Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 17.03.2019 Uruchomiony przez MateuszBora (04-04-2019 01:12:00) Uruchomiony z C:\Users\MateuszBora\Desktop Windows 10 Home Wersja 1803 17134.648 (X64) (2018-05-24 20:46:10) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1847834770-2434203484-3686499251-500 - Administrator - Disabled) Gość (S-1-5-21-1847834770-2434203484-3686499251-501 - Limited - Disabled) => C:\Users\Gość HomeGroupUser$ (S-1-5-21-1847834770-2434203484-3686499251-1005 - Limited - Enabled) Komputronik_A (S-1-5-21-1847834770-2434203484-3686499251-1002 - Limited - Enabled) => C:\Users\Komputronik_A Konto domyślne (S-1-5-21-1847834770-2434203484-3686499251-503 - Limited - Disabled) MateuszBora (S-1-5-21-1847834770-2434203484-3686499251-1003 - Administrator - Enabled) => C:\Users\MateuszBora UpdatusUser (S-1-5-21-1847834770-2434203484-3686499251-1001 - Limited - Enabled) => C:\Users\UpdatusUser WDAGUtilityAccount (S-1-5-21-1847834770-2434203484-3686499251-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Panda Dome (Enabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Panda Dome (Enabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\uTorrent) (Version: 3.5.5.44994 - BitTorrent Inc.) 888poker (HKLM-x32\...\888poker) (Version: - ) AbiWord 2.8.6 (HKLM-x32\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers) Ace Stream Media 3.1.6 (HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\AceStream) (Version: 3.1.6 - Ace Stream Media) <==== UWAGA Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation) Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated) Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3015 - Acer Incorporated) AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3125 - Acer Incorporated) AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3204 - Acer Incorporated) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated) Aktualizacje NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation) ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden Backup Manager v4 (HKLM-x32\...\{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation) calibre 64bit (HKLM\...\{35E6D951-3B09-4FF3-BE67-EAEC919ADCCF}) (Version: 2.77.0 - Kovid Goyal) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.) Canon MG2500 series On-screen Manual (HKLM-x32\...\Canon MG2500 series On-screen Manual) (Version: 7.8.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.) CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version: - cbrreader.com) CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform) clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3112 - Acer Incorporated) clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3109 - Acer Incorporated) clear.fi SDK - Video 2 (HKLM-x32\...\{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}) (Version: 2.1.2128 - CyberLink Corp.) Hidden clear.fi SDK- Movie 2 (HKLM-x32\...\{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}) (Version: 2.1.2112 - CyberLink Corp.) Hidden Complete Internet Repair 2852 (HKLM\...\Complete Internet Repair_is1) (Version: 2852 - Rizonesoft) CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.) Discord (HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\Discord) (Version: 0.0.304 - Discord Inc.) Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.) Driver Booster 2.3 (HKLM-x32\...\Driver Booster_is1) (Version: 2.3 - IObit) e-Deklaracje Desktop (HKLM-x32\...\{EA7845FD-9C4E-A0F9-98EC-50F451BAEB70}) (Version: 11.0.0 - Ministerstwo Finansow) Hidden e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 11.0.0 - Ministerstwo Finansow) Emulator Starter (HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\32bce9526e87661e) (Version: 1.0.0.141 - Free Game Empire) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software) GG (HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\GG) (Version: 12 - GG Network S.A.) GonVisor 2.45.01 (HKLM-x32\...\GonVisor_is1) (Version: - GON) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden Gothic 1+2 Windows 8 fixes (HKLM\...\{9084b1e7-83b4-406a-8705-374300ee2d84}.sdb) (Version: - ) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan) Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle) Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation) K-Lite Codec Pack 10.2.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - ) Kodi (HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\Kodi) (Version: - XBMC-Foundation) Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.) Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8103 - Acer Incorporated) Malwarebytes (wersja 3.7.1.2839) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4433.1507 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) mIRC (HKLM-x32\...\mIRC) (Version: 7.48 - mIRC Co. Ltd.) Mozilla Firefox 66.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 66.0.2 (x64 pl)) (Version: 66.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla) MyWinLocker (HKLM\...\{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}) (Version: 4.0.14.35 - Egis Technology Inc.) Hidden MyWinLocker 4 (HKLM-x32\...\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}) (Version: 4.0.14.35 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NTI Media Maker 9 (HKLM-x32\...\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9014 - NTI Corporation) Hidden NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9014 - NTI Corporation) NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation) Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer) Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3202 - Acer) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenFM (HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\OpenFM) (Version: 52.1.0.1 - Grupa Wirtualna Polska) OpenOffice 4.0.1 (HKLM-x32\...\{DA0106A3-216E-48DE-9CF6-655DA8FC1D22}) (Version: 4.01.9714 - Apache Software Foundation) Panda Devices Agent (HKLM-x32\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden Panda Dome (HKLM\...\{DC22166B-6F26-4E2E-BFDE-CC3578246940}) (Version: 9.14.00 - Panda Security) Hidden Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.6.0 - Panda Security) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.) Panel sterowania NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden Papers, Please (HKLM-x32\...\GOGPACKPAPERSPLEASE_is1) (Version: 2.4.0.10 - GOG.com) PIT Format 2013 (HKLM-x32\...\PIT Format 2013_is1) (Version: - Biuro Informatyki Stosowanej FORMAT) Podatnik.info PIT pro 2013 wersja 2.0.19.29343 (HKLM-x32\...\{B239B43B-3E99-40B0-80BF-1B1BCA868D4E}_is1) (Version: 2.0.19.29343 - Podatnik.info Sp. z o.o.) PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) PokerTH (HKLM-x32\...\PokerTH 1.1.1) (Version: 1.1.1 - www.pokerth.net) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.41 - Qualcomm Atheros) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Rejestracja użytkownika drukarki Canon MG2500 series (HKLM-x32\...\Rejestracja użytkownika drukarki Canon MG2500 series) (Version: - ‭Canon Inc.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Shredder (HKLM\...\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}) (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (HKLM-x32\...\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}) (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Sid Meier's Pirates! - Live the Life (HKLM-x32\...\1445250653_is1) (Version: 2.0.0.4 - GOG.com) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Spolszczenie Sid Meier's Pirates by Termez & AliG (HKLM-x32\...\Spolszczenie Sid Meier's Pirates by Termez & AliG) (Version: - ) Spotify (HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\Spotify) (Version: 1.0.68.407.g6864aaaf - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.1.3.6 - Synaptics Incorporated) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18.2 - TeamSpeak Systems GmbH) The Binding of Isaac Rebirth 1.0 (HKLM-x32\...\The Binding of Isaac Rebirth 1.0) (Version: 1.0 - Games on Cat-A-Cat.Net) The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\The Witcher 2 - Assassins of Kings Enhanced Edition_is1) (Version: - GOG.com) The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red) Ultimate Player Radio wersja 0.2.0 (HKLM-x32\...\{98106C4E-261F-427D-9DC4-E04D7D138C6A}_is1) (Version: 0.2.0 - Damian Romek) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation) Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Wtyczka e-Deklaracje (HKLM-x32\...\{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1) (Version: 4.0.0 - Ministerstwo Finansów) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1847834770-2434203484-3686499251-1003_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} CustomCLSID: HKU\S-1-5-21-1847834770-2434203484-3686499251-1003_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) CustomCLSID: HKU\S-1-5-21-1847834770-2434203484-3686499251-1003_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\MateuszBora\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) [Brak podpisu cyfrowego] ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Brak pliku ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAShell.dll [2018-05-30] (Panda Security S.L. -> Panda Security, S.L.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [MWLIVShellExt] -> {B1B294FE-EC1E-4fef-AF68-D34CE3E38157} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll [2012-07-12] (EGIS TECHNOLOGY INC. -> Egis Technology Inc. ) ContextMenuHandlers3: [ShredderContextMenu] -> {521065F1-DE6C-4E46-BBCB-89B0D0BE860D} => C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [2011-03-29] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Brak pliku ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Brak pliku ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAShell.dll [2018-05-30] (Panda Security S.L. -> Panda Security, S.L.) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Brak pliku ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Brak pliku ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAShell.dll [2018-05-30] (Panda Security S.L. -> Panda Security, S.L.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1_S-1-5-21-1847834770-2434203484-3686499251-1003: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\MateuszBora\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2013-01-17] (GG Network S.A.) [Brak podpisu cyfrowego] ContextMenuHandlers4_S-1-5-21-1847834770-2434203484-3686499251-1003: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\MateuszBora\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2013-01-17] (GG Network S.A.) [Brak podpisu cyfrowego] ContextMenuHandlers5_S-1-5-21-1847834770-2434203484-3686499251-1003: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\MateuszBora\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2013-01-17] (GG Network S.A.) [Brak podpisu cyfrowego] ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {005FC924-C294-4AA7-A3AD-6F6253995128} - \MdmUpdateTaskMachineCore -> Brak pliku <==== UWAGA Task: {01A371C8-CF57-4657-A0F7-3569F5AE8CE6} - System32\Tasks\Driver Booster SkipUAC (MateuszBora) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe (IObit Information Technology -> IObit) Task: {05987726-D7BC-4BBA-9034-3730559B1326} - \Power Management -> Brak pliku <==== UWAGA Task: {09D8BEE8-7B44-4ADC-9D68-0AFD871D0F05} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {0E0D4D13-FD73-4753-922F-7C53042C5AB4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {0ED8876D-80A0-404B-9E65-309CFCF22372} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe (Acer Incorporated -> ) Task: {106E0840-4399-462F-8A5D-A6348781014D} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures Task: {1CDB7D94-CE3B-47F6-9C8A-DD0819F5AA8A} - \User_Feed_Synchronization-{A023BCD5-3E77-4328-98CD-533D20AC524B} -> Brak pliku <==== UWAGA Task: {214FE432-9C57-4BFE-9B32-9131CA66F82F} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink -> CyberLink) Task: {2758FB58-75EB-403B-8819-0E53CC43615F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe (Microsoft Corporation -> Microsoft Corporation) Task: {30A4A860-5C1B-4809-8634-44251B4746C3} - Brak ścieżki do pliku Task: {33FD3802-C844-4D03-A51A-6FF6386C7AFF} - Brak ścieżki do pliku Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {3556AC84-3D6D-4473-BF63-0602BCD4F642} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA Task: {36981FE1-3134-477C-98C8-981BF7CBE8C4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) Task: {3C0CC3A4-6A36-44FB-BA80-204EE380EF18} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd) Task: {4379264D-F433-46DD-A857-020CCC076024} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe (EGIS TECHNOLOGY INC. -> Egis Technology Inc.) Task: {515A25B2-82EB-4EFB-8BF4-A036CC5194F2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {5BB9E3DC-FE64-4A93-8FAF-CAED51DF59E5} - \WPD\SqmUpload_S-1-5-21-1847834770-2434203484-3686499251-1003 -> Brak pliku <==== UWAGA Task: {60EBC9FE-FCDE-4DEB-89A8-FE90FB596038} - Brak ścieżki do pliku Task: {66324011-F976-4EA0-A636-43225B8BFD1C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {6BFBFC37-697F-4BD2-AE4C-63F7A3CD6C5B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {71C08C0E-5D35-41C8-B267-1D5BB39D6783} - Brak ścieżki do pliku Task: {7D711F9B-4AB6-4DEF-9695-8C697E56166C} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe Task: {7D80DFA1-CEA6-4496-8BBB-71A9E521CDCC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {80FB9119-259F-4990-9B5A-1261DE77B355} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {824F174D-F628-40F0-A464-BBDBE7F4A2D0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {8934BFAF-3B4A-4FA9-BEC1-1105A379FD8B} - Brak ścieżki do pliku Task: {95E9E90B-C703-4DF5-84BF-9E6F1BD59779} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {A00E9419-2909-4DB5-A75B-3F21391D1674} - System32\Tasks\S-1-5-21-1847834770-2434203484-3686499251-1003\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation) Task: {A4C39D0A-DB60-4E95-BC53-7769D9AB4F36} - \Optimize Start Menu Cache Files-S-1-5-21-1847834770-2434203484-3686499251-500 -> Brak pliku <==== UWAGA Task: {AB5C5102-B081-47C4-96EF-4BBC0C25D018} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe (Acer Incorporated -> ) Task: {ABD1FC0F-44E5-41E9-B009-8B49C459B96A} - \Synaptics TouchPad Enhancements -> Brak pliku <==== UWAGA Task: {ADD7401F-C26B-41D5-B112-D2D5411ED3AF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {B04F1D09-FF83-4F5C-A710-107D3131D2E5} - \WPD\SqmUpload_S-1-5-21-1847834770-2434203484-3686499251-1002 -> Brak pliku <==== UWAGA Task: {B9F5459E-7F57-44ED-9CD5-1814D67DC7D6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {BCEBB058-7363-4CA8-91A2-70D1A819018A} - Brak ścieżki do pliku Task: {CCD8DE80-70E9-4352-9BA3-054244FC5843} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {CEB2CB0F-B2F3-42B0-9C92-4B18A18A5F98} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {D1334A69-6E38-4547-8794-325B29BA1170} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {DC576072-7D50-44F2-9ACD-8446C2A4D585} - \User_Feed_Synchronization-{6077FDC3-909A-4AEB-BD13-6D6A8836AD66} -> Brak pliku <==== UWAGA Task: {E68DE6BF-A61B-40BA-9006-BC6326D1B81D} - \PMMUpdate -> Brak pliku <==== UWAGA Task: {F5362D6F-F958-47C2-BA68-5C6C4C575649} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {F86D0730-C15E-4446-8622-9AEA743BA433} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\MateuszBora\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com ==================== Załadowane moduły (filtrowane) ============== 2012-08-21 02:36 - 2012-08-21 02:36 - 000176640 _____ (Broadcom Corp.) [Brak podpisu cyfrowego] C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe 2012-04-20 23:49 - 2012-04-20 23:49 - 001198080 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] C:\Program Files (x86)\Intel\iCLS Client\libeay32.dll 2018-05-24 22:15 - 2018-05-24 22:15 - 001093120 _____ (Microsoft Corporation) [Brak podpisu cyfrowego] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 15:25 - 2019-02-10 19:06 - 000000914 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\EgisTec MyWinLocker\x64;C:\Program Files (x86)\EgisTec MyWinLocker\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Calibre2\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-1847834770-2434203484-3686499251-1001\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\MateuszBora\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Brak pliku) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. HKLM\...\StartupApproved\StartupFolder: => "Acer Backup Manager Tray.lnk" HKLM\...\StartupApproved\Run: => "Norton Online Backup" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "BtPreLoad" HKLM\...\StartupApproved\Run32: => "CanonQuickMenu" HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\StartupApproved\Run: => "GG" HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\StartupApproved\Run: => "ALLUpdate" HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\StartupApproved\Run: => "AceStream" HKU\S-1-5-21-1847834770-2434203484-3686499251-1003\...\StartupApproved\Run: => "CCleaner Smart Cleaning" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [UDP Query User{B31F4612-33A8-40D9-A613-52A5763F1B7E}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{AC58FD9E-9271-4C67-8CCB-F2BD28C25F1D}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{1BE19381-9E7A-41F3-9A3E-44AC56D3D407}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.) FirewallRules: [TCP Query User{447FF9EB-DD47-4D64-8007-5943FE365312}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.) FirewallRules: [TCP Query User{B94C21A4-A043-4658-8001-CEA93BCA8D07}C:\users\mateuszbora\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mateuszbora\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{AB3DF122-4319-43A9-82CF-FFCF82979837}C:\users\mateuszbora\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mateuszbora\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{43D42CA5-4039-44A6-A93B-CA352A2E5F87}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6FDAAA7D-5300-45FC-A9D5-2C5B3B5CF904}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{4F53861C-FD40-49F8-BA3E-479090DC4D4D}C:\users\mateuszbora\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mateuszbora\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [UDP Query User{28F9330F-C996-4388-8D9F-F3BFB1F3CADD}C:\users\mateuszbora\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mateuszbora\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{6FE77C28-D6FB-48BC-BDAD-E214EBE3D06E}C:\users\mateuszbora\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\mateuszbora\appdata\roaming\acestream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies) FirewallRules: [UDP Query User{06DAE54A-1E9B-4133-9B45-90EBBC2CBD33}C:\users\mateuszbora\appdata\roaming\acestream\engine\ace_engine.exe] => (Allow) C:\users\mateuszbora\appdata\roaming\acestream\engine\ace_engine.exe (INNOVATIVE DIGITAL TECHNOLOGIES LLC -> Innovative Digital Technologies) FirewallRules: [TCP Query User{43AD86FD-217A-4168-A88B-C2B339E77178}C:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe] => (Block) C:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe (Acer Incorporated -> acer) FirewallRules: [UDP Query User{D1AD4850-8E37-4447-B36B-8D836AF9330B}C:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe] => (Block) C:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe (Acer Incorporated -> acer) FirewallRules: [TCP Query User{3C5F8CAC-E725-4B65-BFB0-AC2A34B8016E}C:\program files (x86)\acer\clear.fi photo\windowsupnp.exe] => (Block) C:\program files (x86)\acer\clear.fi photo\windowsupnp.exe (Acer Incorporated -> acer) FirewallRules: [UDP Query User{013FEEDF-1E52-4524-B76D-27EBC061E76F}C:\program files (x86)\acer\clear.fi photo\windowsupnp.exe] => (Block) C:\program files (x86)\acer\clear.fi photo\windowsupnp.exe (Acer Incorporated -> acer) FirewallRules: [{CFE914E3-A6DB-4BC8-86EA-C8B1F9A1EAA5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{A9D3593A-0BB2-4508-8EC3-E3958E94660A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [TCP Query User{9B307C0A-429C-4C4F-8837-D867BB88E549}C:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) C:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe () [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{001D8F79-F905-4DD9-941B-3546D60B83C8}C:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) C:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{555A0E21-E249-494E-B90E-0530628E4CDF}C:\users\mateuszbora\downloads\my.summer.car.v30.01.2019\my.summer.car.v30.01.2019\mysummercar.exe] => (Allow) C:\users\mateuszbora\downloads\my.summer.car.v30.01.2019\my.summer.car.v30.01.2019\mysummercar.exe (Unity Technologies SF -> ) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{8E8EF12C-EF80-4281-9B29-F7E5D1068625}C:\users\mateuszbora\downloads\my.summer.car.v30.01.2019\my.summer.car.v30.01.2019\mysummercar.exe] => (Allow) C:\users\mateuszbora\downloads\my.summer.car.v30.01.2019\my.summer.car.v30.01.2019\mysummercar.exe (Unity Technologies SF -> ) [Brak podpisu cyfrowego] FirewallRules: [{C4FDD140-E459-46C9-B4E3-AEB7EF9D17A2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{68FB08C2-7689-4FF8-8C44-63B006EE9805}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{E0598C79-27E9-4732-9E48-4E9D38AB6492}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{CBB53643-B801-46EF-A40E-C9C1BD09B038}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{88776A4B-7A25-4366-B9B5-8CAFD0D2B82F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) ==================== Punkty Przywracania systemu ========================= 12-03-2019 20:11:52 Windows Update 20-03-2019 01:25:54 Zaplanowany punkt kontrolny 30-03-2019 00:48:23 Zaplanowany punkt kontrolny ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (03/30/2019 02:44:22 PM) (Source: COM) (EventID: 10031) (User: ) Description: Podczas anulowania kierowania obiektu skierowanego niestandardowo wykonano sprawdzanie zasad anulowania kierowania i klasa {41FD88F7-F295-4D39-91AC-A85F3149A05B} została odrzucona. Error: (03/30/2019 02:44:22 PM) (Source: COM) (EventID: 10031) (User: ) Description: Podczas anulowania kierowania obiektu skierowanego niestandardowo wykonano sprawdzanie zasad anulowania kierowania i klasa {95CABCC9-BC57-4C12-B8DF-BA193232AA01} została odrzucona. Error: (03/25/2019 09:03:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: PSANHost.exe, wersja: 4.0.3.0, sygnatura czasowa: 0x5a0357d9 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 10.0.17134.556, sygnatura czasowa: 0x319e0a75 Kod wyjątku: 0xc0000374 Przesunięcie błędu: 0x000d8529 Identyfikator procesu powodującego błąd: 0x1054 Godzina uruchomienia aplikacji powodującej błąd: 0x01d4dba6a6e8f980 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\ntdll.dll Identyfikator raportu: a4deab68-9599-4759-aa65-4281b7f5fb9d Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (03/16/2019 07:36:29 PM) (Source: Steam Client Service) (EventID: 1) (User: ) Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe Error: (03/11/2019 10:38:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: NVDisplay.Container.exe, wersja: 1.2.0.0, sygnatura czasowa: 0x59079e96 Nazwa modułu powodującego błąd: NVSVC64.DLL_unloaded, wersja: 8.17.13.8205, sygnatura czasowa: 0x59079af7 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000009bc48 Identyfikator procesu powodującego błąd: 0x1294 Godzina uruchomienia aplikacji powodującej błąd: 0x01d4d84a6aa2ea05 Ścieżka aplikacji powodującej błąd: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe Ścieżka modułu powodującego błąd: NVSVC64.DLL Identyfikator raportu: 322591cd-7ff7-4f42-a5ed-c2c07cca0b20 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (03/09/2019 01:12:57 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: GonVisor.exe, wersja: 2.45.0.1, sygnatura czasowa: 0x58677c61 Nazwa modułu powodującego błąd: MSVBVM60.DLL, wersja: 6.0.98.15, sygnatura czasowa: 0x49b01fc3 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000f8a5a Identyfikator procesu powodującego błąd: 0x1bb0 Godzina uruchomienia aplikacji powodującej błąd: 0x01d4d5fbc9022e85 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\GonVisor\GonVisor.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\SYSTEM32\MSVBVM60.DLL Identyfikator raportu: 4aa4fb78-c92e-4443-8c5a-1c598d8c2883 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (03/06/2019 01:30:23 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: svchost.exe_UsoSvc, wersja: 10.0.17134.556, sygnatura czasowa: 0xf23cada5 Nazwa modułu powodującego błąd: wuaueng.dll, wersja: 10.0.17134.471, sygnatura czasowa: 0x57ca2a53 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000001126ff Identyfikator procesu powodującego błąd: 0xe54 Godzina uruchomienia aplikacji powodującej błąd: 0x01d4c6a98db1ac68 Ścieżka aplikacji powodującej błąd: c:\windows\system32\svchost.exe Ścieżka modułu powodującego błąd: c:\windows\system32\wuaueng.dll Identyfikator raportu: 9cdcef1b-a8c6-4f46-bd22-f80098248b65 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (03/04/2019 12:42:34 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: NVDisplay.Container.exe, wersja: 1.2.0.0, sygnatura czasowa: 0x59079e96 Nazwa modułu powodującego błąd: NVSVC64.DLL_unloaded, wersja: 8.17.13.8205, sygnatura czasowa: 0x59079af7 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000009bc48 Identyfikator procesu powodującego błąd: 0x5cc Godzina uruchomienia aplikacji powodującej błąd: 0x01d4d212631697d5 Ścieżka aplikacji powodującej błąd: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe Ścieżka modułu powodującego błąd: NVSVC64.DLL Identyfikator raportu: 52986981-77d9-481c-9a1c-e550148473c4 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Dziennik System: ============= Error: (04/03/2019 11:43:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (04/03/2019 11:43:45 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\MATEUS~1\AppData\Local\Temp\ehdrv.sys Error: (04/03/2019 11:43:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (04/03/2019 11:43:44 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\MATEUS~1\AppData\Local\Temp\ehdrv.sys Error: (04/03/2019 11:43:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (04/03/2019 11:43:44 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\MATEUS~1\AppData\Local\Temp\ehdrv.sys Error: (04/03/2019 11:43:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi eapihdrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (04/03/2019 11:43:44 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\MATEUS~1\AppData\Local\Temp\ehdrv.sys CodeIntegrity: =================================== Date: 2019-03-20 12:33:00.672 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-20 12:30:59.329 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-20 12:28:49.215 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-20 12:27:44.569 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-20 12:27:44.213 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-20 12:27:43.973 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-20 12:27:43.782 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-20 12:27:43.527 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz Procent pamięci w użyciu: 84% Całkowita pamięć fizyczna: 3911.27 MB Dostępna pamięć fizyczna: 613.85 MB Całkowita pamięć wirtualna: 9043.46 MB Dostępna pamięć wirtualna: 3471.13 MB ==================== Dyski ================================ Drive c: (Acer) (Fixed) (Total:445.34 GB) (Free:180.73 GB) NTFS \\?\Volume{d139b77a-0554-44a7-bd94-df921772a0a4}\ (Recovery) (Fixed) (Total:0.39 GB) (Free:0.13 GB) NTFS \\?\Volume{9d3e575f-a8f9-4262-8aba-7ba283433da5}\ () (Fixed) (Total:0.85 GB) (Free:0.33 GB) NTFS \\?\Volume{f49111b8-0de9-4988-b32d-76e3f539a3ac}\ (Push Button Reset) (Fixed) (Total:18.76 GB) (Free:2.77 GB) NTFS \\?\Volume{f7da05e0-d74d-41e0-9a98-5d6af0949a1f}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 500F0877) Partition: GPT. ==================== Koniec Addition.txt ============================