Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 05-02-2017 Uruchomiony przez kalaf (09-02-2017 10:41:02) Uruchomiony z C:\Users\kalaf\Desktop Windows 10 Home Wersja 1607 (X64) (2016-12-30 17:37:48) Tryb startu: Safe Mode (minimal) ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1628903085-3153969073-3806713493-500 - Administrator - Disabled) defaultuser0 (S-1-5-21-1628903085-3153969073-3806713493-1000 - Limited - Disabled) => C:\Users\defaultuser0 Gość (S-1-5-21-1628903085-3153969073-3806713493-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1628903085-3153969073-3806713493-1003 - Limited - Enabled) kalaf (S-1-5-21-1628903085-3153969073-3806713493-1001 - Administrator - Enabled) => C:\Users\kalaf Konto domyślne (S-1-5-21-1628903085-3153969073-3806713493-503 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Baidu Antivirus (Enabled - Up to date) {0B023102-4312-4570-585A-1BAAA3570E16} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Baidu Antivirus (Disabled - Up to date) {B063D0E6-6528-4AFE-62EA-20D8D8D044AB} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1628903085-3153969073-3806713493-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.13.0.21 (Version: 2.13.0.21 - NVIDIA Corporation) Hidden Ansel (Version: 376.33 - NVIDIA Corporation) Hidden Atom (HKU\S-1-5-21-1628903085-3153969073-3806713493-1001\...\atom) (Version: 1.14.0 - GitHub Inc.) Baidu Antivirus (HKLM-x32\...\Baidu Antivirus) (Version: 5.4.3.148966 - Baidu, Inc.) Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.59.26 - Broadcom Corporation) Driver Booster 4.2 (HKLM-x32\...\Driver Booster_is1) (Version: 4.2.0 - IObit) FileZilla Client 3.23.0.2 (HKU\S-1-5-21-1628903085-3153969073-3806713493-1001\...\FileZilla Client) (Version: 3.23.0.2 - Tim Kosse) GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team) Inkscape 0.92.0 (HKLM-x32\...\Inkscape) (Version: 0.92.0 - Inkscape Project) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation) IrfanView 4.44 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.44 - Irfan Skiljan) Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java 8 Update 112 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180112F0}) (Version: 8.0.1120.15 - Oracle Corporation) Java 8 Update 112 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180112F0}) (Version: 8.0.1120.15 - Oracle Corporation) Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1628903085-3153969073-3806713493-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft SharePoint Designer 2010 (HKLM-x32\...\Office14.SharePointDesigner) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mozilla Firefox 51.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 pl)) (Version: 51.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.1 - Notepad++ Team) NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NVIDIA Sterownik graficzny 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation) NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden Panel sterowania NVIDIA 376.33 (Version: 376.33 - NVIDIA Corporation) Hidden R for Windows 3.3.2 (HKLM\...\R for Windows 3.3.2_is1) (Version: 3.3.2 - R Core Team) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.) Rochard (HKLM\...\Steam App 107800) (Version: - Recoil Games) RStudio (HKLM-x32\...\RStudio) (Version: 1.0.136 - RStudio) SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden Spotify (HKU\S-1-5-21-1628903085-3153969073-3806713493-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Total War: WARHAMMER (HKLM\...\Steam App 364360) (Version: - Creative Assembly) Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.5.1 - Unified Intents AB) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Warhammer: End Times - Vermintide (HKLM\...\Steam App 235540) (Version: - Fatshark) WinRAR 5.40 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) XAMPP (HKLM-x32\...\xampp) (Version: 5.6.28-1 - Bitnami) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1628903085-3153969073-3806713493-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0E30E719-2CCD-44CB-A236-D7869AC3AF21} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation) Task: {4FB5ED81-F4DE-4E50-9EBD-E91E5F01AFD1} - System32\Tasks\Bozoty Agent => C:\Program Files (x86)\Stfokchaquy\kogght.exe [2017-02-08] (Glarysoft Ltd) Task: {516EE438-E21D-4288-9635-4DAE90A42716} - System32\Tasks\Baidu Antivirus Update => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BavUpdater.exe [2017-02-08] (Baidu, Inc.) Task: {521F64EC-390A-4F4D-B036-2629A82ED9BA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {5456AE71-F80F-4C55-8F2D-C1CBC4C291F1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation) Task: {584C84F2-9C9B-49D2-9BF6-5A2463D84AEF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation) Task: {6756CAFE-983A-477F-961B-DB6D53E93D86} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation) Task: {AD27CE6B-8A7C-42B8-92DB-46F0C26B9686} - System32\Tasks\Vdeghcosily => /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel.php?u=KINGSTONXSUV400S37240G_50026B766603435C&v=201728 /q Task: {BD6E4F61-EF62-436D-BEDC-198E1310E19D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-12] (NVIDIA Corporation) Task: {E82A8716-5ADA-4E26-AFE2-89D44B0A4C7C} - System32\Tasks\{20687E0D-8D8D-4761-B4E3-F98B170EFE54} => pcalua.exe -a C:\Users\kalaf\Desktop\GAP.2.6_win\GAP-installer\Gimp-GAP-2.6.0-Setup2.exe -d C:\Users\kalaf\Desktop\GAP.2.6_win\GAP-installer Task: {F218DD71-CA35-48AD-9C03-59CF52C9E11A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-12] (NVIDIA Corporation) Task: {F3B15086-DA37-4BCD-87CB-C06F6B54B646} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js" (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll 2016-12-31 12:06 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll 2016-12-31 12:06 - 2016-12-09 11:29 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll 2016-12-31 12:05 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-01-11 13:01 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-01-11 13:00 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-01-11 13:00 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-01-11 13:00 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-01-11 13:00 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-01-11 13:00 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-02-08 15:29 - 2017-02-08 15:29 - 00297968 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\HipsLogger.dll 2017-02-08 15:29 - 2015-05-28 12:44 - 00198128 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\dark.dll 2017-02-08 15:29 - 2017-02-08 15:29 - 00540656 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\sqlite.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1" iver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"="0" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"="0" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2017-01-05 09:48 - 2017-02-08 16:24 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1628903085-3153969073-3806713493-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kalaf\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp DNS Servers: Urządzenie nie jest podłączone do internetu. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKLM\...\StartupApproved\Run32: => "331BigDog" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [{038298D6-3BE1-4515-B548-73BACCF157DE}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A84D299F-8184-40A1-95FB-F1D4D0342959}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EC882A37-596B-499D-9E6D-63169E948BD1}] => C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{D6C01C44-E702-47A9-B16D-B14C6B7FF607}] => C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{612BBE14-D7BE-43D7-A14A-4155F5DB4677}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B5BB2D71-61C3-4C02-B8B5-EFE39632D300}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{308C2CEE-4648-4AE1-84B5-29687B56E8B2}C:\users\kalaf\appdata\roaming\spotify\spotify.exe] => C:\users\kalaf\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{04528D71-8EF2-4D60-896F-52152328A6EE}C:\users\kalaf\appdata\roaming\spotify\spotify.exe] => C:\users\kalaf\appdata\roaming\spotify\spotify.exe FirewallRules: [{5B0BB770-E63C-45AD-B745-57B338371976}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{FACE4CFC-BF0E-41B2-B712-D5ECEF734BA2}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{0584F5AE-11AA-40CD-BFA7-5080FCA07060}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{EAD3F3A4-3F5E-420F-A8C9-DBEC4DA1916E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{663004A3-071B-47B5-AAEA-5CB1FE3A7D00}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{946FA40F-8966-407C-B862-46093B498C60}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{9C79DF7E-7F1D-43C5-A0A8-B0F5D351F015}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{9CF3023C-4BCD-4C98-9C85-6A4CADF775C3}] => C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{C3DC66AC-E9CC-44BC-9620-05D59B251417}] => C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{62043F2F-370E-4921-9AAA-FA47BBA6B675}] => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{CF0AB72D-3DFC-4912-9D42-70C4B82D9347}] => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{659C81E0-FBB8-42EB-A6EE-05D60BF9F194}] => C:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe FirewallRules: [{A071C464-9D89-4848-8EAD-CB66FB67C660}] => C:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe FirewallRules: [{CF449A76-4DF9-4470-9310-287C5451C607}] => C:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe FirewallRules: [{9B2583B9-33CD-4632-A950-731F3C1ACB74}] => C:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe FirewallRules: [{A0BD0305-3F46-45EA-906B-6EE2E5338163}] => C:\Users\kalaf\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5A9B57F1-2A64-4F9E-8C79-F18121E6B506}] => C:\Users\kalaf\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C01FF0F5-7D84-48DE-AFED-0A2820CD0D75}] => C:\Users\kalaf\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D2414ADA-CBDF-4CF9-81D4-E5FC9F169C20}] => C:\Users\kalaf\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{1C20DCBB-AE56-4224-877D-CD721047E24A}] => C:\Users\kalaf\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CC4EDF43-2FD1-4673-8498-B57C4032170B}] => C:\Users\kalaf\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CC63CB13-C172-4F29-A2D8-2712DE0C7F15}] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe FirewallRules: [{1D9F7F86-DAFC-44E6-9E12-5A8AF4D9A139}] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe FirewallRules: [{792DA2FC-84DE-46E6-8F21-68925F0385E0}] => C:\Program Files (x86)\Steam\steamapps\common\Rochard\Rochard.exe FirewallRules: [{56BECECF-EF35-4AEC-81EE-385FE00B1349}] => C:\Program Files (x86)\Steam\steamapps\common\Rochard\Rochard.exe FirewallRules: [TCP Query User{CCAA036F-6757-429E-814A-D16788F3BD75}C:\xampp\apache\bin\httpd.exe] => C:\xampp\apache\bin\httpd.exe FirewallRules: [UDP Query User{C23D792F-3BD9-4852-9C55-56F62DE08CDA}C:\xampp\apache\bin\httpd.exe] => C:\xampp\apache\bin\httpd.exe FirewallRules: [TCP Query User{6393C55F-C286-4C7D-A2FF-C56F1178C8AD}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe FirewallRules: [UDP Query User{4E8105A1-56D6-482E-AD71-DCE5B5E31BDD}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe FirewallRules: [TCP Query User{2EF0111E-341F-4234-B9EE-64D16E39AD78}C:\users\kalaf\appdata\roaming\spotify\spotify.exe] => C:\users\kalaf\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{38751900-1D8B-4F7B-A6F4-03D2C14AC687}C:\users\kalaf\appdata\roaming\spotify\spotify.exe] => C:\users\kalaf\appdata\roaming\spotify\spotify.exe FirewallRules: [{83FB7665-56EC-4030-A906-E92262968011}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe FirewallRules: [{69A1A762-8FCF-427F-8072-5D906719A2FD}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe FirewallRules: [{34AEEF38-04C6-4ECB-89A8-090C207E0CFB}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe FirewallRules: [{1FEC0400-3112-4A7C-9468-5163917B6FAB}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe FirewallRules: [{F26485CA-163F-4A2C-862F-5437D9D0757A}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe FirewallRules: [{E2A17EB9-113F-4D11-8381-34607E3983F3}] => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe FirewallRules: [{05FA7838-D9D5-4D0D-8D70-BAB74FD1B30C}] => C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe FirewallRules: [{AF8D5964-B7FC-4B6F-8959-9163A1733C05}] => C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe FirewallRules: [{79098BD9-2C67-422F-B864-EA53F3F01F9D}] => C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe FirewallRules: [{9F44F5BC-80EB-4276-A4A6-FEAA5735D06D}] => C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe FirewallRules: [TCP Query User{318D0520-6FE0-49E9-ADBC-59AB64BA3F26}C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe FirewallRules: [UDP Query User{74CF4317-D010-43A0-B5A3-826E04F7E2DA}C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => C:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe FirewallRules: [{B8E7A59C-5723-4270-92D8-F79FDDF16B77}] => C:\Windows\Temp\F1DF.tmp ==================== Punkty Przywracania systemu ========================= 25-01-2017 10:52:53 Windows Update 03-02-2017 10:37:26 Zaplanowany punkt kontrolny 07-02-2017 12:41:16 Installed PDFsam Basic 07-02-2017 21:05:33 Removed PDFsam Basic 07-02-2017 22:50:14 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 07-02-2017 22:50:32 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 08-02-2017 16:08:09 JRT Pre-Junkware Removal 08-02-2017 16:30:38 JRT Pre-Junkware Removal 08-02-2017 21:55:22 JRT Pre-Junkware Removal 09-02-2017 00:28:09 JRT Pre-Junkware Removal 09-02-2017 09:45:41 JRT Pre-Junkware Removal ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/09/2017 10:40:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-8UBAL81) Description: Aktywacja aplikacji Microsoft.Getstarted_4.4.11.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca nie powiodła się. Błąd: -2144927149. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (02/09/2017 10:40:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-8UBAL81) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (02/09/2017 09:45:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (02/09/2017 12:28:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (02/08/2017 09:55:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (02/08/2017 09:53:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-8UBAL81) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (02/08/2017 04:30:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service MSBuildGIMP since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (02/08/2017 04:30:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (02/08/2017 04:27:25 PM) (Source: SideBySide) (EventID: 63) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\R\R-3.3.2\Tcl\bin64\tk85.dll". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files\R\R-3.3.2\Tcl\bin64\tk85.dll" w wierszu 9. Wartość "x64" atrybutu "processorArchitecture" elementu "assemblyIdentity" jest nieprawidłowa. Error: (02/08/2017 04:21:35 PM) (Source: SideBySide) (EventID: 63) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\R\R-3.3.2\Tcl\bin64\tk85.dll". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files\R\R-3.3.2\Tcl\bin64\tk85.dll" w wierszu 9. Wartość "x64" atrybutu "processorArchitecture" elementu "assemblyIdentity" jest nieprawidłowa. Dziennik System: ============= Error: (02/09/2017 10:41:22 AM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi EventSystem z argumentami Niedostępny w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (02/09/2017 10:41:18 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8UBAL81) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (02/09/2017 10:41:02 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8UBAL81) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami Niedostępny w celu uruchomienia serwera: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (02/09/2017 10:41:02 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8UBAL81) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami Niedostępny w celu uruchomienia serwera: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (02/09/2017 10:41:02 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8UBAL81) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami Niedostępny w celu uruchomienia serwera: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (02/09/2017 10:41:02 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8UBAL81) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami Niedostępny w celu uruchomienia serwera: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (02/09/2017 10:41:02 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8UBAL81) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (02/09/2017 10:40:34 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8UBAL81) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami Niedostępny w celu uruchomienia serwera: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (02/09/2017 10:40:34 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8UBAL81) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami Niedostępny w celu uruchomienia serwera: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (02/09/2017 10:40:34 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8UBAL81) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami Niedostępny w celu uruchomienia serwera: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} CodeIntegrity: =================================== Date: 2017-02-07 19:31:51.902 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_03205ffa8fdea79d\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-07 19:31:51.836 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-01 20:50:07.513 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_03205ffa8fdea79d\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-01 20:50:07.451 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-22 12:54:20.792 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_03205ffa8fdea79d\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-22 12:54:20.696 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-11 19:43:25.506 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_03205ffa8fdea79d\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-11 19:43:25.389 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-09 13:18:37.055 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-06 12:18:56.712 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_03205ffa8fdea79d\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz Procent pamięci w użyciu: 11% Całkowita pamięć fizyczna: 8052.91 MB Dostępna pamięć fizyczna: 7136.01 MB Całkowita pamięć wirtualna: 8564.91 MB Dostępna pamięć wirtualna: 7888.57 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:223.08 GB) (Free:67.27 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 3D00C766) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================