F1E-8B1C-8BD2C6B50567}] => (Block) C:\program files\microsoft vs code\code.exe FirewallRules: [{E0CD7F15-49EC-47A4-AE0B-12E2F2531120}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= 10-04-2018 20:57:24 Windows Update 15-04-2018 11:43:30 Windows Update 22-04-2018 19:24:37 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (04/24/2018 04:01:34 PM) (Source: ESENT) (EventID: 489) (User: ) Description: taskhostw (5928,G,0) Próba otwarcia pliku „C:\Users\Piotr\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat” w trybie tylko do odczytu zakończyła się niepomyślnie z błędem systemowym 32 (0x00000020): „Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. ”. Operacja otwierania pliku zostanie zakończona z błędem -1032 (0xfffffbf8). Error: (04/22/2018 08:52:20 AM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: Event-ID 1 Error: (04/20/2018 11:05:23 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Nie powiodło się wykonanie procedury otwierania dla usługi „BITS” w bibliotece DLL „C:\Windows\System32\bitsperf.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu. Error: (04/16/2018 12:12:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: ZARZĄDZANIE NT) Description: System Windows nie może załadować pliku rejestru klas. SZCZEGÓŁY — Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. Error: (04/16/2018 12:12:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: ZARZĄDZANIE NT) Description: System Windows nie może załadować rejestru. Częstą przyczyną tego problemu jest za mała ilość pamięci lub brak wystarczających praw zabezpieczeń. SZCZEGÓŁY - Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. for C:\Users\Piotr\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (04/15/2018 04:46:13 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: ZARZĄDZANIE NT) Description: System Windows nie może usunąć katalogu profilów C:\Users\TEMP.JEŻ.000. Przyczyną błędu może być to, że pliki w tym katalogu są używane przez inny program. SZCZEGÓŁY — Katalog nie jest pusty. Error: (04/15/2018 04:45:20 PM) (Source: ESENT) (EventID: 522) (User: ) Description: ShellExperienceHost (6984,P,0) TILEREPOSITORYS-1-5-21-2399471354-2781755390-4139130681-1000: Próba otwarcia urządzenia o nazwie „\\.\C:” zawierającego „C:\” nie powiodła się z powodu błędu systemu 5 (0x00000005): „Odmowa dostępu. ”. Operacja nie powiedzie się z powodu błędu -1032 (0xfffffbf8). Error: (04/15/2018 04:45:20 PM) (Source: ESENT) (EventID: 522) (User: ) Description: ShellExperienceHost (6984,P,0) TILEREPOSITORYS-1-5-21-2399471354-2781755390-4139130681-1000: Próba otwarcia urządzenia o nazwie „\\.\C:” zawierającego „C:\” nie powiodła się z powodu błędu systemu 5 (0x00000005): „Odmowa dostępu. ”. Operacja nie powiedzie się z powodu błędu -1032 (0xfffffbf8). Dziennik System: ============= Error: (04/24/2018 03:55:14 PM) (Source: SNMP) (EventID: 1500) (User: ) Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error: (04/24/2018 03:55:05 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 15:52:28 na ‎24.‎04.‎2018 było nieoczekiwane. Error: (04/24/2018 03:15:31 PM) (Source: SNMP) (EventID: 1500) (User: ) Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error: (04/24/2018 02:22:06 PM) (Source: SNMP) (EventID: 1500) (User: ) Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error: (04/24/2018 11:59:20 AM) (Source: SNMP) (EventID: 1500) (User: ) Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error: (04/24/2018 08:20:36 AM) (Source: SNMP) (EventID: 1500) (User: ) Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error: (04/24/2018 07:49:29 AM) (Source: DCOM) (EventID: 10010) (User: JEŻ) Description: Serwer {7E203817-236D-4E25-B5C9-EC22048B2B6D} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (04/24/2018 07:29:39 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa NetTcpActivator zależy od usługi NetTcpPortSharing, której nie można uruchomić z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Windows Defender: =================================== Date: 2018-04-24 08:53:55.461 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {0C14B454-234A-4F89-B33B-9FDFD312D76B} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2018-04-24 08:32:39.618 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {7A5A31E1-6E06-4424-8F00-AF66E67BC1B8} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2018-04-23 23:02:58.053 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {948679B9-CB9A-43C6-BDDF-372D0F50BECD} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2018-04-22 08:43:46.189 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {F9220E93-EBCE-479A-AB13-A95291EF5253} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2018-04-22 08:30:41.072 Description: Skanowanie produktu Program antywirusowy Windows Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {89091322-66F9-40AF-B242-E35075309905} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2018-03-02 08:24:53.232 Description: Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu: 1.263.65.0 Poprzednia wersja podpisu: 1.263.14.0 Źródło aktualizacji: Folder aktualizacji podpisów Typ podpisu: Oprogramowanie antyszpiegowskie Typ aktualizacji: Różnica Użytkownik: ZARZĄDZANIE NT\SYSTEM Bieżąca wersja aparatu: 1.1.14600.4 Poprzednia wersja aparatu: 1.1.14600.4 Kod błędu: 0x80004004 Opis błędu: Operacja przerwana. Date: 2018-03-02 08:24:53.232 Description: Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu: 1.263.65.0 Poprzednia wersja podpisu: 1.263.14.0 Źródło aktualizacji: Folder aktualizacji podpisów Typ podpisu: Oprogramowanie antywirusowe Typ aktualizacji: Różnica Użytkownik: ZARZĄDZANIE NT\SYSTEM Bieżąca wersja aparatu: 1.1.14600.4 Poprzednia wersja aparatu: 1.1.14600.4 Kod błędu: 0x80004004 Opis błędu: Operacja przerwana. Date: 2018-02-09 18:05:06.233 Description: Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu: Poprzednia wersja podpisu: 1.261.957.0 Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem Typ podpisu: Oprogramowanie antywirusowe Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\USŁUGA SIECIOWA Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.14500.5 Kod błędu: 0x80072ee7 Opis błędu: Nie można określić nazwy serwera lub adresu. Date: 2018-02-09 18:05:06.232 Description: Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu: Poprzednia wersja podpisu: 118.2.0.0 Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem Typ podpisu: System inspekcji sieci Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\USŁUGA SIECIOWA Bieżąca wersja aparatu: Poprzednia wersja aparatu: 2.1.14202.0 Kod błędu: 0x80072ee7 Opis błędu: Nie można określić nazwy serwera lub adresu. Date: 2018-02-09 18:05:06.214 Description: Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu: Poprzednia wersja podpisu: 1.261.957.0 Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem Typ podpisu: Oprogramowanie antywirusowe Typ aktualizacji: Pełne Użytkownik: ZARZĄDZANIE NT\USŁUGA SIECIOWA Bieżąca wersja aparatu: Poprzednia wersja aparatu: 1.1.14500.5 Kod błędu: 0x80072ee7 Opis błędu: Nie można określić nazwy serwera lub adresu. CodeIntegrity: =================================== Date: 2018-04-24 16:05:16.448 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard32.dll that did not meet the Windows signing level requirements. Date: 2018-04-24 16:05:16.437 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard32.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-04-24 16:01:47.955 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard32.dll that did not meet the Microsoft signing level requirements. Date: 2018-04-24 16:01:47.943 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard32.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-04-24 16:00:38.444 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard32.dll that did not meet the Microsoft signing level requirements. Date: 2018-04-24 16:00:38.422 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard32.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-04-24 16:00:37.738 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\cssguard32.dll that did not meet the Microsoft signing level requirements. Date: 2018-04-24 16:00:37.389 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard32.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz Procent pamięci w użyciu: 60% Całkowita pamięć fizyczna: 3319.49 MB Dostępna pamięć fizyczna: 1304.53 MB Całkowita pamięć wirtualna: 6647.49 MB Dostępna pamięć wirtualna: 3997.77 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:194.77 GB) (Free:34 GB) NTFS Drive e: (Drugi) (Fixed) (Total:270.44 GB) (Free:24.41 GB) NTFS \\?\Volume{f36089ba-a7b5-11e0-ad3a-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{8e81c2bf-0000-0000-0000-e0b730000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 8E81C2BF) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=194.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=270.4 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================