Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 01.01.2019 Uruchomiony przez Bartek (03-01-2019 21:10:34) Uruchomiony z C:\Users\Bartek\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2016-08-25 20:31:33) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-360975752-3786565279-1083807947-500 - Administrator - Disabled) Bartek (S-1-5-21-360975752-3786565279-1083807947-1001 - Administrator - Enabled) => C:\Users\Bartek Gość (S-1-5-21-360975752-3786565279-1083807947-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-360975752-3786565279-1083807947-1002 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Microsoft Security Essentials (Disabled - Out of date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95} AS: Microsoft Security Essentials (Disabled - Out of date) {CDE0C533-D3CD-62A1-E772-AFADDF863628} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-360975752-3786565279-1083807947-1001\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.13.0.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.13.0.21 - NVIDIA Corporation) Hidden ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0020 - ASUS) CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform) ChallengeMe.GG Client version 1.5 (HKLM-x32\...\{7A91C052-5E4E-441C-A3A5-84B100B98166}_is1) (Version: 1.5 - CME.GG) CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien) CodeBlocks (HKU\S-1-5-21-360975752-3786565279-1083807947-1001\...\CodeBlocks) (Version: 16.01 - The Code::Blocks Team) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Gameforge Live 2.0.13 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge) Genesis Xenon 200 Driver v1.1.0 (HKLM-x32\...\{C064C7ED-06F0-411C-B39E-28111B3B18B6}_is1) (Version: - ) GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games) Heroes of Might and Magic III (HKLM-x32\...\{8B743AA0-53B2-11D2-808A-00600895FB43}) (Version: 1.0 - ) Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{ACC75323-DB4A-4F7F-9AF3-1D1DEFF2D1B5}) (Version: - ) HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd) Java 8 Update 192 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180192F0}) (Version: 8.0.1920.12 - Oracle Corporation) JetBrains PyCharm Community Edition 2018.2.4 (HKLM-x32\...\PyCharm Community Edition 2018.2.4) (Version: 182.4505.26 - JetBrains s.r.o.) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Metin2 (HKLM-x32\...\Metin2_PL_is1) (Version: - Gameforge 4D GmbH) Microsoft .NET Framework 4.6.1 (PLK) (HKLM\...\{D93AC424-07D7-3992-B0C8-BDCB79173757}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Hotfix Rollup (KB3146716) (HKLM\...\{E026AF51-E2EB-33CF-AC15-09308053FAA7}) (Version: 4.6.01078 - Microsoft Corporation) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 63.0.1 (x64 pl) (HKLM\...\Mozilla Firefox 63.0.1 (x64 pl)) (Version: 63.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2 - Mozilla) MTA:SA v1.5.4 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.4 - Multi Theft Auto) Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM\...\{90160000-001F-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Need For Speed Underground 2 version 1.2.0.0 (HKLM-x32\...\Need For Speed Underground 2_is1) (Version: 1.2.0.0 - Mr DJ) NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 341.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.98 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 341.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.98 - NVIDIA Corporation) NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.0.7.34 - NVIDIA Corporation) Hidden NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 1.0.0.0 - NVIDIA Corporation) Hidden Opera Stable 57.0.3098.106 (HKU\S-1-5-21-360975752-3786565279-1083807947-1001\...\Opera 57.0.3098.106) (Version: 57.0.3098.106 - Opera Software) Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf) Overwolf.Setup.VC100CRTx86.Dist (HKLM-x32\...\{8989DBC1-E87B-448F-9147-57EEEC5A24A5}) (Version: 1.0.0 - Overwolf) Hidden Panel sterowania NVIDIA 341.98 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 341.98 - NVIDIA Corporation) Hidden Python 3.7.0 (Anaconda3 5.3.0 64-bit) (HKU\S-1-5-21-360975752-3786565279-1083807947-1001\...\Python 3.7.0 (Anaconda3 5.3.0 64-bit)) (Version: 5.3.0 - Anaconda, Inc.) Sanny Builder 3.2.2 (HKLM-x32\...\Sanny Builder 3_is1) (Version: - ) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0320 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.0.7.34 - NVIDIA Corporation) Hidden SHU (HKLM-x32\...\{DF11DD92-DBB8-4F3F-9564-A8BBDBE986F5}_is1) (Version: 1.0 - ScreenShu Software) Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-360975752-3786565279-1083807947-1001\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH) Texmaker 5.0.3 (64-bit) (HKLM-x32\...\{7209FF10-D27D-432F-A705-84F02D136C7E}) (Version: 5.0.3.0 - Texmaker) TS Notifier (HKLM-x32\...\{D88D739F-72B4-48A7-A37D-12AD10A3B0EA}) (Version: 1.6.0004 - Andreas Gebert) Update for Skype for Business 2016 (KB3114696) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{7A411660-6F59-4704-B90D-E37E20790CF2}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3114696) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{7A411660-6F59-4704-B90D-E37E20790CF2}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3114696) 64-Bit Edition (HKLM\...\{90160000-012B-0415-1000-0000000FF1CE}_Office16.PROPLUS_{7A411660-6F59-4704-B90D-E37E20790CF2}) (Version: - Microsoft) UsbFix (HKLM-x32\...\Usbfix) (Version: 9.001 - www.SOSVirus.Net) VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software) Vegas Pro 11.0 (64-bit) (HKLM\...\{7DA57CC0-029B-11E2-A4C0-F04DA23A5C58}) (Version: 11.0.701 - Sony) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com) WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) WinSCP 5.9.5 (HKLM-x32\...\winscp3_is1) (Version: 5.9.5 - Martin Prikryl) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers1-x32-x32: [WipeFiles] -> {ED09987C-E386-4F1A-9A52-09A6B659B45F} => D:\Program Files\UndeleteMyFiles\WipeExt.dll -> Brak pliku ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Program Files\malwarebytes\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-09-12] (NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Program Files\malwarebytes\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers6-x32-x32: [WipeFiles] -> {ED09987C-E386-4F1A-9A52-09A6B659B45F} => D:\Program Files\UndeleteMyFiles\WipeExt.dll -> Brak pliku ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {03F54856-B1D0-4631-A1D7-B0E70B5EF565} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation) Task: {1FB32D12-1B1B-4F14-85EB-8F479C5338F9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {2B9B6578-30B3-4BA4-A951-05FA772FA9DA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation) Task: {3266CA22-F205-4A8E-8BCD-8836AD02B4EA} - System32\Tasks\Opera scheduled Autoupdate 1543336697 => C:\Users\Bartek\AppData\Local\Programs\Opera\launcher.exe [2018-12-19] (Opera Software) Task: {4B98CD12-2DBA-45F9-A8AE-672F535B7F31} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation) Task: {68DC3756-AA8C-4DB7-A617-E576EF866BB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {6ED71622-BAE2-46F5-B7DD-0F4226095FF6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {9909E866-222B-43BC-8F22-5C80C74D438F} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25] (ASUSTek Computer Inc.) Task: {A281CE71-DA24-40E8-9FBB-DD7D5733146C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation) Task: {BD3B26C8-4720-4D01-AB5D-CEAE6C3175F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {DBC4BF3E-F8B3-4869-99E0-BB05D1A6E780} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-06] (Adobe Systems Incorporated) Task: {E84D1B0B-8656-47F4-A27C-0C0891DC1BFE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe Task: {E85D7F66-B287-471E-8866-924BBBDCCABA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation) Task: {F247C00D-3C91-4876-9803-CA8880E6C4AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {F6611422-8064-4DED-9E78-6A62C6FAB526} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation) Task: {F82BA063-5AA1-4BC1-BFF7-960C1BED32DA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd) Task: {FA17CF76-F364-4972-A358-B783C947B861} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-06] (Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker\Texmaker\Documentation.lnk -> hxxp://www.xm1math.net/texmaker/doc.htm Shortcut: C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker\Texmaker\Texmaker website.lnk -> hxxp://www.xm1math.net/texmaker ShortcutWithArgument: C:\Users\Bartek\Desktop\python\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" D:\python\Scripts\activate.bat D:\python ShortcutWithArgument: C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" D:\python\Scripts\activate.bat D:\python ==================== Załadowane moduły (filtrowane) ============== 2016-08-27 10:57 - 2016-09-12 21:00 - 000133568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-07-26 08:58 - 2017-07-26 08:58 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe 2016-10-13 18:44 - 2016-09-30 05:25 - 001148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-10-13 18:44 - 2016-09-30 05:25 - 004490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2016-10-13 18:45 - 2016-09-30 05:25 - 000419896 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll 2018-05-16 11:31 - 2018-05-15 04:13 - 004443992 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\libglesv2.dll 2018-05-16 11:31 - 2018-05-15 04:13 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\libegl.dll 2016-10-13 18:44 - 2016-09-29 18:20 - 000500792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2016-10-13 18:44 - 2016-09-29 18:20 - 000255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2016-10-13 18:44 - 2016-09-29 18:20 - 002801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2016-10-13 18:44 - 2016-09-29 18:20 - 000244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2016-10-13 18:44 - 2016-09-29 18:20 - 000430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2016-10-13 18:44 - 2016-09-29 18:20 - 000336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2016-10-13 18:44 - 2016-09-29 18:20 - 000373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2016-10-13 18:44 - 2016-09-30 05:25 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2018-11-17 15:21 - 2013-04-16 16:03 - 002122240 _____ () C:\Users\Bartek\Desktop\Valium Official\Valium Official\mss32.dll 2018-11-17 15:23 - 2013-04-16 16:03 - 001806336 _____ () C:\Users\Bartek\Desktop\Valium Official\Valium Official\SpeedTreeRT.dll 2018-11-17 15:21 - 2013-04-16 16:03 - 002021376 _____ () C:\Users\Bartek\Desktop\Valium Official\Valium Official\miles1_3d.dll 2018-11-17 15:21 - 2013-04-16 16:03 - 002038784 _____ () C:\Users\Bartek\Desktop\Valium Official\Valium Official\miles2_3d.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData:NT [40] AlternateDataStreams: C:\ProgramData:NT2 [432] AlternateDataStreams: C:\Users\All Users:NT [40] AlternateDataStreams: C:\Users\All Users:NT2 [432] AlternateDataStreams: C:\ProgramData\Application Data:NT [40] AlternateDataStreams: C:\ProgramData\Application Data:NT2 [432] AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT [40] AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2 [432] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432] AlternateDataStreams: C:\ProgramData\TEMP:9482CFB4 [268] AlternateDataStreams: C:\Users\Bartek\Dane aplikacji:NT [40] AlternateDataStreams: C:\Users\Bartek\Dane aplikacji:NT2 [432] AlternateDataStreams: C:\Users\Bartek\AppData\Roaming:NT [40] AlternateDataStreams: C:\Users\Bartek\AppData\Roaming:NT2 [432] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2017-09-22 20:08 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\ HKU\S-1-5-21-360975752-3786565279-1083807947-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: DAEMON Tools Lite Automount => "D:\daemon tools\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Bartek\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{0AEC30EB-B918-4DB5-892B-0658B46AA86D}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google Inc.) FirewallRules: [UDP Query User{6523B268-0560-4E69-B66C-AAE9EFB6B593}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google Inc.) FirewallRules: [TCP Query User{BF99C846-3057-4B75-8BC9-2742298FE564}C:\users\bartek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bartek\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc.) FirewallRules: [UDP Query User{882D95DE-DE31-4FE0-981D-BA4F0E286685}C:\users\bartek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bartek\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc.) FirewallRules: [TCP Query User{42257498-8A58-4E72-A670-3C835324FE09}E:\bartek\programy\winamp\winamp.exe] => (Allow) E:\bartek\programy\winamp\winamp.exe (Nullsoft, Inc.) FirewallRules: [UDP Query User{A8043E09-A3E3-4816-9FE8-368A9C39509F}E:\bartek\programy\winamp\winamp.exe] => (Allow) E:\bartek\programy\winamp\winamp.exe (Nullsoft, Inc.) FirewallRules: [{CC24B25B-501B-428C-87E8-B682D96A1F77}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation) FirewallRules: [{21118DDD-7180-42C8-AF3D-C8432A07A624}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation) FirewallRules: [{13F78737-443D-4FE6-A75F-853288ADC293}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation) FirewallRules: [{197C28D9-AB6E-4690-9F4C-AC60F51D4ABD}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation) FirewallRules: [TCP Query User{314EF0BF-267C-4CC9-8399-7F70C486178C}C:\users\bartek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bartek\appdata\roaming\spotify\spotify.exe (Spotify Ltd) FirewallRules: [UDP Query User{F93416D4-F3D3-4203-A8A1-087050724A0D}C:\users\bartek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bartek\appdata\roaming\spotify\spotify.exe (Spotify Ltd) FirewallRules: [{A505C5FC-C796-4932-9C8F-5A1CFC2B5B38}] => (Allow) E:\Bartek\Gry\steam\steam\Steam.exe (Valve Corporation) FirewallRules: [{25802D65-D25E-431A-A6E6-4C649D36EFCA}] => (Allow) E:\Bartek\Gry\steam\steam\Steam.exe (Valve Corporation) FirewallRules: [{767AEC83-DE4C-431C-948F-8DFD06A004E5}] => (Allow) E:\Bartek\Gry\steam\steam\bin\cef\cef.win7\steamwebhelper.exe Brak pliku FirewallRules: [{3211E399-4738-4301-83D9-2504AB0A8FDD}] => (Allow) E:\Bartek\Gry\steam\steam\bin\cef\cef.win7\steamwebhelper.exe Brak pliku FirewallRules: [{F105F267-4C33-4406-ABA9-CD51BBA65CB9}] => (Allow) E:\Bartek\Gry\steam\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe () FirewallRules: [{C247857C-52A1-4DDB-B978-26B9D0C7FD9C}] => (Allow) E:\Bartek\Gry\steam\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe () FirewallRules: [{281F8BE4-9B4C-45C3-BDDE-7712D0D3B31F}] => (Allow) E:\Bartek\Gry\NFS UnderGround 2\Mr DJ\Need For Speed Underground 2\SPEED2.EXE Brak pliku FirewallRules: [{6F8F2DC9-9369-4433-A238-F3DF7B11599B}] => (Allow) E:\Bartek\Gry\NFS UnderGround 2\Mr DJ\Need For Speed Underground 2\SPEED2.EXE Brak pliku FirewallRules: [{7F19CED1-543B-4F53-9514-897DB2390590}] => (Allow) E:\Bartek\Gry\NFS UnderGround 2\Mr DJ\Need For Speed Underground 2\uniws.exe Brak pliku FirewallRules: [{66B213C7-A12D-48D9-918F-219B59745D9A}] => (Allow) E:\Bartek\Gry\NFS UnderGround 2\Mr DJ\Need For Speed Underground 2\uniws.exe Brak pliku FirewallRules: [TCP Query User{B9ECB85D-A4A8-420E-8D64-7C33CC102939}E:\bartek\gry\steam\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\bartek\gry\steam\steam\steamapps\common\the witcher 2\bin\witcher2.exe Brak pliku FirewallRules: [UDP Query User{F0C37CA7-BF14-48E5-B117-FC3787C9B70D}E:\bartek\gry\steam\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\bartek\gry\steam\steam\steamapps\common\the witcher 2\bin\witcher2.exe Brak pliku FirewallRules: [{2E360483-7164-4B49-91BF-CD16B915D3A9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) FirewallRules: [{1328EABF-076E-4376-91AC-08732F3CD194}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe () FirewallRules: [{ED8C657A-C198-4668-B280-8D36675729C5}] => (Allow) C:\Windows\rss\csrss.exe Brak pliku FirewallRules: [{3151119A-AF62-43A9-B2CC-9F00BF07776A}] => (Allow) C:\Users\Bartek\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe Brak pliku FirewallRules: [TCP Query User{3AE77F26-C24E-45B1-9E62-BFFAFA68AB1D}C:\program files\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_181\bin\javaw.exe Brak pliku FirewallRules: [UDP Query User{65DC9ACB-4743-462E-AF16-05C90717F8DE}C:\program files\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_181\bin\javaw.exe Brak pliku FirewallRules: [TCP Query User{DC48D76F-5AF5-4FF2-BAD7-7F7A94505F45}E:\bartek\programy\winamp\winamp.exe] => (Block) E:\bartek\programy\winamp\winamp.exe (Nullsoft, Inc.) FirewallRules: [UDP Query User{18960BD4-5778-4C7A-88B0-4BDF11173BE1}E:\bartek\programy\winamp\winamp.exe] => (Block) E:\bartek\programy\winamp\winamp.exe (Nullsoft, Inc.) FirewallRules: [TCP Query User{6DF305B0-2821-42B7-B0C5-539E0225991F}E:\bartek\gry\steam\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\bartek\gry\steam\steam\steamapps\common\the witcher 2\bin\witcher2.exe Brak pliku FirewallRules: [UDP Query User{58F860B6-E753-4D7E-A085-4775758A2BF4}E:\bartek\gry\steam\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\bartek\gry\steam\steam\steamapps\common\the witcher 2\bin\witcher2.exe Brak pliku FirewallRules: [{AFE29A60-24EF-4F93-801E-053A6A2D80EB}] => (Allow) E:\Bartek\Gry\steam\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) FirewallRules: [{69D1F673-DE0A-411B-A684-B582448739D0}] => (Allow) E:\Bartek\Gry\steam\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) FirewallRules: [TCP Query User{E7597EF7-441F-4F03-BA66-85C40EF6FBAE}C:\program files (x86)\gog galaxy\games\gwent\gwent.exe] => (Block) C:\program files (x86)\gog galaxy\games\gwent\gwent.exe Brak pliku FirewallRules: [UDP Query User{D2B6C26B-1AF3-47C7-B4A2-BEBC7BDE6797}C:\program files (x86)\gog galaxy\games\gwent\gwent.exe] => (Block) C:\program files (x86)\gog galaxy\games\gwent\gwent.exe Brak pliku FirewallRules: [{C61FB70D-E720-4514-9B24-9CC3EDDFAEB0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{F94C3E05-64F9-461D-9E71-98257CB1D5FF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [TCP Query User{085D9A01-790F-4BE2-88CE-DFAB2D3E747D}C:\users\bartek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bartek\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc.) FirewallRules: [UDP Query User{CB72F5AE-3501-4930-B9D8-69D79C1AB664}C:\users\bartek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\bartek\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc.) ==================== Punkty Przywracania systemu ========================= 02-01-2019 17:55:24 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Koprocesor Description: Koprocesor Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (01/03/2019 01:21:28 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/03/2019 09:23:23 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (01/03/2019 09:14:17 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/02/2019 05:24:24 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (01/02/2019 05:14:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/02/2019 02:07:27 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/02/2019 11:35:30 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (01/02/2019 08:31:02 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (01/03/2019 05:35:20 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 40. Error: (01/03/2019 05:35:20 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (01/03/2019 03:27:19 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 40. Error: (01/03/2019 03:27:19 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (01/03/2019 02:23:16 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 40. Error: (01/03/2019 02:23:16 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. Error: (01/03/2019 01:51:15 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 40. Error: (01/03/2019 01:51:15 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 70. ==================== Statystyki pamięci =========================== Procesor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz Procent pamięci w użyciu: 60% Całkowita pamięć fizyczna: 4095.27 MB Dostępna pamięć fizyczna: 1623.02 MB Całkowita pamięć wirtualna: 8188.73 MB Dostępna pamięć wirtualna: 5214.12 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:70.1 GB) (Free:7.47 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: () (Fixed) (Total:40.1 GB) (Free:24.43 GB) NTFS Drive e: () (Fixed) (Total:187.89 GB) (Free:48.77 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: D9B3496E) Partition 1: (Active) - (Size=70.1 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=40.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=187.9 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================