Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 15.09.2018 Uruchomiony przez Kuba (19-09-2018 11:34:04) Uruchomiony z C:\Users\Kuba\Desktop Windows 10 Pro Wersja 1803 17134.285 (X64) (2018-08-25 17:25:36) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2326668453-3646163684-3472819236-500 - Administrator - Disabled) Gość (S-1-5-21-2326668453-3646163684-3472819236-501 - Limited - Disabled) Konto domyślne (S-1-5-21-2326668453-3646163684-3472819236-503 - Limited - Disabled) Kuba (S-1-5-21-2326668453-3646163684-3472819236-1001 - Administrator - Enabled) => C:\Users\Kuba WDAGUtilityAccount (S-1-5-21-2326668453-3646163684-3472819236-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated) Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.1.5273 - AVAST Software) Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software) Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - ) Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - ) CanoScan LiDE 200 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807) (Version: - ) Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.53.0 - OEM) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0598 - Disc Soft Ltd) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.2207.101.108 - ALPS ELECTRIC CO., LTD.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.92 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 20.1 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4885 - Intel Corporation) Microsoft DirectX SDK (March 2009) (HKLM-x32\...\Microsoft DirectX SDK (March 2009)) (Version: 9.26.1590.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2326668453-3646163684-3472819236-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0006 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (HKLM\...\{90150000-001F-0415-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Nero 9 Essentials (HKLM-x32\...\{ed854897-bc16-45da-841b-79b9d4608502}) (Version: - Nero AG) NVIDIA nView 149.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 149.34 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 391.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.89 - NVIDIA Corporation) NVIDIA Sterownik graficzny 391.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.89 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{4e75a24b-6cc4-4a46-accf-525f8a08c533}) (Version: 10.1.1.18 - Intel(R) Corporation) Hidden Panel sterowania NVIDIA 391.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.89 - NVIDIA Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.06.07 - Samsung Electronics Co., Ltd.) Samsung ML-2160 Series (HKLM-x32\...\Samsung ML-2160 Series) (Version: 1.07 (08.05.2012) - Samsung Electronics Co., Ltd.) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: - Samsung Electronics Co., Ltd.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Update for Skype for Business 2015 (KB4092457) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E37AFD2E-770B-4C2B-B82F-CE405CB26945}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4092457) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUSR_{E37AFD2E-770B-4C2B-B82F-CE405CB26945}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4092457) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E37AFD2E-770B-4C2B-B82F-CE405CB26945}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A6F2ADC4-12C4-41E8-B90B-3BE018F5787C}) (Version: 2.48.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WinRAR 5.60 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2326668453-3646163684-3472819236-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Kuba\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Kuba\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Kuba\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Kuba\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Kuba\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Kuba\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Kuba\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-07-16] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-07-16] (Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-08-22] (Disc Soft Ltd) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Kuba\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-08-22] (Disc Soft Ltd) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Kuba\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ContextMenuHandlers4: [Convert] -> {9f95ca1a-e80e-4c0f-acd1-4c9b7900b982} => C:\Program Files (x86)\Microsoft DirectX SDK (March 2009)\Utilities\bin\x64\TxView.dll [2009-03-16] (Microsoft Corporation) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Kuba\AppData\Local\MEGAsync\ShellExtX64.dll -> Brak pliku ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2018-07-21] () ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-02-26] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-07-20] (NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-25] (AVAST Software) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-07-16] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-07-16] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1640DF45-BC8D-4D48-AED5-321F515EDD8B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-09-14] (Google Inc.) Task: {1AD176F0-06FB-4D9D-94D3-EACE7C82EEE2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-25] (AVAST Software) Task: {35F78ADD-6E20-4F77-AC77-6FB7C08AE96F} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe Task: {37E5A46A-56F2-4614-910A-E4FFB29DB416} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {7C3856F1-D459-4EB9-9C3A-5227C4A6C8F9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {AB7BBE62-5413-469E-9E9A-FA2813ACEB7D} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2018-07-21] () Task: {B9D35337-0A6C-412E-B367-11855ADD1C1A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {C7B9F147-EDBB-4E9A-8306-D0BBF06D5388} - System32\Tasks\Driver Booster SkipUAC (Kuba) => F:\Driver Booster\5.5.1\DriverBooster.exe Task: {CF5666C6-C690-4C25-AEC4-922C5C5AAB8C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-09-14] (Google Inc.) Task: {CFAB5A26-8F41-4AD1-A8FC-033F6440B632} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {D4EAE512-FC40-4F63-86BF-DE285DF82397} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-09-16] (AVAST Software) Task: {E5C96F30-0853-42A9-8976-EA688835BFC2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated) Task: {F347F680-B5BE-4A97-9284-A2B339E9D67C} - System32\Tasks\Avast TUNEUP Update => F:\Avast Cleanup\TUNEUpdate.exe [2018-07-24] (AVAST Software) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2018-08-26 11:24 - 2011-04-25 13:24 - 000034304 _____ () C:\WINDOWS\System32\ssj1mlm.dll 2016-02-15 21:01 - 2016-02-15 21:01 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll 2018-08-26 11:23 - 2012-03-23 07:42 - 001167360 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\ssj1mdu.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-09-13 21:15 - 2018-08-31 05:12 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2010-12-17 18:13 - 2010-12-17 18:13 - 000438784 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe 2010-12-17 18:13 - 2010-12-17 18:13 - 000050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll 2018-09-04 11:51 - 2018-09-04 11:51 - 003083264 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DotNetCommon\b8877402c6daaab34b7d925bfd5ac8bd\DotNetCommon.ni.dll 2018-08-25 11:27 - 2018-08-25 11:27 - 000575704 _____ () c:\program files\avast software\avast\streamback.dll 2018-08-25 11:35 - 2018-08-25 11:35 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2018-09-14 16:58 - 2016-09-12 15:53 - 048936448 _____ () F:\Avast Cleanup\libcef.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2015-07-10 13:04 - 2018-09-09 20:24 - 000000827 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2326668453-3646163684-3472819236-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKU\S-1-5-21-2326668453-3646163684-3472819236-1001\...\StartupApproved\Run: => "OneDrive" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{9E336AA7-E9B3-49AF-9387-30D1B29EF83E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{C9FA25E3-7150-4813-A131-864969F519BB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{A993C53E-6C6E-4E4B-B6BB-B2BE71B3AE5D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{2AFECB4F-5073-4EDB-A3E0-4B51AFD02039}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1D5429B2-6D1E-4ABB-B1B3-BB290B0222D9}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe FirewallRules: [{3A729954-0968-4A5E-8CAC-4E4010DD41E0}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{3A402F7D-1B69-4390-81FC-4A2F133BC488}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{52E97F8C-9F97-4B59-BAFE-BF26B365FAA0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe FirewallRules: [{28FD474E-BF0D-4766-9148-AB5D836E3103}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe FirewallRules: [{323E13F0-2DE1-4140-ADBB-A7B33A1E51A5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe FirewallRules: [{3452890E-1EC0-4DE3-B9C6-5F71C5D10515}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe FirewallRules: [{DEA06400-D8CF-4F0E-B076-8A544FF7FBBB}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe FirewallRules: [{CBE31C31-BCEE-4EC3-AD24-11D619FE9DDC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe FirewallRules: [{F8C211B1-D546-436A-AC3D-A65AAC344DB0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe FirewallRules: [{655E7911-B1E3-458F-8CBC-A3CAF7FE5CC6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe FirewallRules: [{ACAB0851-B402-419D-9622-85D0804FCBF1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{D9DA2C7A-F7AA-45D7-989F-B96DE53474A0}] => (Allow) F:\steam\Steam.exe FirewallRules: [{F1956F62-F2F4-48D9-80AB-2C7DC6459CB6}] => (Allow) F:\steam\Steam.exe FirewallRules: [{BAFB59AA-730A-44A0-A638-F65676F30203}] => (Allow) F:\steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{BE5AD643-588B-40B3-B743-1E5D685B82D9}] => (Allow) F:\steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B94CC6CE-E8D0-453F-8774-1A82B5EC8D7D}] => (Allow) F:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{C915D12C-2FD3-4116-AEC4-EFF12F51190D}] => (Allow) F:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{4BCE5540-B871-485D-ADF9-509438539D8A}] => (Allow) F:\steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{8B3EB0D2-F936-4DCE-9765-58BEC7A361FE}] => (Allow) F:\steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{1A17A937-FB09-4DCD-823C-B5C30F456186}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{38C5D3CD-2A11-48C3-8767-FE51D4CE6758}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{73CD1C1A-760B-4853-9971-507A01A2A9D1}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe ==================== Punkty Przywracania systemu ========================= 12-09-2018 09:45:33 Windows Update 12-09-2018 09:45:53 Windows Update 16-09-2018 10:48:22 Installed inSSIDer 4 ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (09/19/2018 11:30:49 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (09/19/2018 11:30:27 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (09/19/2018 11:25:51 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-3GFQA5O) Description: httphttp-2147467263 Error: (09/19/2018 11:18:19 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (09/19/2018 11:18:16 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=5 Error: (09/19/2018 11:17:55 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent Error: (09/18/2018 03:56:27 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=4 Error: (09/18/2018 03:56:21 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Dziennik System: ============= Error: (09/19/2018 11:30:15 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-3GFQA5O) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-3GFQA5O\Kuba o identyfikatorze zabezpieczeń SID (S-1-5-21-2326668453-3646163684-3472819236-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (09/19/2018 11:29:38 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3GFQA5O) Description: Serwer {F9717507-6651-4EDB-BFF7-AE615179BCCF} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (09/19/2018 11:29:38 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3GFQA5O) Description: Serwer {F9717507-6651-4EDB-BFF7-AE615179BCCF} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (09/19/2018 11:29:38 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3GFQA5O) Description: Serwer {F9717507-6651-4EDB-BFF7-AE615179BCCF} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (09/19/2018 11:29:38 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3GFQA5O) Description: Serwer {F9717507-6651-4EDB-BFF7-AE615179BCCF} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (09/19/2018 11:29:38 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-3GFQA5O) Description: Serwer {F9717507-6651-4EDB-BFF7-AE615179BCCF} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (09/19/2018 11:29:37 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-3GFQA5O) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami Niedostępny w celu uruchomienia serwera: {E48EDA45-43C6-48E0-9323-A7B2067D9CD5} Error: (09/19/2018 11:29:29 AM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami Niedostępny w celu uruchomienia serwera: {9E175B68-F52A-11D8-B9A5-505054503030} ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz Procent pamięci w użyciu: 11% Całkowita pamięć fizyczna: 16286.65 MB Dostępna pamięć fizyczna: 14406.46 MB Całkowita pamięć wirtualna: 18718.65 MB Dostępna pamięć wirtualna: 16967.78 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:159.8 GB) (Free:94.07 GB) NTFS Drive f: (Nowy) (Fixed) (Total:78.12 GB) (Free:58.9 GB) NTFS \\?\Volume{cfe47bc6-187b-4db7-9d44-3e5032b93fec}\ () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS \\?\Volume{dd267062-16f4-4684-86c4-fc8373545be7}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 9BA896E4) Partition: GPT. ==================== Koniec Addition.txt ============================