Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:18-04-2016 Uruchomiony przez Arek (2016-04-21 20:20:54) Uruchomiony z C:\Users\Arek\Desktop Windows 8.1 Pro (X64) (2015-10-09 11:22:01) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3554043997-3257010474-766506353-500 - Administrator - Disabled) Arek (S-1-5-21-3554043997-3257010474-766506353-1001 - Administrator - Enabled) => C:\Users\Arek Gość (S-1-5-21-3554043997-3257010474-766506353-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3554043997-3257010474-766506353-1005 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - ) abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version: - ) Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.30.3 - Mirillis) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.2.740 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) BlueStacks App Player (HKLM-x32\...\{6693B491-7BA8-4A42-A40C-B1BABC8C5339}) (Version: 2.1.7.5658 - BlueStack Systems, Inc.) Detektor Winampa (HKU\S-1-5-21-3554043997-3257010474-766506353-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Driver Booster 3.1 (HKLM-x32\...\Driver Booster_is1) (Version: 3.1 - IObit) EaseUS Data Recovery Wizard 9.5 (HKLM\...\EaseUS Data Recovery Wizard 9.5_is1) (Version: - EaseUS) Elevated Installer (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden Fakturka 1.46 (HKLM-x32\...\{9E51B7A1-8CFA-43EF-88EC-87FF97A13F64}_is1) (Version: - Piotr Trocewicz) Free MP4 MP3 Converter 3.0.1 (HKLM-x32\...\Free MP4 MP3 Converter) (Version: 3.0.1 - ZISUN Freeware) Garmin Express (HKLM-x32\...\{0733d53f-b41d-47cc-b336-d95751c4b2cb}) (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden GG (HKU\S-1-5-21-3554043997-3257010474-766506353-1001\...\GG) (Version: 11 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.75 - Google Inc.) Google Drive (HKLM-x32\...\{B0F1B758-60D6-41F7-93D9-212A448813FE}) (Version: 1.29.1862.0513 - Google, Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider) HD Tune Pro 5.00 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software) HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.13.258 - SurfRight B.V.) HitmanPro.Alert 3 (HKLM\...\HitmanPro.Alert) (Version: 3.1.9.364 - SurfRight B.V.) iCare Data Recovery Professional 4.6.3.3 (HKLM-x32\...\iCare Data Recovery Professional_is1) (Version: - iCare Software) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Java 8 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218072F0}) (Version: 8.0.720.15 - Oracle Corporation) Java 8 Update 74 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation) Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation) Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation) K-Lite Codec Pack 11.5.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.5.0 - ) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Monopoly by Parker Brothers (HKLM-x32\...\Monopoly by Parker Brothers) (Version: 1.0.406.0 - GameHouse, Inc.) NapiProjekt 2.0.0 (build 1932) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Napisy24 (HKLM-x32\...\{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 1.3 - Napisy24.pl) Pakiet sterowników systemu Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Pakiet sterowników systemu Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7746 - Realtek Semiconductor Corp.) Recover My Files (HKLM-x32\...\Recover My Files v5_is1) (Version: 5.1.0.1824 - GetData Pty Ltd) ReMouse Standard (HKLM-x32\...\ReMouse Standard_is1) (Version: Standard V3.5.3 - AutomaticSolution Software) SeaMonkey 2.39 (x86 pl) (HKLM-x32\...\SeaMonkey 2.39 (x86 pl)) (Version: 2.39 - Mozilla) Sid Meier's Civilization IV (HKLM-x32\...\Steam App 3900) (Version: - Firaxis Games) Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Spybot Anti-Beacon (HKLM-x32\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 1.5 - Safer-Networking Ltd.) SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.21.18.4608 - Enigma Software Group, LLC) StartIsBack+ (HKLM-x32\...\StartIsBack) (Version: 1.7.5 - startisback.com) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 5.00 - NCH Software) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH) UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version: - ) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.16 - IDRIX) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WinZip (HKLM-x32\...\WinZip) (Version: 2.0.18 - Winzipper Pvt Ltd.) <==== UWAGA Wondershare MobileGo(Version 8.2.0) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.2.0 - Wondershare) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3554043997-3257010474-766506353-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-3554043997-3257010474-766506353-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Arek\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0347FD08-93CF-419B-A37D-EAAD1AF465BD} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-10-05] () Task: {09FA2F15-D0AB-4AC8-B529-B4EBDA061C06} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-01-28] () Task: {2C2AC1D6-7DCA-47C5-8FCF-235D6958F311} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-09] (Google Inc.) Task: {2F941967-A5DA-4D4C-B392-29F41A08A256} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-09] (Google Inc.) Task: {53A04990-5FBD-4627-B2C6-C72D629CC33C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {54A0E082-A68C-482C-AC35-DE8D5B0B5720} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-11-30] (IObit) Task: {55DA961E-A773-4ABE-B550-33C263D8ADF7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) Task: {67681B65-8DB8-43F6-96F6-A8511AF951DB} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {6B48781A-6F22-4928-878E-B95634AC6005} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {6BE3DA85-0770-49BC-BB9C-B2429B970D93} - \WinTaske -> Brak pliku <==== UWAGA Task: {6C4426DE-4D73-4FF6-BD7F-2150E9F5E5F6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {707B841A-0B4E-4AC3-9607-1A3A9D18B4C0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated) Task: {8B56ED6F-F74A-4637-821A-1BAF4C528EF7} - System32\Tasks\Driver Booster SkipUAC (Arek) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-12-22] (IObit) Task: {A57BD39A-5800-4197-9FCE-E11D0E23A930} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization => C:\Program Files (x86)\Spybot Anti-Beacon\SDAntiBeacon.exe [2015-10-19] (Safer-Networking Ltd.) Task: {C125590D-416E-4766-939E-87FB6A2EE8C4} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2016-04-19] (Enigma Software Group USA, LLC.) Task: {C7EE9CEE-5C92-4AD4-AADF-4DB6107079ED} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {C89432D8-735C-4B07-A10A-CA784C72CB91} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {CA96C24B-E2E5-458D-ACC4-AB256F22F23D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {CC87C4A6-9240-4AD6-9CE2-E08A616AB924} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {D528D199-9809-48BA-A6C3-FD1227D5F524} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2010-03-02 13:41 - 2010-03-02 13:41 - 00027648 _____ () C:\WINDOWS\System32\sxp3ml6.dll 2015-10-09 13:14 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 2009-11-11 13:37 - 2009-11-11 13:37 - 03623849 _____ () C:\Program Files (x86)\abgx360\abgx360gui.exe 2015-10-10 00:59 - 2011-11-16 08:21 - 06596608 _____ () C:\Program Files (x86)\NapiProjekt\napisy.exe 2015-10-09 13:14 - 2016-04-20 14:31 - 00035472 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2015-10-09 13:14 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll 2016-01-02 18:22 - 2014-10-16 11:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2013-02-27 11:43 - 2015-10-09 12:02 - 03715648 _____ () C:\Users\Arek\AppData\Local\GG\Application\xulrunner\mozjs.dll 2016-04-20 14:45 - 2016-04-20 14:45 - 00098816 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\win32api.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00110080 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\pywintypes27.dll 2016-04-20 14:45 - 2016-04-20 14:45 - 00364544 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\pythoncom27.dll 2016-04-20 14:45 - 2016-04-20 14:45 - 00320512 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\win32com.shell.shell.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00776704 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\_hashlib.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 01176576 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\wx._core_.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00806400 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\wx._gdi_.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00816128 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\wx._windows_.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 01067008 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\wx._controls_.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00733184 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\wx._misc_.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00682496 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\pysqlite2._sqlite.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00088064 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\_ctypes.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00119808 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\win32file.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00108544 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\win32security.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00007168 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\hashobjs_ext.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00017920 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\thumbnails_ext.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00088064 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\usb_ext.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00167936 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\win32gui.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00018432 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\win32event.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00046080 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\_socket.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 01208320 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\_ssl.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00128512 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\_elementtree.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00127488 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\pyexpat.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00012288 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\common.time34.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00038912 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\win32inet.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00036864 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\_psutil_windows.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00525208 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\windows._lib_cacheinvalidation.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00011264 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\win32crypt.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00077312 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\wx._html2.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00027136 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\_multiprocessing.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00020480 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\_yappi.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00035840 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\win32process.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00686080 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\unicodedata.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00078848 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\wx._animate.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00123392 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\wx._wizard.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00024064 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\win32pipe.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00010240 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\select.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00025600 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\win32pdh.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00017408 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\win32profile.pyd 2016-04-20 14:45 - 2016-04-20 14:45 - 00022528 ____R () C:\Users\Arek\AppData\Local\Temp\_MEI36362\win32ts.pyd 2015-11-01 21:35 - 2016-03-11 02:56 - 00783360 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-11-01 21:35 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-11-01 21:35 - 2016-03-31 22:55 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll 2015-11-01 21:35 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-11-01 21:35 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-11-01 21:35 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-11-01 21:35 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-11-01 21:35 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-11-01 21:35 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-11-01 21:35 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-11-01 21:35 - 2016-03-31 22:55 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-03-23 22:51 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2016-03-11 13:06 - 2016-03-20 18:49 - 03306496 _____ () C:\Program Files (x86)\BlueStacks\libGLESv2.dll 2016-03-14 15:32 - 2016-03-14 15:32 - 00016896 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\DeviceDetection.dll 2016-03-14 15:34 - 2016-03-14 15:34 - 00721408 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\ContentManager.dll 2016-03-14 15:32 - 2016-03-14 15:32 - 00019968 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\TomTomSupporterBase.dll 2016-03-14 15:34 - 2016-03-14 15:34 - 00028672 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\QtSolutions_SingleApplication.dll 2016-03-14 15:32 - 2016-03-14 15:32 - 00109568 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\kqoauth.dll 2016-03-14 15:32 - 2016-03-14 15:32 - 00017920 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\TimeParse.dll 2013-02-27 11:43 - 2015-11-28 11:48 - 00122432 _____ () C:\Users\Arek\AppData\Local\GG\Application\ggdrive\ZLIB1.dll 2016-04-20 10:39 - 2016-04-13 10:37 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.75\libglesv2.dll 2016-04-20 10:39 - 2016-04-13 10:36 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.75\libegl.dll 2015-11-01 21:35 - 2016-02-09 03:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2016-04-20 10:39 - 2016-04-13 10:37 - 17536664 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.75\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 15:25 - 2016-04-20 14:36 - 00002672 ____N C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.0 choice.microsoft.com 0.0.0.0 choice.microsoft.com.nstac.net 0.0.0.0 df.telemetry.microsoft.com 0.0.0.0 oca.telemetry.microsoft.com 0.0.0.0 oca.telemetry.microsoft.com.nsatc.net 0.0.0.0 redir.metaservices.microsoft.com 0.0.0.0 reports.wes.df.telemetry.microsoft.com 0.0.0.0 services.wes.df.telemetry.microsoft.com 0.0.0.0 settings-sandbox.data.microsoft.com 0.0.0.0 settings-win.data.microsoft.com 0.0.0.0 sqm.df.telemetry.microsoft.com 0.0.0.0 sqm.telemetry.microsoft.com 0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net 0.0.0.0 telecommand.telemetry.microsoft.com 0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net 0.0.0.0 telemetry.appex.bing.net 0.0.0.0 telemetry.microsoft.com 0.0.0.0 telemetry.urs.microsoft.com 0.0.0.0 vortex-sandbox.data.microsoft.com 0.0.0.0 vortex-win.data.microsoft.com 0.0.0.0 vortex.data.microsoft.com 0.0.0.0 watson.telemetry.microsoft.com 0.0.0.0 watson.telemetry.microsoft.com.nsatc.net 0.0.0.0 watson.ppe.telemetry.microsoft.com 0.0.0.0 wes.df.telemetry.microsoft.com 0.0.0.0 vortex-bn2.metron.live.com.nsatc.net 0.0.0.0 vortex-cy2.metron.live.com.nsatc.net 0.0.0.0 watson.live.com 0.0.0.0 watson.microsoft.com 0.0.0.0 feedback.search.microsoft.com Wykryto więcej niż wyliczono: 7 linii. ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3554043997-3257010474-766506353-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Arek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 62.179.1.63 - 62.179.1.62 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{8822BEFB-FC86-47BD-BACF-037F11BEA5FA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{C5785587-A7A8-439B-AD6B-A1C4D8FD8433}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{155B9DCB-C0D2-48CE-A129-BC1302E1E465}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{D9DC2688-6B70-426A-BA44-79E32748AE59}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{E3C3052F-6C5A-4495-BA4D-14583CF27F4A}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{D56C0C32-E576-45AC-9908-04D4DE8E872E}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{1DFBCD00-586C-49AE-A147-E528246A2390}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [TCP Query User{EDDA062B-C284-4B09-A6FF-9AB3DAAAFCEC}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{90EBAF1B-267D-42A9-A115-2040A5918ED5}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [{E3AF6D64-43FF-4C3E-BF5C-5C05AAA62599}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{30206770-B699-4586-908A-770352BC8BCF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{ED54E075-8C78-42DC-BB25-30AC49AFE1AA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{0AE12E19-F131-4588-9C0D-25B55AA62176}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{A281E82D-518B-40BD-A9B7-2056D674E9D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV\Civilization4.exe FirewallRules: [{630AB7A1-4F96-4A71-84BD-F4379B17D139}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV\Civilization4.exe FirewallRules: [{557B2A7F-F07C-4918-B083-F5BB9593B0AF}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{6AF97C77-F780-47EC-B083-D6B64E4E31D7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{D41F0DF2-8C91-4077-B9BC-260401E221B4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{E1AB9D00-E654-43BF-9F33-C04B85670A4C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{6C1EBE61-028F-4B41-A314-D767253FC78B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{DA073500-EAC9-4FC2-997F-B91BA73CE1B6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{CFE2E828-BDFB-44A8-AA2E-5C2D164AB8B4}] => (Allow) C:\Program Files\Andy\andy.exe FirewallRules: [{8659DC63-5BD6-48D6-831C-8EDD5E8C6D9E}] => (Allow) C:\Program Files\Andy\andy.exe FirewallRules: [{22326AA1-5D28-4603-8C0A-D284799D388C}] => (Allow) C:\Program Files\Andy\AndyConsole.exe FirewallRules: [{C368676F-F4D0-4E98-B3E1-B745D2DE2BAE}] => (Allow) C:\Program Files\Andy\AndyConsole.exe FirewallRules: [{DC3BB9B6-E80A-4D8C-B89E-CC30897B5196}] => (Allow) C:\Program Files\Andy\HandyAndy.exe FirewallRules: [{DBB98805-C99F-4363-8420-406AC4F73E0E}] => (Allow) C:\Program Files\Andy\HandyAndy.exe FirewallRules: [TCP Query User{7252F21F-69D3-4796-89DF-F1D00FED6BDF}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe FirewallRules: [UDP Query User{4B31B413-2D3F-46F1-AD5A-C9D222A8F76A}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe FirewallRules: [TCP Query User{284CE9DA-D6A5-475D-93AE-6A1662ED1841}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe FirewallRules: [UDP Query User{6C62918B-1C3C-4ED7-85B7-F37BA3378464}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe FirewallRules: [TCP Query User{1108F071-4F6F-4731-8AF4-0865C65C6D0E}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe FirewallRules: [UDP Query User{8E8EE09E-6B83-4262-9767-804C67C05C54}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe FirewallRules: [{969FCD21-315D-480B-B747-CCD939F7A92F}] => (Allow) C:\Program Files\Andy\Setup.exe FirewallRules: [{A6384061-1664-4B1D-A006-D7E4909A0176}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe FirewallRules: [{BE73569B-A77D-4A66-A4FB-31A4BF452EC7}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe FirewallRules: [{7985F3D9-326E-4206-9281-765C202236D6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= 20-04-2016 10:10:09 Driver Booster : Java Runtime Environment 32 bit 20-04-2016 12:58:24 Malwarebytes Anti-Rootkit Restore Point ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (04/20/2016 02:45:56 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4 Error: (04/20/2016 02:45:56 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Error: (04/20/2016 02:45:55 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Error: (04/20/2016 02:45:55 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4 Error: (04/20/2016 02:45:54 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: LsaC:\Windows\System32\Secur32.dll4 Error: (04/20/2016 02:45:54 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: ESENTC:\WINDOWS\system32\esentprf.dll4 Error: (04/20/2016 02:45:54 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (04/20/2016 12:58:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (04/20/2016 10:38:28 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4 Error: (04/20/2016 10:38:28 AM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Dziennik System: ============= Error: (04/21/2016 04:03:17 AM) (Source: DCOM) (EventID: 10010) (User: kompwkuchni) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (04/21/2016 04:02:47 AM) (Source: DCOM) (EventID: 10010) (User: kompwkuchni) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (04/20/2016 02:31:26 PM) (Source: volmgr) (EventID: 45) (User: ) Description: System nie może pomyślnie załadować sterownika zrzutu awaryjnego. Error: (04/20/2016 02:31:24 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Inicjowanie zrzutu awaryjnego nie powiodło się! Error: (04/20/2016 02:31:24 PM) (Source: volmgr) (EventID: 45) (User: ) Description: System nie może pomyślnie załadować sterownika zrzutu awaryjnego. Error: (04/20/2016 10:37:39 AM) (Source: volmgr) (EventID: 45) (User: ) Description: System nie może pomyślnie załadować sterownika zrzutu awaryjnego. Error: (04/20/2016 10:37:37 AM) (Source: volmgr) (EventID: 46) (User: ) Description: Inicjowanie zrzutu awaryjnego nie powiodło się! Error: (04/20/2016 10:37:37 AM) (Source: volmgr) (EventID: 45) (User: ) Description: System nie może pomyślnie załadować sterownika zrzutu awaryjnego. Error: (04/20/2016 10:28:34 AM) (Source: volmgr) (EventID: 45) (User: ) Description: System nie może pomyślnie załadować sterownika zrzutu awaryjnego. Error: (04/20/2016 10:28:31 AM) (Source: volmgr) (EventID: 46) (User: ) Description: Inicjowanie zrzutu awaryjnego nie powiodło się! CodeIntegrity: =================================== Date: 2016-04-21 08:49:19.278 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-21 08:49:19.162 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-21 08:49:18.993 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-21 08:49:18.883 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-21 05:37:43.717 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-21 05:37:43.606 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-21 05:37:43.469 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-21 05:37:43.361 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-21 05:37:13.202 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-21 05:37:13.093 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz Procent pamięci w użyciu: 43% Całkowita pamięć fizyczna: 10115.98 MB Dostępna pamięć fizyczna: 5697.45 MB Całkowita pamięć wirtualna: 20355.98 MB Dostępna pamięć wirtualna: 14797.09 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:111.45 GB) (Free:25.78 GB) NTFS Drive d: () (Fixed) (Total:0.34 GB) (Free:0.32 GB) FAT32 ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive f: (Nowy) (Fixed) (Total:372.27 GB) (Free:35.36 GB) NTFS Drive o: (VERBATIM HD) (Fixed) (Total:931.51 GB) (Free:56.84 GB) NTFS Drive p: (Nowy) (Fixed) (Total:1863.01 GB) (Free:394.55 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 111.8 GB) (Disk ID: 7D2796AC) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D847BF91) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 372.6 GB) (Disk ID: 000BB2FA) Partition 1: (Active) - (Size=350 MB) - (Type=0C) Partition 2: (Not Active) - (Size=372.3 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 931.5 GB) (Disk ID: 851465BE) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================