Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 04-11-2016 Uruchomiony przez Paweł (11-11-2016 14:04:19) Uruchomiony z C:\Users\Paweł\Desktop Windows 10 Home Wersja 1607 (X64) (2016-08-18 22:31:58) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-4044977474-879871873-2228097138-500 - Administrator - Disabled) Gość (S-1-5-21-4044977474-879871873-2228097138-501 - Limited - Disabled) Konto domyślne (S-1-5-21-4044977474-879871873-2228097138-503 - Limited - Disabled) Paweł (S-1-5-21-4044977474-879871873-2228097138-1001 - Administrator - Enabled) => C:\Users\Paweł ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-4044977474-879871873-2228097138-1001\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.) AIMP (HKLM-x32\...\AIMP) (Version: v4.11.1841, 09.10.2016 - AIMP DevTeam) Aktualizacje NVIDIA 2.13.0.21 (Version: 2.13.0.21 - NVIDIA Corporation) Hidden ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.201.1611.252 - Alps Electric) Ansel (Version: 375.70 - NVIDIA Corporation) Hidden Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts) Battlefield: Bad Company 2 (HKLM\...\Steam App 24960) (Version: - DICE) Battlefield™ Hardline (HKLM-x32\...\{CB4AC3DA-8CC1-4516-86DA-4078B57DB229}) (Version: 1.4.0.10 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) Bing Powered Search (HKLM-x32\...\BingPoweredSearch) (Version: - ) Camtasia Studio 8 (HKLM-x32\...\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}) (Version: 8.6.0.2079 - TechSmith Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform) Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version: - Cheat Engine) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) Eden4S version 33888 (HKLM-x32\...\{34AA00FF-DFF1-4BB2-9AF2-DD43866A934A}_is1) (Version: 33888 - Eden4S, Inc.) Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version: - SCS Software) GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North) Hide Window Hotkey (HKLM-x32\...\Hide Window Hotkey) (Version: - ) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Intel(R) Driver Update Utility 2.5 (x32 Version: 2.5.0.22 - Intel) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Intel(R) Product Improvement Program (x32 Version: 2.1.27.3 - Intel) Hidden Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.1.1043 - Intel Corporation) Intel® Driver Update Utility (HKLM-x32\...\{aa1dec3b-dc4b-4db0-8c18-9157457eff1f}) (Version: 2.5.0.22 - Intel) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.) Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10120.11116 - Realtek Semiconductor Corp.) Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo) Lenovo Solution Center (HKLM\...\{AB46AC6D-3E9A-4484-8061-64FF10301B41}) (Version: 3.3.002.00 - Lenovo) Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 7.35.267 - Lenovo) M20 Gaming Mouse Driver (HKLM-x32\...\{D0E01BE3-1E25-4457-B25A-4D44F352C371}) (Version: - ) Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 16.0.7369.2038 - Microsoft Corporation) Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{C3525BF7-3698-4CD3-A8C3-69BD6F57BA3B}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation) My Summer Car (HKLM\...\Steam App 516750) (Version: - Amistech Games) Need For Speed Underground (HKLM-x32\...\{A99968BE-C155-474C-0089-33239DEE1CE2}) (Version: - ) NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation) NVIDIA Sterownik graficzny 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation) NvNodejs (Version: 3.1.0.52 - NVIDIA Corporation) Hidden NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7369.2038 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7369.2038 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7369.2038 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7369.2038 - Microsoft Corporation) Hidden Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.99.11.0 - Overwolf Ltd.) Panel sterowania NVIDIA 375.70 (Version: 375.70 - NVIDIA Corporation) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) PremiumSoft Navicat Lite 10.0 (HKLM-x32\...\PremiumSoft Navicat Lite_is1) (Version: - PremiumSoft CyberTech Ltd.) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21290 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7746 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games) SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation) SHIELD Streaming (Version: 7.1.0330 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.1.0.52 - NVIDIA Corporation) Hidden Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.) SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Management Studio (Version: 10.52.4000.0 - Microsoft Corporation) Hidden Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.78 - Synaptics Incorporated) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) TruckersMP 0.2.1.2.5 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.2.5 Alpha - TruckersMP Team) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-4044977474-879871873-2228097138-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4044977474-879871873-2228097138-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Paweł\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {063ADB97-1EAF-426A-8012-82BC2D209941} - System32\Tasks\{A94751CC-B6D8-40EA-9CB5-03CA4A894098} => pcalua.exe -a C:\Users\Paweł\AppData\Local\{4B027D5E-6FAA-11E6-0232-340E265AC896}\uninst.exe -c -FN="C:\Users\Paweł\AppData\Local\{4B5F7DE4-6E0D-1092-053B-3740D9E9CA7E}\SynHelper.exe"-P=/Uninstall /s /noun /DelSelfDir Task: {06F2A185-30C0-486E-AA0F-49D6DE93DDDA} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-04-20] (Lenovo) Task: {35457B06-2712-4B91-8CB1-0B67B7C324B8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation) Task: {3D9B30B7-3484-4279-9424-EB1D9CA9B28D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-10] (Google Inc.) Task: {3DE6B22D-3A01-4A70-9CB8-4456617D3302} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation) Task: {55E96EA6-9163-4CB0-96CA-21DEB86CCA9B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation) Task: {5C7D04BF-DA15-4E30-AE6B-2C750329E254} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd) Task: {67928007-ABF0-436F-9E62-3FCF3DF7ABC3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation) Task: {6F7425C2-1B7F-4081-8192-77B7CF0BF6F5} - System32\Tasks\{496DF6DA-893B-45B8-AFF2-494F5B3D9B64} => pcalua.exe -a C:\Users\Paweł\AppData\Local\{E630D06C-C298-BCD4-AF00-993C8B6865A4}\uninst.exe -c -FN="C:\Users\Paweł\AppData\Local\{E66DD0D6-C33F-BDA0-A809-9A7274DB674C}\updatetask.exe"-P=/Uninstall /s /noun /DelSelfDir Task: {73D8C3CC-BDB0-4187-861E-4316E62580F8} - System32\Tasks\{64F6AAEE-CF1D-451C-8602-789549E57FF5} => pcalua.exe -a D:\Eden4S\4Story.exe -d D:\Eden4S Task: {7F018248-C1A7-4CB6-A17D-B0E36985B62B} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {8621A715-7E50-4AFA-AEAA-C08A2AABA618} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation) Task: {8EE6682A-494C-4A96-A603-183E7E0EC270} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-10-30] (Overwolf LTD) Task: {987401B4-104E-4B4D-BBF0-E34726F714C9} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation) Task: {9ECDCCF1-87F0-4DD2-B383-BEE91B32A601} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs" Task: {A4D2A5A9-EEE3-49BC-B3AB-C3A5296D410F} - System32\Tasks\Bing Powered Search nirol => Wscript.exe "C:\ProgramData\{0312C671-8950-4CB7-0F96-D2F595D4593B}\tife.txt" "687474703a2f2f79786870612e636f6d" "433a5c50726f6772616d446174615c7b30333132433637312d383935302d344342372d304639362d4432463539354434353933427d5c666f6c6f6669" "433a5c50726f6772616d446174615c7b30333132433637312d383935302d344342372d304639 (dane wartości zawierają 78 znaków więcej). Task: {A5FF60FC-AB89-47C0-88A1-EAAE395D31BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-10] (Google Inc.) Task: {AA501F32-1B73-47FF-B206-133DA90260D2} - System32\Tasks\Driver Booster SkipUAC (Paweł) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {BACA087D-7080-492E-9A51-3B7029CE206A} - System32\Tasks\SafeZone scheduled Autoupdate 1462905157 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software) Task: {BBD7AE01-8AFC-4561-B88E-01638CDD1935} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation) Task: {BD5D52BE-F032-4C96-8CB4-D40286937B60} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-10-25] (NVIDIA Corporation) Task: {BE307354-7577-444A-9190-C40BD5EFE9D3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-10-09] (Microsoft Corporation) Task: {D21B5023-6EF4-4467-B8C4-F46138319FE5} - System32\Tasks\Yahoo! Powered nirol => Wscript.exe "C:\ProgramData\{8F724A11-0530-C0D7-83F6-5E9519B4D55B}\tife.txt" "687474703a2f2f7761676e672e636f6d" "433a5c50726f6772616d446174615c7b38463732344131312d303533302d433044372d383346362d3545393531394234443535427d5c666f6c6f6669" "433a5c50726f6772616d446174615c7b38463732344131312d303533302d433044372d383346 (dane wartości zawierają 78 znaków więcej). Task: {D38A40BE-59E9-42BB-B93E-A2084DE2CA0C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2016-04-20] (Lenovo) Task: {E4442D05-9955-473E-A2C3-E80D9D97014B} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-04-20] () Task: {E6BA8606-D403-4DED-AFC4-64018036DB4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation) Task: {F83CF3D7-E2D9-45A5-B93B-1E39E16942E2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-08] (AVAST Software) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Bing Powered Search nirol.job => Wscript.exe C:\ProgramData\{0312C671-8950-4CB7-0F96-D2F595D4593B}\tife.txt <==== UWAGA Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Yahoo! Powered nirol.job => Wscript.exe C:\ProgramData\{8F724A11-0530-C0D7-83F6-5E9519B4D55B}\tife.txt <==== UWAGA ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-03-09 19:43 - 2016-03-09 19:43 - 00118424 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe 2016-10-26 21:55 - 2016-10-25 20:21 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-10-26 21:55 - 2016-10-25 20:21 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2016-10-26 21:55 - 2016-10-25 20:21 - 00420408 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll 2016-05-21 23:41 - 2016-06-01 13:05 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe 2016-07-16 11:42 - 2016-07-16 11:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-09-29 22:13 - 2016-09-15 17:25 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-08-30 21:54 - 2016-10-25 20:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-09-29 22:13 - 2016-09-15 17:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-09-29 22:13 - 2016-09-15 17:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-10-02 18:13 - 2016-10-02 18:13 - 01864384 _____ () C:\Users\Paweł\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll 2016-05-27 14:50 - 2016-11-01 23:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-09-14 08:59 - 2016-09-07 04:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-11-08 22:42 - 2016-11-02 10:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-11-08 22:41 - 2016-11-02 10:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-11-08 22:42 - 2016-11-02 10:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-11-08 22:42 - 2016-11-02 10:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-11-08 22:42 - 2016-11-02 10:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-11-08 22:42 - 2016-11-02 10:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-10-30 09:28 - 2016-10-30 09:28 - 00247344 _____ () C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe 2016-08-26 18:25 - 2016-08-26 18:25 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2016-06-01 09:49 - 2014-07-15 09:18 - 00471040 _____ () C:\Program Files (x86)\Shark Zone M20\Monitor.exe 2016-11-04 12:47 - 2016-11-04 12:49 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2016-11-04 12:47 - 2016-11-04 12:49 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2016-11-04 12:47 - 2016-11-04 12:49 - 41608704 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2016-07-14 10:25 - 2016-07-14 10:25 - 00174872 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll 2016-07-14 10:25 - 2016-07-14 10:25 - 00103192 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll 2016-07-14 10:25 - 2016-07-14 10:25 - 00107800 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll 2016-07-14 10:26 - 2016-07-14 10:26 - 00312088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll 2016-07-14 10:26 - 2016-07-14 10:26 - 00485656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll 2016-05-10 18:54 - 2016-05-10 18:54 - 00150080 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe 2016-05-12 08:49 - 2016-11-11 09:11 - 00282296 _____ () C:\WINDOWS\SysWoW64\PnkBstrB.exe 2016-09-08 17:34 - 2016-09-08 17:34 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-11-09 15:12 - 2016-11-09 15:12 - 03130832 _____ () C:\Program Files\AVAST Software\Avast\defs\16110900\algo.dll 2016-09-08 17:34 - 2016-09-08 17:34 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-11-10 17:02 - 2016-11-10 17:02 - 03072000 _____ () C:\Program Files\AVAST Software\Avast\defs\16111000\algo.dll 2016-09-24 21:19 - 2016-09-24 21:18 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll 2016-05-21 23:22 - 2015-02-12 15:02 - 00224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll 2016-06-05 10:52 - 2016-10-25 20:21 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-10-26 21:55 - 2016-10-25 19:57 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2016-10-26 21:55 - 2016-10-25 19:57 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2016-10-26 21:55 - 2016-10-25 19:57 - 02808256 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2016-10-26 21:55 - 2016-10-25 20:21 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-10-26 21:55 - 2016-10-25 20:21 - 03776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll 2016-10-26 21:55 - 2016-10-25 19:57 - 00246840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2016-10-26 21:55 - 2016-10-25 19:57 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2016-10-26 21:55 - 2016-10-25 19:57 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2016-10-26 21:55 - 2016-10-25 19:57 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2016-10-30 09:28 - 2016-10-30 09:28 - 45069312 _____ () C:\Program Files (x86)\Overwolf\0.99.11.0\libcef.DLL 2016-07-01 22:55 - 2016-07-01 22:55 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-06-01 09:49 - 2014-07-01 08:00 - 00057344 _____ () C:\Program Files (x86)\Shark Zone M20\lan.dll 2016-10-26 21:55 - 2016-10-25 20:20 - 60819000 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2016-10-30 09:28 - 2016-10-30 09:28 - 01643008 _____ () C:\Program Files (x86)\Overwolf\0.99.11.0\libglesv2.dll 2016-10-30 09:28 - 2016-10-30 09:28 - 00074752 _____ () C:\Program Files (x86)\Overwolf\0.99.11.0\libegl.dll 2016-10-15 10:38 - 2016-10-15 10:38 - 00205824 _____ () C:\Program Files (x86)\AIMP\System\libsoxr.dll 2016-10-15 10:38 - 2016-10-15 10:38 - 00467968 _____ () C:\Program Files (x86)\AIMP\System\Encoders\libFLAC.dll 2016-10-15 10:38 - 2016-10-15 10:38 - 00759296 _____ () C:\Program Files (x86)\AIMP\System\Encoders\aimp_libvorbis.dll 2016-10-15 10:38 - 2016-10-15 10:38 - 00156208 _____ () C:\Program Files (x86)\AIMP\Plugins\aimp_AnalogMeter\aimp_AnalogMeter.dll 2016-10-15 10:38 - 2016-10-15 10:38 - 00159232 _____ () C:\Program Files (x86)\AIMP\Plugins\aimp_sacd\libsacd.dll 2016-10-15 10:38 - 2016-10-15 10:38 - 00026624 _____ () C:\Program Files (x86)\AIMP\Plugins\Aorta\Aorta.dll 2016-10-30 09:28 - 2016-10-30 09:28 - 01565128 _____ () C:\Program Files (x86)\Overwolf\0.99.11.0\teamspeak_control_win32.dll 2016-05-10 21:53 - 2016-09-08 03:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2016-05-10 21:53 - 2016-09-01 01:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2016-05-10 21:53 - 2016-10-13 01:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll 2016-05-10 21:53 - 2016-01-27 07:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2016-05-10 21:53 - 2016-01-27 07:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2016-05-10 21:53 - 2016-01-27 07:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2016-05-10 21:53 - 2016-01-27 07:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2016-05-10 21:53 - 2016-01-27 07:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2016-05-10 21:53 - 2016-09-01 01:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2016-05-10 21:53 - 2016-09-01 01:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2016-05-10 21:53 - 2016-10-13 01:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-05-10 21:53 - 2016-07-04 22:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2016-10-16 10:29 - 2016-08-04 20:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll 2016-05-10 21:53 - 2015-09-24 23:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll 2016-10-22 06:03 - 2016-10-20 08:47 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libglesv2.dll 2016-10-22 06:03 - 2016-10-20 08:47 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libegl.dll 2016-11-08 19:18 - 2016-11-08 19:18 - 17772736 _____ () C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.207\pepflashplayer.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2016-05-10 04:11 - 2016-08-22 17:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-4044977474-879871873-2228097138-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paweł\Desktop\364217.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKU\S-1-5-21-4044977474-879871873-2228097138-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4044977474-879871873-2228097138-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-4044977474-879871873-2228097138-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-4044977474-879871873-2228097138-1001\...\StartupApproved\Run: => "CyberGhost" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{AD6EF3C3-E9ED-49F2-B1E9-5CE22FA119D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{2F50EFE8-D4AA-4A04-ADAC-8278784C652C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D74FC769-B955-4676-BD6E-EFFE63BC7938}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{EBE6744F-085F-43C1-B31F-85B4550FF4DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{9E987DE7-DA50-41D1-BFAF-CD2B702FA3DC}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe FirewallRules: [{BC95FF9E-38AC-4017-84FB-4C400D01636B}] => (Allow) C:\Windows\syswow64\PnkBstrB.exe FirewallRules: [{850C38CA-499E-413D-97C5-079F7D546816}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe FirewallRules: [{B56EF137-13B1-42A7-85F9-C496C80C603F}] => (Allow) C:\Windows\syswow64\PnkBstrA.exe FirewallRules: [UDP Query User{920BD75A-DCC0-4D88-9225-C9AEEE7A9374}C:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) C:\program files (x86)\origin games\bfh\bfh.exe FirewallRules: [TCP Query User{0B93619D-275B-4C9E-9FBD-20EFA2D98A17}C:\program files (x86)\origin games\bfh\bfh.exe] => (Allow) C:\program files (x86)\origin games\bfh\bfh.exe FirewallRules: [{48B4C5D0-8425-4B71-BA4A-65D0096935DA}] => (Allow) C:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe FirewallRules: [{E956696A-A013-4C57-89DC-FEB1FCBE30CC}] => (Allow) C:\Program Files (x86)\Origin Games\BFH\BFHWebHelper.exe FirewallRules: [UDP Query User{097B0395-95A8-4272-9533-FB084C22998A}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [TCP Query User{114CB0FB-ADAD-4606-90BA-D7A9F6AB6941}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [{8DB5DD3D-F5E3-436C-B14D-547F7515EC68}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{D2A8D5E1-8FE4-4433-ACBA-3B07790F65A0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{B10765A3-05E8-40F2-8FFE-D586DBF04B3A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{F6590F55-A417-40F0-A303-8F5BD3EB4EA5}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{CB0DD49A-C19E-458D-9744-09622B71EB69}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{9BB08838-D221-476C-80D8-3D25D23DA115}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [UDP Query User{B8BE1524-C0A8-4C43-B7D8-59C18685A54E}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [TCP Query User{806136EA-8D7F-473F-987C-D1D35321B82F}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{9AF03AD4-5182-4B9A-8C02-4812863853DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{17B7AF41-B357-4D1C-98D2-E6F365C61883}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{E183C261-2FA8-402D-B8D1-788134BDBFD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe FirewallRules: [{08ADB02E-AFDC-4278-B7B8-0089ACB0D0B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe FirewallRules: [{7CCB237F-85D2-40E9-811D-9941E6811BB4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{35D936E3-999C-4838-BF29-EE8404E0CA68}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E6F3DE94-9EA5-4ECD-B3C3-C1D6030C3D57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{B6A16320-C7D0-483E-BAFF-7DB583D0965F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{28EC7A6B-4262-4086-B68E-0B4BD8024166}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [TCP Query User{BB6C6A5F-A6DD-426D-8B0D-12193AF40785}C:\users\paweł\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\paweł\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{A4326784-7C2B-4D36-BD22-339238629681}C:\users\paweł\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\paweł\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{44C7CEE1-FEAD-4E2A-92E2-8B42D6A1385C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{E06BADE1-F3D5-4BC9-8310-6886680D380E}C:\program files (x86)\trinusvr\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe FirewallRules: [UDP Query User{1B007B30-BAFA-43E2-9ADD-F48C3BFAACFF}C:\program files (x86)\trinusvr\tgserver.exe] => (Allow) C:\program files (x86)\trinusvr\tgserver.exe FirewallRules: [{5C9D9DB3-06B5-4395-9D95-9577B94AC21A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Summer Car\mysummercar.exe FirewallRules: [{EFA1B16C-A608-4F7E-B390-E1FAD687AEA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Summer Car\mysummercar.exe FirewallRules: [{F0EB89CD-B5C4-403D-A865-BD9B32F84F5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{BD4BDF5B-C35B-4531-8917-6CC892B67009}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{CD50D82A-61F4-44B4-9A06-48DAC96C0815}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{59DA3652-B566-4015-9BD2-DD9988082BE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{70C78920-2902-4F23-B9B3-9F1274CB53AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{424B6CBB-1EC4-4264-A007-45298955225C}] => (Allow) LPort=8317 ==================== Punkty Przywracania systemu ========================= 08-11-2016 22:47:13 Zaplanowany punkt kontrolny 10-11-2016 08:59:20 Removed Camtasia Studio 8 ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: avast! SecureLine TAP Adapter v3 Description: avast! SecureLine TAP Adapter v3 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-Windows Provider V9 Service: aswTap Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (11/11/2016 09:06:48 AM) (Source: Steam Client Service) (EventID: 1) (User: ) Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe Error: (11/11/2016 07:59:26 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Nie powiodło się wykonanie procedury otwierania dla usługi „WmiApRpl” w bibliotece DLL „C:\WINDOWS\system32\wbem\wmiaprpl.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu. Error: (11/11/2016 07:59:26 AM) (Source: Perflib) (EventID: 1023) (User: ) Description: System Windows nie może załadować biblioteki DLL licznika rozszerzalnego rdyboost. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu systemu Windows. Error: (11/11/2016 07:59:26 AM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Nie można otworzyć obiektu wydajności usługi Server. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod stanu. Error: (11/11/2016 07:59:25 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Nie powiodło się wykonanie procedury otwierania dla usługi „MSDTC” w bibliotece DLL „C:\WINDOWS\system32\msdtcuiu.DLL”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu. Error: (11/11/2016 07:59:25 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Nie powiodło się wykonanie procedury otwierania dla usługi „Lsa” w bibliotece DLL „C:\Windows\System32\Secur32.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu. Error: (11/11/2016 07:59:25 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Nie powiodło się wykonanie procedury otwierania dla usługi „ESENT” w bibliotece DLL „C:\WINDOWS\system32\esentprf.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu. Error: (11/11/2016 07:59:25 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Nie powiodło się wykonanie procedury otwierania dla usługi „BITS” w bibliotece DLL „C:\Windows\System32\bitsperf.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu. Error: (11/10/2016 09:25:24 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (11/10/2016 05:02:23 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Nie powiodło się wykonanie procedury otwierania dla usługi „WmiApRpl” w bibliotece DLL „C:\WINDOWS\system32\wbem\wmiaprpl.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu. Dziennik System: ============= Error: (11/11/2016 07:58:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa CDPUserSvc_1f35d5d zakończyła działanie; wystąpił następujący błąd: Nieokreślony błąd. Error: (11/10/2016 10:55:46 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (11/10/2016 05:00:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa CDPUserSvc_194db26 zakończyła działanie; wystąpił następujący błąd: Nieokreślony błąd. Error: (11/10/2016 08:40:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Menedżer pobranych map niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (11/10/2016 08:35:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa CDPUserSvc_155ba0 zakończyła działanie; wystąpił następujący błąd: Nieokreślony błąd. Error: (11/10/2016 08:32:19 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 30) (User: ZARZĄDZANIE NT) Description: Usługa rejestrowania zdarzeń napotkała błąd (5) podczas włączania wydawcy {0BF2FB94-7B60-4B4D-9766-E82F658DF540} w kanale Microsoft-Windows-Kernel-ShimEngine/Operational. Nie wpływa to na działanie kanału, ale wpływa na zdolność wydawcy do wywoływania zdarzeń w kanale. Często ten błąd wynika z faktu, że dostawca korzysta z zabezpieczeń dostawcy ETW i nie udzielił tożsamości usługi Dziennik zdarzeń uprawnień do włączania. Error: (11/10/2016 08:31:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi SecDrv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (11/10/2016 08:31:26 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS Error: (11/09/2016 12:28:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa CDPUserSvc_c6e7f1 zakończyła działanie; wystąpił następujący błąd: Nieokreślony błąd. Error: (11/09/2016 11:11:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa CDPUserSvc_ab3f95 zakończyła działanie; wystąpił następujący błąd: Nieokreślony błąd. CodeIntegrity: =================================== Date: 2016-11-11 09:07:22.295 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.99.11.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2016-11-10 09:05:43.279 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.99.11.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2016-11-08 09:36:30.798 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.99.11.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2016-11-06 20:41:38.986 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.99.11.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2016-11-06 14:48:59.616 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.99.10.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2016-11-06 07:26:06.559 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.99.10.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2016-11-06 07:23:47.321 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.99.10.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2016-11-06 07:22:34.124 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.99.10.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2016-11-05 19:02:45.651 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.99.10.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2016-11-05 19:02:08.276 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.99.10.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz Procent pamięci w użyciu: 51% Całkowita pamięć fizyczna: 8104.27 MB Dostępna pamięć fizyczna: 3903.41 MB Całkowita pamięć wirtualna: 9384.27 MB Dostępna pamięć wirtualna: 3513.21 MB ==================== Dyski ================================ Drive c: (Windows8_OS) (Fixed) (Total:890.45 GB) (Free:443.26 GB) NTFS Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:8.05 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: BAE2BF56) Partition: GPT. ==================== Koniec Addition.txt ============================