Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 15-06-2017 01 Uruchomiony przez Cepek (16-06-2017 16:06:06) Uruchomiony z C:\Users\Cepek\Desktop Windows 10 Home Wersja 1607 (X64) (2016-10-13 16:02:13) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1368180626-1709571630-246340318-500 - Administrator - Disabled) Cepek (S-1-5-21-1368180626-1709571630-246340318-1000 - Administrator - Enabled) => C:\Users\Cepek Gość (S-1-5-21-1368180626-1709571630-246340318-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1368180626-1709571630-246340318-1002 - Limited - Enabled) Konto domyślne (S-1-5-21-1368180626-1709571630-246340318-503 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Panda Protection (Disabled - Up to date) {46AEFD02-ACA3-E038-1FA5-4A15EFD361E0} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Panda Protection (Disabled - Up to date) {FDCF1CE6-8A99-EFB6-2515-716794542B5D} FW: Panda Firewall (Disabled) {7E957C27-E6CC-E160-34FA-E3201100269B} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) Ace Stream Media 3.1.11 (HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\AceStream) (Version: 3.1.11 - Ace Stream Media) <==== UWAGA Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated) Aktualizacje NVIDIA 25.0.0.0 (Version: 25.0.0.0 - NVIDIA Corporation) Hidden AlphaGo (HKLM-x32\...\{2C652C0A-EC71-4797-8077-F67649177AB0}) (Version: 1.0.2 - Default Company Name) <==== UWAGA AlphaGo (HKLM-x32\...\{549372A5-DC71-4F7F-9422-84627B659B1B}) (Version: 1.0.5 - Default Company Name) <==== UWAGA AlphaGo (HKLM-x32\...\{97D2FBF4-72CF-4DD6-8DA8-26710BC7BE71}) (Version: 1.1.0 - Default Company Name) <==== UWAGA AlphaGo (HKLM-x32\...\{B20B3A3C-91E3-4326-8A0F-B3C012574F8C}) (Version: 1.1.2 - Default Company Name) <==== UWAGA Ansel (Version: 378.92 - NVIDIA Corporation) Hidden Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.18.898 - Bitdefender) CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform) Diskeeper 12 Professional (HKLM\...\{2C0222FA-7DBD-4AED-862B-1672848539F4}) (Version: 16.0.1017.64 - Condusiv Technologies) Document Translator (HKLM-x32\...\{3046D1AE-D446-4CFF-A136-1A2A38B2840C}) (Version: 1.0.0 - Microsoft Corporation) Dropbox (HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.) EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts) e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 9.0.5 - Ministerstwo Finansow) e-Deklaracje Desktop (x32 Version: 9.0.5 - Ministerstwo Finansow) Hidden EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.0.101 - EasternGraphics) ELAN Touchpad 15.13.5.2_X64_WHQL (HKLM\...\Elantech) (Version: 15.13.5.2 - ELAN Microelectronic Corp.) e-pity 8.0.24 za rok 2016 (HKLM-x32\...\{80D8170E-5590-218-B9ED-E24E4C99A11D}_is1) (Version: 8.0.24 - e-file sp. z o.o. sp.k.) FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts) FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.48.30259 - Electronic Arts) Fraps (HKLM-x32\...\Fraps) (Version: - ) Free MP4 to AVI Converter (32-bit) 1.13 (HKLM-x32\...\{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1) (Version: 1.13 - Jacek Pazera) GG (HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\GG) (Version: 12 - GG Network S.A.) GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.3 - goldensoft.org) Hola™ 1.34.855 - Better Internet (HKLM\...\Hola) (Version: 1.34.855 - Hola Networks Ltd.) <==== UWAGA Huawei E3272 (HKLM-x32\...\Huawei E3272) (Version: 22.001.22.00.1202 - Huawei Technologies Co.,Ltd) inSSIDer 4 (HKLM-x32\...\{106E5A6F-A4C0-47B7-BA51-61DA07A90F9C}) (Version: 4.2.1.109 - MetaGeek, LLC) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1342.2) (HKLM\...\{302600C1-6BDF-4FD1-1311-148929CC1385}) (Version: 3.1.1311.0402 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) K-Lite Codec Pack 10.6.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.0 - ) Malwarebytes (wersja 3.0.6.1469) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation) Microsoft Project Professional 2013 (HKLM\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 47.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 pl)) (Version: 47.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla) MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NVIDIA Sterownik graficzny 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.92 - NVIDIA Corporation) NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden Odds calculator (HKLM-x32\...\odds-calculator-desktop.71249E51277F5CE3F1C9178228D3FD8E8D6DCCCF.1) (Version: 1.0.17 - UNKNOWN) Odds calculator (x32 Version: 1.0.17 - UNKNOWN) Hidden Odkurzacz (HKLM-x32\...\Odkurzacz 13.5_is1) (Version: 13.5.4.1971 - FranmoSoftware - Maciej Opaliński) Opera Stable 45.0.2552.888 (HKLM-x32\...\Opera 45.0.2552.888) (Version: 45.0.2552.888 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.4.12.59996 - Electronic Arts, Inc.) Panda Devices Agent (x32 Version: 1.03.08 - Panda Security) Hidden Panda Devices Agent (x32 Version: 1.08.00 - Panda Security) Hidden Panda Protection (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.01.00.0000 - Panda Security) Panda Protection (Version: 8.87.00 - Panda Security) Hidden Panda Safe Web (HKLM-x32\...\pandasecuritytb) (Version: 4.3.1.23 - Panda Security and Visicom Media Inc.) Panel sterowania NVIDIA 378.92 (Version: 378.92 - NVIDIA Corporation) Hidden pCon.planner STD (64 bit) (HKLM\...\{212A19BA-D70A-4894-8A65-E53FC672B946}) (Version: 7.3.0.103 - EasternGraphics) PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PDFBinder (HKLM-x32\...\{8BA03AC2-579F-41CD-A250-740137D86F7A}) (Version: 1.0.0 - Malamute.dk) PDF-XChange Viewer (HKLM\...\{9ED333F8-3E6C-4A38-BAFA-728454121CDA}) (Version: 2.5.213.1 - Tracker Software Products (Canada) Ltd.) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) PS TO PC CONVERTER (HKLM-x32\...\{A483F88A-41E9-45B2-AAC9-A823DD9B4873}) (Version: 2007.01.01 - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6537 - Realtek Semiconductor Corp.) Registry Defragmentation (HKLM-x32\...\Registry Defragmentation) (Version: 9.1.3.23 - Elcor Software) RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder) ScreenShooter5 (HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\ScreenShooter5) (Version: 5.0 - ) ScreenShot (HKLM-x32\...\ScreenShot) (Version: 2.0.4 - Filseclab Corporation) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.103 - Skype Technologies S.A.) SopCast 4.0.0 (HKLM-x32\...\SopCast) (Version: 4.0.0 - www.sopcast.com) TomTom MyDrive Connect 4.1.4.3089 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.4.3089 - TomTom) Unity Web Player (All users) (HKLM-x32\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) William Hill Casino Club (HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\William Hill CASINO CLUB) (Version: 1.1.1.32 - William Hill Casino Club) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. ) Wirtualny Planer - Cersanit v.1.31d (HKLM-x32\...\{1C36647E-F5BD-43E9-BA64-5F274B7F7052}_is1) (Version: - ) Wise Auto Shutdown 1.55 (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 1.55 - WiseCleaner.com, Inc.) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\ChromeHTML: -> C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) <==== UWAGA CustomCLSID: HKU\S-1-5-21-1368180626-1709571630-246340318-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Cepek\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1368180626-1709571630-246340318-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-1368180626-1709571630-246340318-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () CustomCLSID: HKU\S-1-5-21-1368180626-1709571630-246340318-1000_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics) CustomCLSID: HKU\S-1-5-21-1368180626-1709571630-246340318-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Cepek\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) CustomCLSID: HKU\S-1-5-21-1368180626-1709571630-246340318-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Cepek\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1368180626-1709571630-246340318-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Cepek\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1368180626-1709571630-246340318-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Cepek\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1368180626-1709571630-246340318-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Cepek\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1368180626-1709571630-246340318-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Cepek\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1368180626-1709571630-246340318-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Cepek\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1368180626-1709571630-246340318-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Cepek\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1368180626-1709571630-246340318-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Cepek\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {060F0618-C761-4962-BEBA-FFB07CF4B69F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {084B5595-F3B0-4582-8717-57001D18F86B} - \{8386A2DC-5E45-4790-B8F7-873ACF9977C7} -> Brak pliku <==== UWAGA Task: {094082F0-2393-4076-AD21-C3E62BD8CF80} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {09D2127D-2F69-42B3-91E7-F668DEE81087} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {1228C228-02EC-4C8E-811B-D2C7E0587AC0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation) Task: {150C3E3E-DD68-4BFA-8A91-CF7406EEFB7B} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1DE7579C-D1BC-4ED7-A7E4-7274107CDD75} - \e-pity2016a_kwiecien -> Brak pliku <==== UWAGA Task: {1FF4F9FC-9713-4BBA-8CDA-2C79AEAD83A4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation) Task: {33043AA7-1876-4B81-A1CA-9118823AF0B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {33AE920F-63BE-4388-942A-E2A72DB9C4B3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {38F2E28F-571B-46FB-84F2-036035A4B132} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation) Task: {3A7373D5-CB63-4EF6-84EF-FA210035CED0} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation) Task: {3AE76F8C-5A5A-4979-95DB-721283406886} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation) Task: {3DF0D9F3-35DF-441D-847B-D2FEE17F0EB7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {3E03DD6A-8CBA-4706-95AC-1AE122EBDFBB} - \CCleanerSkipUAC -> Brak pliku <==== UWAGA Task: {40FDD066-831D-45C6-B99E-B1FC7C39EE9A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {431B1EB1-D3A9-4C8B-839A-D187B6046247} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {4CC1C857-C439-470E-82F7-E77F0ED52C9D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-02-09] (Adobe Systems Incorporated) Task: {4E8E3540-9DEF-4BA4-BD48-CE087B07CF94} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {50E167C6-677F-44B9-8EAD-3F4B21194578} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation) Task: {51E8A0F4-E6F8-43C7-8961-B3ADA482D31B} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5ADD9F39-29FC-485C-B9EB-AC0C5738D778} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {5B98F396-5BA7-4C35-9E5E-035952E55D79} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {635BF14B-9409-4F0B-B4CD-039A52C0D48B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {6CAF9505-5432-4AC4-99D1-BED17CB97DCE} - \e-pity2015a_kwiecien -> Brak pliku <==== UWAGA Task: {6E59A3A7-F819-4716-ABBA-3C5399A600BD} - \e-pity2016a_styczen -> Brak pliku <==== UWAGA Task: {7859C7C5-0C87-4A25-A254-25DD7247D28B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {78A40AC5-677D-4191-8444-7FFFF9ED3C5D} - \e-pity2015a_styczen -> Brak pliku <==== UWAGA Task: {829E2F72-E59E-44F3-94FB-F6F93B172D61} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {8338ADA6-9CBA-4C1F-80F7-87FE580A44B4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {85AB322F-4501-489C-A406-089F61517BE8} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {87E12568-5526-4B00-A8B7-068423622930} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {93C46D56-6049-4C16-A5AA-209133156CB4} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Brak pliku <==== UWAGA Task: {990E027B-BC6E-4C74-B3B0-A0C80C1A7D52} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {9D1638A9-8A8D-4992-BCAE-EEF8C3E6EBFC} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9D77AE1E-9C5F-4727-89F0-B531ECC24328} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {9E4B86DC-4720-4CDA-839E-28B46F13F208} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation) Task: {9EDBB6A5-7320-4BDD-AD69-A7AFFCF0B25E} - \{5E2F157F-EEF6-4C2D-BD6E-4DD94ABB8C33} -> Brak pliku <==== UWAGA Task: {A491CDE5-3862-4CB3-BB77-01B9D5090CD0} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-05-17] () <==== UWAGA Task: {A6B45AE1-15B3-425F-85B7-AAA87109349D} - System32\Tasks\Windows-PG => powershell.exe C:\windows\psgo\psgo.ps1 <==== UWAGA Task: {A721CC42-A2F6-4A49-862B-A273D7916A2C} - System32\Tasks\Opera scheduled Autoupdate 1411055990 => C:\Program Files (x86)\Opera\launcher.exe [2017-05-31] (Opera Software) Task: {B1A58477-EDA8-4E0E-BBFE-6BBBFD23051B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {B88FA509-F9B7-44B0-8A66-F87526F0A929} - \AVGPCTuneUp_Task_BkGndMaintenance -> Brak pliku <==== UWAGA Task: {B954DC46-4C4F-4217-A121-7120FA1283D3} - \{780A0F47-7D0A-7D78-7911-7D050C0F117D} -> Brak pliku <==== UWAGA Task: {BBADA63E-E054-47F4-875A-D21805F06B2C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-09] (Adobe Systems Incorporated) Task: {BEF19BEA-FE70-425B-9ACC-F4B68DD73C79} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {C026033F-0227-4586-9DD7-AC7A407909DA} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation) Task: {C5CD522E-B9E7-4818-B23C-D63518B7F887} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation) Task: {C9CBB41E-B292-4DAD-8BE0-6E8076D0E6C7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D27FBD3D-2B9E-44AB-AA40-4D25DF5E66A6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D3EC8F32-2D0F-4D3D-9FE5-DA20FAA1878C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation) Task: {DA932196-5A0D-415A-A506-0E3D46E7F890} - \Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 -> Brak pliku <==== UWAGA Task: {DADB572A-5DB2-4DB3-AC87-53E9D4889608} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {DC889999-3606-4F97-ACB0-F4E5165BEA20} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {DD3AFA90-19A5-4D98-B1DF-621CE34B79F7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation) Task: {DE033853-90D3-4A8A-8BE9-D09107E1B237} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation) Task: {E52F0A2A-6F0A-402B-B5F4-B5B1F11E6E14} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {EADAB92D-CE2B-44D3-B3AC-4E03C88C19CD} - \Odkurzacz -> Brak pliku <==== UWAGA Task: {EFA883E1-0127-49FF-BE84-0F91F525D395} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F0C8AE7A-7265-48FA-BD12-9D1E19CC80DF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\Cepek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Firefox\Firefox.exe (Mozilla Corporation) ShortcutWithArgument: C:\Users\Cepek\Desktop\BigFarm.lnk -> C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) -> hxxp://bigfarm.goodgamestudios.com/?w=239064 ShortcutWithArgument: C:\Users\Cepek\Desktop\big_bang_empire.lnk -> C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) -> hxxp://www.bigbangempire.com/?ref=281-000-000-005 ShortcutWithArgument: C:\Users\Cepek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.ourluckysites.com/?type=sc&ts=1495445351&z=7264061864cc7631a9d5bfdg0zat3w6zbz1w3c3w0w&from=che0812&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553 ShortcutWithArgument: C:\Users\Cepek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1495445351&z=7264061864cc7631a9d5bfdg0zat3w6zbz1w3c3w0w&from=che0812&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553 ShortcutWithArgument: C:\Users\Cepek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1495445351&z=7264061864cc7631a9d5bfdg0zat3w6zbz1w3c3w0w&from=che0812&uid=WDCXWD7500BPVT-22HXZT3_WD-WX41A233655336553 ==================== Załadowane moduły (filtrowane) ============== 2014-12-30 14:57 - 2013-12-03 08:09 - 00240720 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2016-12-28 19:00 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-05-31 13:47 - 2017-05-31 07:19 - 00095744 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-06-15 14:22 - 2017-06-03 12:01 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-10-13 17:25 - 2017-03-17 01:16 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-10-13 20:54 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-14 22:22 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-14 22:20 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-14 22:20 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-14 22:21 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-06-15 14:22 - 2017-06-03 10:47 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-06-15 14:22 - 2017-06-03 10:51 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-11-10 08:54 - 2015-11-10 08:54 - 00027000 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\ace_update.exe 2017-06-02 16:37 - 2017-06-02 16:37 - 90985048 _____ () C:\Program Files (x86)\Opera\45.0.2552.888\opera_browser.dll 2017-06-02 16:37 - 2017-06-02 16:36 - 03949144 _____ () C:\Program Files (x86)\Opera\45.0.2552.888\libglesv2.dll 2017-06-02 16:37 - 2017-06-02 16:36 - 00101464 _____ () C:\Program Files (x86)\Opera\45.0.2552.888\libegl.dll 2017-05-17 07:38 - 2017-06-01 12:30 - 00022928 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe 2017-05-17 11:05 - 2017-05-17 16:05 - 01887232 _____ () c:\users\cepek\appdata\roaming\winsapsvc\winsap.dll 2015-12-15 19:17 - 2015-12-15 19:17 - 00618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll 2016-09-16 16:48 - 2017-05-02 14:36 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll 2016-12-28 19:00 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-10-19 23:16 - 2017-03-20 19:57 - 00329216 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\acestreamengine.Core.pyd 2011-06-12 15:09 - 2011-06-12 15:09 - 00038400 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\_socket.pyd 2011-06-12 15:09 - 2011-06-12 15:09 - 00720896 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\_ssl.pyd 2011-06-12 15:06 - 2011-06-12 15:06 - 00287232 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\_hashlib.pyd 2015-04-16 14:27 - 2015-04-16 14:27 - 00018944 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pycompat.pyd 2017-02-07 16:03 - 2017-02-02 12:54 - 00093696 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\_elementtree.pyd 2011-06-12 15:06 - 2011-06-12 15:06 - 00152576 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\pyexpat.pyd 2015-11-07 14:14 - 2015-11-07 14:14 - 02977792 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\lxml.etree.pyd 2012-02-07 18:37 - 2012-02-07 18:37 - 00167424 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\win32gui.pyd 2012-02-07 18:35 - 2012-02-07 18:35 - 00110080 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\pywintypes27.dll 2012-02-07 18:36 - 2012-02-07 18:36 - 00035840 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\win32process.pyd 2014-01-23 13:37 - 2014-01-23 13:37 - 00036352 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\_psutil_mswindows.pyd 2012-02-07 18:37 - 2012-02-07 18:37 - 00098816 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\win32api.pyd 2012-02-07 18:38 - 2012-02-07 18:38 - 00358912 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\pythoncom27.dll 2012-02-07 18:36 - 2012-02-07 18:36 - 00111616 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\win32file.pyd 2012-02-07 18:36 - 2012-02-07 18:36 - 00024064 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\win32pdh.pyd 2015-04-16 14:27 - 2015-04-16 14:27 - 02386432 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pywebrtc.pyd 2016-10-19 23:07 - 2017-03-20 19:57 - 03137536 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\acestreamengine.live.pyd 2013-12-21 15:20 - 2013-12-21 15:20 - 00053248 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\_blist.pyd 2011-06-12 15:06 - 2011-06-12 15:06 - 00106496 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\_ctypes.pyd 2013-12-21 15:20 - 2013-12-21 15:20 - 00040448 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\bitarray._bitarray.pyd 2011-06-12 15:06 - 2011-06-12 15:06 - 00011776 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\select.pyd 2011-01-18 23:56 - 2011-01-18 23:56 - 00334336 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\M2Crypto.__m2crypto.pyd 2011-02-13 17:02 - 2011-02-13 17:02 - 00031232 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\Crypto.Cipher.AES.pyd 2016-10-19 23:47 - 2017-03-20 19:57 - 05573632 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\acestreamengine.CoreApp.pyd 2011-06-12 15:06 - 2011-06-12 15:06 - 00057344 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\_sqlite3.pyd 2011-06-12 15:06 - 2011-06-12 15:06 - 00635392 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\sqlite3.dll 2016-05-08 21:48 - 2016-05-08 21:48 - 00014848 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\netifaces.pyd 2010-10-11 00:23 - 2010-10-11 00:23 - 00723968 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\apsw.pyd 2013-01-29 18:20 - 2013-01-29 18:20 - 00082944 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\cpyamf.util.pyd 2011-07-15 21:37 - 2011-07-15 21:37 - 00981504 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\wx._core_.pyd 2011-07-15 21:38 - 2011-07-15 21:38 - 00746496 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\wx._gdi_.pyd 2011-07-15 21:38 - 2011-07-15 21:38 - 00670720 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\wx._windows_.pyd 2011-07-15 21:38 - 2011-07-15 21:38 - 00966144 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\wx._controls_.pyd 2011-07-15 21:38 - 2011-07-15 21:38 - 00674816 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\wx._misc_.pyd 2011-06-12 15:06 - 2011-06-12 15:06 - 00688128 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\unicodedata.pyd 2016-05-08 21:13 - 2017-02-02 12:54 - 00264296 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pysegmenter.pyd 2015-04-16 14:29 - 2015-04-16 14:29 - 00112142 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\libgcc_s_dw2-1.dll 2015-04-16 14:29 - 2015-04-16 14:29 - 00061952 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\miniupnpc.pyd 2017-02-07 16:03 - 2017-02-02 12:54 - 00028672 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\_multiprocessing.pyd 2013-01-29 18:20 - 2013-01-29 18:20 - 00066048 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\cpyamf.amf0.pyd 2017-05-25 20:33 - 2017-05-31 07:14 - 00348160 _____ () C:\Users\Cepek\AppData\Local\background_fault\bf.dll 2016-10-18 11:19 - 2017-02-02 12:54 - 00283648 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\acestreamengine.jsplayer.pyd 2016-09-27 17:42 - 2016-09-27 17:42 - 00350720 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\engine\lib\acestreamengine.pyvlc.pyd 2015-08-06 14:30 - 2017-01-31 13:29 - 00165216 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\player\libtsplayer.dll 2015-08-06 14:30 - 2017-01-31 13:29 - 01968480 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\player\libtsplayercore.dll 2011-06-12 15:09 - 2011-06-12 15:09 - 00038400 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\lib\_socket.pyd 2011-06-12 15:09 - 2011-06-12 15:09 - 00720896 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\lib\_ssl.pyd 2011-07-15 21:37 - 2011-07-15 21:37 - 00981504 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\lib\wx._core_.pyd 2011-07-15 21:38 - 2011-07-15 21:38 - 00746496 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\lib\wx._gdi_.pyd 2011-07-15 21:38 - 2011-07-15 21:38 - 00670720 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\lib\wx._windows_.pyd 2011-07-15 21:38 - 2011-07-15 21:38 - 00966144 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\lib\wx._controls_.pyd 2011-07-15 21:38 - 2011-07-15 21:38 - 00674816 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\lib\wx._misc_.pyd 2011-06-12 15:06 - 2011-06-12 15:06 - 00287232 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\lib\_hashlib.pyd 2011-01-18 23:56 - 2011-01-18 23:56 - 00334336 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\lib\M2Crypto.__m2crypto.pyd 2011-06-12 15:06 - 2011-06-12 15:06 - 00011776 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\lib\select.pyd 2011-06-12 15:06 - 2011-06-12 15:06 - 00152576 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\lib\pyexpat.pyd 2012-02-07 18:37 - 2012-02-07 18:37 - 00098816 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\lib\win32api.pyd 2012-02-07 18:35 - 2012-02-07 18:35 - 00110080 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\lib\pywintypes27.dll 2012-02-07 18:38 - 2012-02-07 18:38 - 00358912 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\lib\pythoncom27.dll 2012-02-07 18:36 - 2012-02-07 18:36 - 00111616 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\lib\win32file.pyd 2012-02-07 18:36 - 2012-02-07 18:36 - 00024064 _____ () C:\Users\Cepek\AppData\Roaming\ACEStream\updater\lib\win32pdh.pyd 2016-09-16 16:48 - 2017-05-02 14:36 - 00012288 _____ () C:\Program Files (x86)\Origin\libEGL.DLL 2014-04-03 15:57 - 2016-06-11 11:38 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll 2014-07-04 21:49 - 2014-06-27 20:00 - 00235008 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\libbluray.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\hola.org -> hxxp://hola.org ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2016-10-28 12:38 - 00001556 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1368180626-1709571630-246340318-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\Services: wuauserv => 3 MSCONFIG\startupfolder: C:^Users^Cepek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Casino Del Rio notification.lnk => C:\Windows\pss\Casino Del Rio notification.lnk.Startup MSCONFIG\startupfolder: C:^Users^Cepek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupfolder: C:^Users^Cepek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Wysyłanie do programu OneNote.lnk => C:\Windows\pss\Wysyłanie do programu OneNote.lnk.Startup MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart MSCONFIG\startupreg: GoogleChromeAutoLaunch_0138111595B56A945BC28A909B9620F5 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk" HKLM\...\StartupApproved\StartupFolder: => "Update Notifier.lnk" HKLM\...\StartupApproved\Run: => "BLEServicesCtrl" HKLM\...\StartupApproved\Run: => "NvBackend" HKLM\...\StartupApproved\Run: => "InstallerLauncher" HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\StartupApproved\StartupFolder: => "William Hill Casino Club notification.lnk" HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\StartupApproved\StartupFolder: => "EuroGrand Casino notification.lnk" HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_0138111595B56A945BC28A909B9620F5" HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\StartupApproved\Run: => "MyDriveConnect.exe" HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\StartupApproved\Run: => "GG" HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\StartupApproved\Run: => "ScreenShooter" HKU\S-1-5-21-1368180626-1709571630-246340318-1000\...\StartupApproved\Run: => "IPLA!" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [UDP Query User{C9AAFE0E-2D6F-4031-82EE-A4A3041612BC}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [TCP Query User{A0132DAC-59EB-4596-AE32-9F0EFF31B8D2}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [{699F132C-8A59-4D70-9989-13D3859196C6}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe FirewallRules: [{3E72B1FB-7934-4373-9FB1-10BC02CB76B7}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe FirewallRules: [UDP Query User{67251168-D623-48FC-BEDE-1E9BFFC6DF1C}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [TCP Query User{FE3CCF7A-281F-4523-8D07-846EB8C9A056}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [{F01C6EB8-E262-4A9E-B327-47F8F5E84072}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{5E69FE62-D22C-43F9-9735-FD566CC54C86}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{633E3D0F-80C7-4F27-A50B-AEB6F42A4D91}C:\users\cepek\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\cepek\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{1CF6F849-AF4F-43F9-8C91-31808CF9FD5C}C:\users\cepek\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\cepek\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{806527FC-7E55-4903-95FD-B1E30FFDFD87}C:\program files (x86)\origin games\fifa 14\game\fifa14.exe] => (Allow) C:\program files (x86)\origin games\fifa 14\game\fifa14.exe FirewallRules: [UDP Query User{AD2127FA-9A8F-4B9B-9B9E-47697C44BD10}C:\program files (x86)\origin games\fifa 14\game\fifa14.exe] => (Allow) C:\program files (x86)\origin games\fifa 14\game\fifa14.exe FirewallRules: [{3E8FD470-49BD-4835-A500-F99399B0D85D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{601B990E-6ADE-4B38-9364-58A4BCD39BA7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{E47B1836-E81D-4FBF-A3D6-10C8C72C2630}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{022F77EC-3D19-4F49-ADF6-48C0B9DAA376}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{094C333B-C8CF-4A5C-A940-B0E85F173F72}] => (Allow) C:\Users\Cepek\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{7B2295C2-731A-4DE7-91D4-5A2965801AE8}] => (Allow) C:\Users\Cepek\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{475D835D-E8F9-454B-B325-B6D15E9EA43B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{895E5088-0E76-4AA0-A486-DD910BEB9C59}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{66F14DCB-52E9-4A1F-9458-997F51426968}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A9F82D18-C543-4F07-B2E8-17A2F1E2C40E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{278888A0-DC22-4AB1-9131-3A9C12B4AC3F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{5D5B7FE9-A270-4339-90E0-1D3B1B97A71A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{FDB36D23-1AFC-498A-AD66-C128F3FD8DEF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{E5C9FFA7-CD51-42DB-B509-0532784A4AB4}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{2737D8E0-C2DA-4F4A-90D5-B7C0FBA788C0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{C5DE2E4B-4727-4F86-8BCF-F5A936CA5F7A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{8A1FC840-C19A-4EC9-AEE2-BDDE7C8BDB94}] => (Allow) C:\Users\Cepek\AppData\Roaming\ACEStream\engine\ace_engine.exe FirewallRules: [{887A0ED8-EE47-425E-BCAC-D6CE9A3E50B7}] => (Allow) C:\Users\Cepek\AppData\Roaming\ACEStream\engine\ace_engine.exe FirewallRules: [TCP Query User{99D27AA1-DBD4-4106-94E9-8C5BBED95527}C:\program files (x86)\origin games\fifa 17\fifa17.exe] => (Allow) C:\program files (x86)\origin games\fifa 17\fifa17.exe FirewallRules: [UDP Query User{3FFBFA09-D1D0-42B4-A941-96559BA87DD7}C:\program files (x86)\origin games\fifa 17\fifa17.exe] => (Allow) C:\program files (x86)\origin games\fifa 17\fifa17.exe FirewallRules: [{7EEB2BA2-CB11-4167-BE2F-36EC693E58C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{34522637-EF23-4EE6-A8BA-3F74A30DB0AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{1123B3AF-5697-4F8A-8A34-2F3F8FA553AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{ACE5FACD-37CF-4CE6-BCA4-380D4EE58C42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{AF2FB535-88D3-4CB3-A0F1-C4C1967DBC51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{5AE19EED-982E-4A23-8FA5-2DD06A8A2337}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe FirewallRules: [{574DA01D-0CB4-46A2-8B3E-33FE662F9283}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe FirewallRules: [{DE32CCF3-6545-4E10-8EC5-879CB42D1841}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe FirewallRules: [{3E82576E-2051-4AB6-9F28-F77255894215}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe FirewallRules: [{6D5B1CEC-AEEE-49D9-B39C-EBFF0CE03196}] => (Allow) C:\Program Files (x86)\Eggper\Application\chrome.exe FirewallRules: [{82724C22-0093-42B2-B81B-67851138107D}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe FirewallRules: [{DA0234EB-06D9-4D5D-BDF4-0DB0BEB0BF7F}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe FirewallRules: [{A7D17B30-10C4-4376-89EB-9FE36A4E6554}] => (Allow) C:\Program Files (x86)\Opera\45.0.2552.881\opera.exe FirewallRules: [{20D388C4-0F9F-4EE9-9D83-68529AAB9137}] => (Allow) C:\Program Files (x86)\MIO\loader\wdcxwd7500bpvt-22hxzt3_wd-wx41a233655336553.dat FirewallRules: [{FCEF00CB-4E5D-483C-A722-10C50723667E}] => (Allow) C:\Program Files (x86)\MIO\loader\wdcxwd7500bpvt-22hxzt3_wd-wx41a233655336553.dat FirewallRules: [{484278A3-9BA3-455C-B466-7915F085A02A}] => (Allow) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe FirewallRules: [{C8EB1CA2-CCD8-416B-A1F6-2EE745F0893F}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe FirewallRules: [{453F3243-1AE7-4894-80F7-5F6E37D7E295}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 17\FIFASetup\fifaconfig.exe ==================== Punkty Przywracania systemu ========================= 24-05-2017 13:02:11 Removed AlphaGo 31-05-2017 12:02:40 Windows Update 09-06-2017 15:55:55 Zaplanowany punkt kontrolny 14-06-2017 22:55:41 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (06/16/2017 02:58:48 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\WinZip\adxloader.dll.Manifest". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files\WinZip\adxloader.dll.Manifest" w wierszu 2. Element główny pliku manifestu musi być zmontowany. Error: (06/16/2017 02:52:06 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (06/16/2017 02:46:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CEPEK) Description: Aktywacja aplikacji Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (06/15/2017 09:55:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CEPEK) Description: Aktywacja aplikacji Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (06/15/2017 04:17:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CEPEK) Description: Aktywacja aplikacji Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (06/15/2017 11:01:28 AM) (Source: SideBySide) (EventID: 9) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "C:\Program Files\WinZip\adxloader.dll.Manifest". Błąd w pliku manifestu lub w pliku zasad "C:\Program Files\WinZip\adxloader.dll.Manifest" w wierszu 2. Element główny pliku manifestu musi być zmontowany. Error: (06/15/2017 10:58:27 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (06/15/2017 10:43:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CEPEK) Description: Aktywacja aplikacji Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (06/14/2017 10:57:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (06/14/2017 10:43:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CEPEK) Description: Aktywacja aplikacji Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Dziennik System: ============= Error: (06/16/2017 02:45:45 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} i identyfikatorem aplikacji APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (06/15/2017 09:54:50 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} i identyfikatorem aplikacji APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (06/15/2017 04:25:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa terana niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (06/15/2017 04:25:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa CSHMDR niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (06/15/2017 04:25:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa NPASRE niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 21600000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (06/15/2017 04:25:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa snare niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (06/15/2017 04:25:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa CWASRE niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 21600000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (06/15/2017 04:16:21 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} i identyfikatorem aplikacji APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (06/15/2017 04:14:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (06/15/2017 04:14:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. CodeIntegrity: =================================== Date: 2017-06-15 16:24:27.470 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_d555f104864d7e48\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-06-15 16:24:27.041 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-06-11 17:37:18.184 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_d555f104864d7e48\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-06-11 17:37:17.015 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-06-05 19:47:44.832 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_d555f104864d7e48\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-06-05 19:47:43.939 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-24 14:03:12.587 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_d555f104864d7e48\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-24 14:03:12.445 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-19 16:11:00.828 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_d555f104864d7e48\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-19 16:11:00.166 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz Procent pamięci w użyciu: 67% Całkowita pamięć fizyczna: 8088.78 MB Dostępna pamięć fizyczna: 2650.9 MB Całkowita pamięć wirtualna: 16280.78 MB Dostępna pamięć wirtualna: 7478.52 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:354.21 GB) (Free:118.92 GB) NTFS Drive d: () (Fixed) (Total:342.12 GB) (Free:294.84 GB) NTFS ==================== MBR & Tablica partycji ================== ==================== Koniec Addition.txt ============================