Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja: 23-02-2017 01 Uruchomiony przez xxx (24-02-2017 14:43:48) Uruchomiony z C:\Users\xxx\Desktop Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2016-04-17 11:39:25) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2599007298-2543632282-320148146-500 - Administrator - Disabled) Gość (S-1-5-21-2599007298-2543632282-320148146-501 - Limited - Disabled) xxx (S-1-5-21-2599007298-2543632282-320148146-1000 - Administrator - Enabled) => C:\Users\xxx ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.3.183.90 - Adobe Systems Incorporated) Aktualizacje NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden BikaQ Rss (HKLM\...\{78A2D999-4673-4FCC-818E-57B0AF8F3B70}) (Version: 2.0.16 - BikaQ) BlueStacks App Player (HKLM\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.) Booking.com version 1.1.0.5019 (HKLM\...\{F9B4E180-69C1-4414-81E6-DF79F5F971B1}_is1) (Version: 1.1.0.5019 - Booking.com) <==== UWAGA CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) f.lux (HKU\S-1-5-21-2599007298-2543632282-320148146-1000\...\Flux) (Version: - ) Facebook Gameroom 1.2.1.5 (HKLM\...\{61373D8E-915C-49C2-B9B9-1834EBD9B64B}) (Version: 1.2.1.5 - Facebook) Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (Version: 3.0.1 - Riot Games) Hidden McAfee WebAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.228 - McAfee, Inc.) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Excel Packages (HKU\S-1-5-21-2599007298-2543632282-320148146-1000\...\Microsoft Excel Packages) (Version: - ) <==== UWAGA Microsoft Office Standard 2013 (HKLM\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation) NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.95 - NVIDIA Corporation) NVIDIA Sterownik graficzny 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.95 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) Overwolf.Setup.VC100CRTx86.Dist (Version: 1.0.0 - Overwolf) Hidden Panel sterowania NVIDIA 341.95 (Version: 341.95 - NVIDIA Corporation) Hidden Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden SHU (HKLM\...\{DF11DD92-DBB8-4F3F-9564-A8BBDBE986F5}_is1) (Version: 1.0 - ScreenShu Software) Skype™ 7.30 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.) Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) Traffic Exchange (Version: 2.1.0 - Microleaves) Hidden <==== UWAGA Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) WinRAR 5.31 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) WinSnare (HKLM\...\{C881D603-277F-4056-918D-654844EF2B37}) (Version: 4.1.6 - WinSnare) <==== UWAGA ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2599007298-2543632282-320148146-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2599007298-2543632282-320148146-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2599007298-2543632282-320148146-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2599007298-2543632282-320148146-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2599007298-2543632282-320148146-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2599007298-2543632282-320148146-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {014B719B-4C17-4980-934F-88F8ACDADCC0} - System32\Tasks\Traffic Exchange => C:\Program Files\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD) <==== UWAGA Task: {072DEBE4-7BF6-4371-80AD-84E8E29128BC} - System32\Tasks\UCBrowserUpdater => C:\Program Files\UCBrowser\Application\update_task.exe [2017-02-15] (UCWeb Inc) <==== UWAGA Task: {09B43A36-C959-43E6-92D7-0CD7053BFE54} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {0A52D664-2623-4F88-9C36-576F83BB4234} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.) Task: {0F080C6B-5DA9-47B5-A544-C91F64053111} - System32\Tasks\Showeckshefik Manager => C:\Program Files\Gafiselepsy\dclebsy.exe [2017-02-24] (Glarysoft Ltd) Task: {117DD538-5EB6-4568-B76B-918639F53C18} - System32\Tasks\Traffic Exchange Guardian => C:\Program Files\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD) <==== UWAGA Task: {392C1172-775A-41F9-9C76-740C5FB53E70} - System32\Tasks\UCBrowserSecureUpdater => C:\Program Files\UCBrowser\Security\uclauncher-x86.exe [2017-02-24] (UC Web Inc.) <==== UWAGA Task: {4C1F3042-DB60-4878-B038-D93CFB038B94} - System32\Tasks\osTip => Chrome.exe <==== UWAGA Task: {698BB5C5-39A6-4ADB-9279-39D28B593AB3} - System32\Tasks\xxxOtoscopiesImplodedV2 => Rundll32.exe SomewhatClicks.dll,main 7 1 <==== UWAGA Task: {6B89C837-DEBF-4C34-BFFA-AFAE28E25036} - System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel => C:\Program Files\BikaQRss\BikaQ.exe [2017-02-23] (IEC) Task: {6EFB4C02-F5C1-4570-A59C-574E986B50B7} - System32\Tasks\Traffic Exchange v2 - 3 => C:\Program Files\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe [2016-11-22] (Microleaves LTD) <==== UWAGA Task: {745542C3-6238-48B3-A2DB-A20A06A6FDDD} - System32\Tasks\Traffic Exchange v2 - 1 => C:\Program Files\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe [2016-11-22] (Microleaves LTD) <==== UWAGA Task: {74E5B33F-28D4-483A-9767-BD4715EDBE7C} - System32\Tasks\Traffic Exchange v209 - 2 => C:\Program Files\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe [2017-02-07] (Microleaves LTD) <==== UWAGA Task: {80B2811C-485A-4BC6-9E94-2A577B6CABC3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-07-13] (Piriform Ltd) Task: {9672AC83-1C62-47C0-BF63-E824FE5EB43D} - System32\Tasks\UCBrowserUpdaterCore => C:\Program Files\UCBrowser\Application\update_task.exe [2017-02-15] (UCWeb Inc) <==== UWAGA Task: {A503CD8D-9EA7-44C3-A5EA-96B3595A3D40} - System32\Tasks\Traffic Exchange v209 - 1 => C:\Program Files\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe [2017-02-07] (Microleaves LTD) <==== UWAGA Task: {A6A70E9D-0A3D-45F8-A62F-B8859A5FDCF2} - System32\Tasks\Milimili => C:\Program Files\MIO\MIO.exe [2017-02-24] () Task: {ADB6E067-6558-429B-A8E4-8F3E5EADBDA6} - System32\Tasks\Traffic Exchange Guard => C:\Program Files\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD) <==== UWAGA Task: {B3835E3B-122E-4115-A92B-BA230D3EF3AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.) Task: {BEE012E5-1092-4926-808B-AB87400553E0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-10-18] (AVAST Software) Task: {C12EEAFD-3EFF-4824-89A8-0731CBCF1107} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {DFD8DA8B-2D8B-4ACF-BC2E-0F28A69CA2E3} - System32\Tasks\Traffic Exchange v2 - 2 => C:\Program Files\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe [2016-11-22] (Microleaves LTD) <==== UWAGA Task: {E27C1835-D5D3-401A-8E32-02D9AAAB246D} - System32\Tasks\Traffic Exchange Updater => C:\Program Files\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe [2017-02-15] (Microleaves) <==== UWAGA Task: {F043AEE1-3B58-45C7-B730-9BD495854204} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {FFD86F09-01D3-4B25-A635-87D80D688E23} - System32\Tasks\Traffic Exchange v209 - 3 => C:\Program Files\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe [2017-02-07] (Microleaves LTD) <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Traffic Exchange Updater.job => C:\Program Files\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe <==== UWAGA Task: C:\Windows\Tasks\Traffic Exchange v2 - 1.job => C:\Program Files\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== UWAGA Task: C:\Windows\Tasks\Traffic Exchange v2 - 2.job => C:\Program Files\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== UWAGA Task: C:\Windows\Tasks\Traffic Exchange v2 - 3.job => C:\Program Files\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== UWAGA Task: C:\Windows\Tasks\Traffic Exchange v209 - 1.job => C:\Program Files\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== UWAGA Task: C:\Windows\Tasks\Traffic Exchange v209 - 2.job => C:\Program Files\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== UWAGA Task: C:\Windows\Tasks\Traffic Exchange v209 - 3.job => C:\Program Files\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== UWAGA Task: C:\Windows\Tasks\UCBrowserUpdater.job => C:\Program Files\UCBrowser\Application\update_task.exe <==== UWAGA Task: C:\Windows\Tasks\UCBrowserUpdaterCore.job => C:\Program Files\UCBrowser\Application\update_task.exe <==== UWAGA ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) WMI_ActiveScriptEventConsumer_ASEC: <===== UWAGA ShortcutWithArgument: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\xxx\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\xxx\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\xxx\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/ ==================== Załadowane moduły (filtrowane) ============== 2016-07-06 13:46 - 2016-01-29 11:14 - 00121792 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2017-02-24 00:06 - 2017-02-24 00:06 - 00425368 _____ () C:\Program Files\żěŃą\X86\KZipShell.dll 2017-02-24 00:03 - 2017-02-24 00:03 - 00274944 _____ () C:\Program Files\Showeckshefik Manager\local32spl.dll 2017-02-24 00:04 - 2017-02-24 00:04 - 01620992 _____ () C:\ProgramData\service.exe 2017-02-24 00:06 - 2017-02-24 00:06 - 00219032 _____ () c:\program files\żěńą\x86\kuaizipupdatechecker.dll 2017-02-24 00:04 - 2016-11-26 06:52 - 00256032 _____ () C:\Program Files\Maoha\MaohaAP\Updater\CheckUpdate.dll 2017-02-24 00:04 - 2016-11-26 06:52 - 00237088 _____ () C:\Program Files\Maoha\MaohaAP\tipsdll.dll 2017-02-24 00:04 - 2017-02-15 11:59 - 00599440 _____ () C:\Program Files\UCBrowser\Application\UCService.exe 2016-04-26 18:39 - 2016-12-23 19:28 - 00657184 _____ () C:\Program Files\Steam\SDL2.dll 2016-04-26 18:39 - 2016-09-01 02:02 - 04969248 _____ () C:\Program Files\Steam\v8.dll 2016-04-26 18:39 - 2016-09-01 02:02 - 01563936 _____ () C:\Program Files\Steam\icui18n.dll 2016-04-26 18:39 - 2016-09-01 02:02 - 01195296 _____ () C:\Program Files\Steam\icuuc.dll 2016-04-26 18:39 - 2017-01-19 02:30 - 02327840 _____ () C:\Program Files\Steam\video.dll 2016-04-26 18:39 - 2016-01-27 08:49 - 02549760 _____ () C:\Program Files\Steam\libavcodec-56.dll 2016-04-26 18:39 - 2016-01-27 08:49 - 00442880 _____ () C:\Program Files\Steam\libavutil-54.dll 2016-04-26 18:39 - 2016-01-27 08:49 - 00491008 _____ () C:\Program Files\Steam\libavformat-56.dll 2016-04-26 18:39 - 2016-01-27 08:49 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll 2016-04-26 18:39 - 2016-01-27 08:49 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll 2016-04-26 18:39 - 2017-01-19 02:30 - 00838432 _____ () C:\Program Files\Steam\bin\chromehtml.DLL 2016-04-26 18:39 - 2016-07-04 23:17 - 00266560 _____ () C:\Program Files\Steam\openvr_api.dll 2017-02-24 00:04 - 2017-02-24 00:04 - 02072064 _____ () C:\Users\xxx\AppData\Local\Temp\00019837\msiql.exe 2016-12-13 10:11 - 2017-01-05 04:12 - 68813088 _____ () C:\Program Files\Steam\bin\cef\cef.win7\libcef.dll 2016-04-26 18:39 - 2017-01-19 02:30 - 00383776 _____ () C:\Program Files\Steam\steam.dll 2017-02-24 00:04 - 2017-02-15 11:59 - 02149136 _____ () C:\Program Files\UCBrowser\Application\6.0.1471.913\UCAgent.exe 2017-02-07 16:34 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libglesv2.dll 2017-02-07 16:34 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x86.sys [84370] AlternateDataStreams: C:\Windows\system32\drivers:x86 [1221154] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:04 - 2016-08-24 20:42 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2599007298-2543632282-320148146-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 37.8.214.2 - 31.11.202.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupfolder: C:^Users^xxx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Gameroom.lnk => C:\Windows\pss\Facebook Gameroom.lnk.Startup MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: SHU => "C:\Program Files\SHU\SHU.exe" silent MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{F0318BFA-5208-4415-BDC3-72B7BDB45C21}] => (Allow) C:\Program Files\Steam\Steam.exe FirewallRules: [{DEF88505-1D3B-44EF-9601-021A666A642D}] => (Allow) C:\Program Files\Steam\Steam.exe FirewallRules: [{8B87446A-F6E9-4014-AF8F-605118EED615}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{0CA3DA4A-BC24-45B4-8511-26F7DCE6B40D}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{BDD307FB-090E-4E2D-B453-B418A7EB250A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{2A89E47D-8C57-4AF2-9380-ED707BD630A3}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{28396D50-7332-43DF-A8A9-97F771EC3378}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{E0035153-EC69-45FB-AACF-446A486AF0AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{22A1573E-5905-4BA2-A406-A42394C26CE8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{0706A2B9-0AC0-46BF-91A7-6FA149C0C3BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{FBA2528B-89CE-4178-95B9-50D6F86D3499}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{90FC05A1-F8D2-42D7-AFB8-43CE059F3AA3}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{9FF1F175-0A38-45DF-B32C-E055930CB5FB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{061F9813-6B6F-443D-A071-E9118297846C}] => (Allow) C:\Program Files\UCBrowser\Application\UCBrowser.exe FirewallRules: [{CA532358-B01A-4E18-A4F8-3F97FB6C526C}] => (Allow) C:\Program Files\UCBrowser\Application\UCBrowser.exe FirewallRules: [{6D50FE9C-2E80-4218-8647-E7C3745A3EE1}] => (Allow) C:\Program Files\Maoha\MaohaAP\MaohaWifiSvr.exe ==================== Punkty Przywracania systemu ========================= 24-02-2017 00:53:51 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: MaohaWifiNetPro Description: MaohaWifiNetPro Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: MaohaWifiNetPro Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/24/2017 02:00:15 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (02/24/2017 01:56:14 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile C:\Program Files\BlueStacks\HD-CreateSymlink.exe because of the following error: nie jest prawidłową aplikacją systemu Win32. (Exception from HRESULT: 0x800700C1). Error: (02/24/2017 01:50:59 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Nie można zainicjować indeksu. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (02/24/2017 01:50:59 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Nie można zainicjować aplikacji. Kontekst: aplikacja Windows Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (02/24/2017 01:50:59 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Nie można zainicjować obiektu programu zbierającego. Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (02/24/2017 01:50:59 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Nie można zainicjować dodatku typu plug-in w . Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Nie można odnaleźć elementu. (HRESULT : 0x80070490) (0x80070490) Error: (02/24/2017 01:50:53 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Nie można zainicjować dodatku typu plug-in w . Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (02/24/2017 01:50:53 PM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: Usługa Windows Search nie może załadować informacji z magazynu właściwości. Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800) (0xc0041800) Error: (02/24/2017 01:50:53 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Usługa Windows Search jest zatrzymywana, ponieważ wystąpił problem z indeksatorem: The catalog is corrupt. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (02/24/2017 01:50:53 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Usługa wyszukiwania wykryła uszkodzone pliki danych w indeksie {id=4700}. Usługa podejmie próbę automatycznego rozwiązania tego problemu przez odbudowanie indeksu. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Dziennik System: ============= Error: (02/24/2017 01:51:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (02/24/2017 01:51:00 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-1073473535. Error: (02/24/2017 01:50:59 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {995C996E-D918-4A8C-A302-45719A6F4EA7} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (02/24/2017 01:50:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi MaohaWifiNetPro z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (02/24/2017 01:50:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: MaohaWifiNetPro Error: (02/24/2017 01:50:06 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 00:55:35 na ‎2017-‎02-‎24 było nieoczekiwane. Error: (02/24/2017 12:49:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa MaohaWiFiService niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. Error: (02/24/2017 12:45:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa UC浏览器基础服务 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/24/2017 12:45:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa MaohaWiFiService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (02/24/2017 12:32:48 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. CodeIntegrity: =================================== Date: 2017-02-24 13:51:17.575 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. Date: 2017-02-24 13:51:17.512 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-02-24 13:51:17.434 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-02-24 13:51:17.356 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM)2 Duo CPU E7400 @ 2.80GHz Procent pamięci w użyciu: 52% Całkowita pamięć fizyczna: 3326.49 MB Dostępna pamięć fizyczna: 1581.44 MB Całkowita pamięć wirtualna: 6651.31 MB Dostępna pamięć wirtualna: 4444.91 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:60.1 GB) (Free:9.41 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: () (Fixed) (Total:137.12 GB) (Free:112.76 GB) NTFS Drive e: () (Fixed) (Total:268.54 GB) (Free:268.16 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: AE54AE54) Partition 1: (Active) - (Size=60.1 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=405.7 GB) - (Type=05) ==================== Koniec Addition.txt ============================