Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 20-08-2017 Uruchomiony przez G3orG3 (23-08-2017 21:23:10) Uruchomiony z C:\Users\G3orG3\Downloads Windows 10 Pro Wersja 1607 (X64) (2016-11-07 22:23:13) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-4006257210-923307027-1902655278-500 - Administrator - Disabled) defaultuser0 (S-1-5-21-4006257210-923307027-1902655278-1001 - Limited - Disabled) => C:\Users\defaultuser0 G3orG3 (S-1-5-21-4006257210-923307027-1902655278-1002 - Administrator - Enabled) => C:\Users\G3orG3 Gość (S-1-5-21-4006257210-923307027-1902655278-501 - Limited - Disabled) Konto domyślne (S-1-5-21-4006257210-923307027-1902655278-503 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) 8GadgetPack (HKLM-x32\...\{35C86AEB-A4C6-49E3-90B7-245F2C7FDEC7}) (Version: 21.0.0 - 8GadgetPack.net) ACDSee Pro 10 (64-bit) (HKLM\...\{13E67D9D-8F6F-4709-B380-A04EC12343E7}) (Version: 10.1.0.653 - ACD Systems International Inc.) Action! (HKLM-x32\...\Mirillis Action!) (Version: 2.6.1 - Mirillis) Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated) Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft) AIMP (HKLM-x32\...\AIMP) (Version: v4.11.1841, 09.10.2016 - AIMP DevTeam) Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.78 - NVIDIA Corporation) Hidden Ashampoo Burning Studio 16 (HKLM-x32\...\{91B33C97-A730-69CE-7A4F-4ADF378BB993}_is1) (Version: 16.0.7 - Ashampoo GmbH & Co. KG) Aslain's WoT Modpack (wersja 9.19.1.2.05) (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 9.19.1.2.05 - Aslain) Aslain's WoWs Modpack (wersja 6.8.1.00) (HKLM-x32\...\ASLAINSWARSHIPSTEST_is1) (Version: 6.8.1.00 - Aslain) ASUS Xonar DX Audio (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008788}) (Version: - ASUSTeK Computer Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform) Cybereason RansomFree 2.4.0.0 (HKLM-x32\...\{E5187076-2C8E-4062-88D2-E29DC4F4962C}) (Version: 2.4.0.0 - Cybereason Inc.) CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.R.L.) DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: - DT Soft Ltd.) EZ CD Audio Converter (HKLM-x32\...\{B70B1548-0A45-4168-9835-BAD7EDC1BFFE}) (Version: 5.0.0.1 - Poikosoft) f.lux (HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\Flux) (Version: - ) Gadwin PrintScreen (64-Bit) (HKLM\...\{819A52E1-0929-469A-BEB6-1AEBE0873CFC}) (Version: 5.4.2.0 - Gadwin Systems) GetDiz (HKLM-x32\...\GetDiz) (Version: 4.91 - Outertech) GG (HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\GG) (Version: 12 - GG Network S.A.) HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - ) HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu) HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu) Hotspot Shield 7.20.7 (HKLM-x32\...\{76fb14c6-79c5-42d7-a68e-ad7c62dea7a2}) (Version: 7.20.7.9947 - AnchorFree Inc.) Hotspot Shield 7.20.7 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925C26719FE}) (Version: 7.20.7.9947 - AnchorFree Inc.) Hidden Hotspot Shield 7.20.7 (HKLM-x32\...\HotspotShield) (Version: 7.20.7 - AnchorFree Inc.) Hidden HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation) HWiNFO64 Version 5.38 (HKLM\...\HWiNFO64_is1) (Version: 5.38 - Martin Malík - REALiX) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel® Hardware Accelerated Execution Manager (HKLM\...\{55669453-883A-4F15-9D3B-BC990F5C9A32}) (Version: 6.0.6 - Intel Corporation) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC) Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) KeepVid Pro(Build 6.1.1.11) (HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\KeepVid Pro_is1) (Version: 6.1.1.11 - KeepVid Studio) K-Lite Codec Pack 12.5.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.5.0 - KLCP) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.) Malwarebytes (wersja 3.2.2.2018) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes) Malwarebytes Anti-Malware versione 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office Professional Plus 2016 - pl-pl (HKLM\...\ProPlusRetail - pl-pl) (Version: 16.0.8326.2076 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24406 (HKLM\...\{5F66DC83-1294-37C2-8F20-80B67FE08C3F}) (Version: 14.0.24406 - Microsoft Corporation) Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24406 (HKLM\...\{4669489D-D5F2-3A8E-BA68-B0DB3D58AD01}) (Version: 14.0.24406 - Microsoft Corporation) Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24406 (HKLM-x32\...\{16A41EF3-F204-3338-8EAC-623EE6BE05CC}) (Version: 14.0.24406 - Microsoft Corporation) Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24406 (HKLM-x32\...\{E8FA32DC-301E-32C5-8B4E-811C3B62CC4B}) (Version: 14.0.24406 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{7C0242A3-8B66-35D1-9FE0-13B426ACB609}) (Version: 10.0.60729 - Microsoft Corporation) Mozilla Firefox 53.0.3 (x64 pl) (HKLM\...\Mozilla Firefox 53.0.3 (x64 pl)) (Version: 53.0.3 - Mozilla) Mozilla Firefox 54.0.1 (x64 pl) (HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\Mozilla Firefox 54.0.1 (x64 pl)) (Version: 54.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Nox APP Player (HKLM-x32\...\Nox) (Version: 5.0.0.0 - Duodian Technology Co. Ltd.) NVIDIA Oprogramowanie systemu PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 378.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.78 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.23 - NVIDIA Corporation) NVIDIA Sterownik graficzny 378.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.78 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden Old Calculator for Windows 10 (HKLM-x32\...\OldCalcForWin10) (Version: 1.1 - hxxp://winaero.com) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 47.0.2631.55 (HKLM-x32\...\Opera 47.0.2631.55) (Version: 47.0.2631.55 - Opera Software) Panel sterowania NVIDIA 378.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 378.78 - NVIDIA Corporation) Hidden Pavtube Video Converter Ultimate Ver 4.9.0.0 (HKLM-x32\...\{682B3199-76C3-4745-B7AE-FC13F6676421}_is1) (Version: - ) PDF-XChange Editor (HKLM\...\{86F7B9C5-C610-454D-BF5C-0A72DE2CD8C6}) (Version: 6.0.320.1 - Tracker Software Products (Canada) Ltd.) PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: - Kakao Corp.) qBittorrent 3.3.12 (HKLM-x32\...\qBittorrent) (Version: 3.3.12 - The qBittorrent project) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.) RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics) SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.5.171 - SHAREit Technologies Co.Ltd) Skype™ 7.34 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.34.103 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\Spotify) (Version: 1.0.55.487.g256699aa - Spotify AB) StartIsBack++ (HKLM-x32\...\StartIsBack) (Version: 1.3.3 - startisback.com) streamWriter (HKLM-x32\...\streamWriter_is1) (Version: 5.4.0.2 - Alexander Nottelmann) SuperBeam (HKLM\...\{1E690789-503A-4733-B224-7FE1DA597F2A}_is1) (Version: 7 - LiveQoS Inc) TakeOwnershipEx (HKLM-x32\...\TakeOwnershipEx) (Version: 1.2.0.1 - hxxp://winaero.com) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) TaxMachine PITy 2016/2017 (HKLM-x32\...\TaxMachinePITy_is1) (Version: 16.0 - Fundacja Tďż˝czowy Parasol) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector) Theme Signature Bypass (HKLM\...\{CBEF2227-4B91-461E-8B67-C592DA2600B0}_is1) (Version: 1.3.2 - Big Muscle) Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 9.0 release candidate 3 - Ghisler Software GmbH) UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 3.1.0.0 - Manuel Hoefs (Zottel)) Unchecky v1.0.3 (HKLM-x32\...\Unchecky) (Version: 1.0.3 - RaMMicHaeL) Uninstall Tool (HKLM\...\Uninstall Tool) (Version: - CrystalIdea Software) Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) USB Flash Drive Format Tool Pro (HKLM\...\USB Flash Drive Format Tool Pro_is1) (Version: - Rogosoft Corporation) Viber (HKLM-x32\...\{DE097100-497D-43D6-AC39-45773404A41D}) (Version: 6.4.1.1 - Viber Media Inc.) Hidden Viber (HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\{6b606ee6-b468-4418-a3fe-711a4251f673}) (Version: 6.4.1.1 - Viber Media Inc.) Vivaldi (HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\Vivaldi) (Version: 1.10.867.48 - Vivaldi) VMware Workstation (HKLM\...\{07C33FB0-25C8-4723-A1E4-01868089B961}) (Version: 12.5.2 - VMware, Inc.) Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) WinRAR 5.40 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) World of Tanks (HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) World of Warships (HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net) XVM wersja 6.8.1 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 6.8.1 - XVM team) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-4006257210-923307027-1902655278-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4006257210-923307027-1902655278-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4006257210-923307027-1902655278-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4006257210-923307027-1902655278-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4006257210-923307027-1902655278-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4006257210-923307027-1902655278-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4006257210-923307027-1902655278-1002_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4006257210-923307027-1902655278-1002_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4006257210-923307027-1902655278-1002_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\G3orG3\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-11-11] (AIMP DevTeam) ContextMenuHandlers1: [DaemonShellExtImage] -> {40966797-8FFE-46C8-9EF8-7003F33CCF0F} => C:\Program Files\DAEMON Tools Pro\DTShl64.dll [2016-10-19] (Disc Soft Ltd) ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> Brak pliku ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2017-02-07] (Tracker Software Products (Canada) Ltd.) ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2016-11-22] (ACD Systems International Inc.) ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] () ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-09-19] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-09-19] (Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files\DAEMON Tools Pro\DTShl64.dll [2016-10-19] (Disc Soft Ltd) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> Brak pliku ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] () ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Workstation\vmdkShellExt.dll [2016-11-12] (VMware, Inc.) ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Workstation\x64\vmdkShellExt64.dll [2016-11-12] (VMware, Inc.) ContextMenuHandlers3: [HashCheck Shell Extension] -> {705977C7-86CB-4743-BFAF-6908BD19B7B0} => C:\Windows\system32\ShellExt\HashCheck.dll [2009-07-04] (code.kliu.org) ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] () ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-11-11] (AIMP DevTeam) ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> Brak pliku ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] () ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-02-23] (NVIDIA Corporation) ContextMenuHandlers5: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] () ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] () ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] () ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-09-19] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-09-19] (Alexander Roshal) ContextMenuHandlers1_S-1-5-21-4006257210-923307027-1902655278-1002: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\G3orG3\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) ContextMenuHandlers4_S-1-5-21-4006257210-923307027-1902655278-1002: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\G3orG3\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) ContextMenuHandlers5_S-1-5-21-4006257210-923307027-1902655278-1002: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\G3orG3\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\Users\G3orG3\AppData\Local\Temp\Rar$EXa0.412\OldNewExplorer64.dll -> Brak pliku ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {15FF2314-C58F-4B57-B20E-1C282EBE6D2C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation) Task: {1C060773-3F73-427D-B001-DAD7390AD5E6} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-08-30] (@ByELDI) Task: {1E83D918-0263-4812-9BFB-FE610E568D4E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-08-23] (Microsoft Corporation) Task: {33521932-9E37-4CE9-9375-C2F2B32E5C72} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate] Task: {3BD40682-6D12-4742-9EB3-CED973AF9EF0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-08-23] (Microsoft Corporation) Task: {44AE24A5-EBF8-4504-87A7-4F91F233D2D2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-12] (Microsoft Corporation) Task: {4F30DD0B-98B1-484C-9662-F29CDC35C2D9} - System32\Tasks\Cybereason RansomFree Keepalive => C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe [2017-08-07] (Cybereason) Task: {59A95893-C761-4F1A-9688-A6962623C13F} - System32\Tasks\Opera scheduled Autoupdate 1495853744 => C:\Program Files\Opera\launcher.exe [2017-08-14] (Opera Software) Task: {5E0FE55A-7B31-4552-AE80-F1E91429A9D9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-08-23] () Task: {74D8FCC8-2EA3-4C19-971D-74B60A7CDFB9} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-24] (Samsung Electronics Co. Ltd.) Task: {80D28D1B-FF96-4E28-93F1-918392219EF5} - System32\Tasks\Cybereason RansomFree Autostart => C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe [2017-08-07] (Cybereason) Task: {8162BC7E-648D-4288-88D0-45A00E526791} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-08-23] () Task: {A266C62F-AA79-48B9-A4B1-AE1C14453021} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-12] (Microsoft Corporation) Task: {A489AB5F-4C65-4B79-BDFF-DF2B6A9BD958} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation) Task: {B12DBD85-EAE5-44BC-B857-CC98D253709D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation) Task: {B732F110-0C30-49F8-A492-D569F8010D90} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWoW64\Macromed\Flash\FlashUtil32_26_0_0_151_pepper.exe [2017-08-19] (Adobe Systems Incorporated) Task: {B92625A3-6E4E-4F85-939C-9811B63AACF1} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-10-31] () Task: {C5EA2E51-1F61-4F38-9B0B-D1A8A962D38E} - System32\Tasks\R@1n-KMS\Windows100Professional => wmic [Argument = path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate] Task: {DBE32D9C-6938-4B50-A090-8DD68191F535} - System32\Tasks\RunUninstallTool_SkipUac => C:\Program Files\Uninstall Tool\UninstallTool.exe [2016-10-22] (CrystalIDEA Software) Task: {DD212B50-F7C0-4158-BA0A-07160294FB42} - System32\Tasks\StartIsBack health check => C:\Program Files (x86)\StartIsBack\startscreen.exe [2016-08-14] (www.startisback.com) Task: {E1D9D081-4ECD-449C-A160-EF8C0A394A3D} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation) Task: {F16ED5B1-D2D9-4410-A00A-AF75326949F0} - \Microsoft\Windows\Maintenance\WinSAT -> Brak pliku <==== UWAGA Task: {F5BD470B-CCDC-4DBD-8AA1-5D9E24141C66} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd) Task: {F868F641-E377-4A39-B68A-C5DE00EB782F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation) Task: {FF1DE8D1-7506-4944-BF07-5E7931B68753} - System32\Tasks\{2D2DFF64-2FFE-4B39-AB40-E0E6B0C9013E} => "c:\program files\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.33.0.105&LastError=12007 (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\Windows\SYSTEM32\ism32k.dll 2016-09-30 09:47 - 2016-09-30 09:47 - 002681200 _____ () C:\Windows\system32\CoreUIComponents.dll 2017-08-23 21:03 - 2017-08-21 07:20 - 002264520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-03-28 23:22 - 2012-12-07 17:26 - 000167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2016-11-08 00:26 - 2017-02-23 10:28 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-11-12 00:20 - 2016-11-12 00:20 - 012472904 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe 2016-09-30 09:47 - 2016-09-30 09:47 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-09-30 09:47 - 2016-09-30 09:47 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-11-13 19:11 - 2007-09-02 14:58 - 000495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe 2017-08-17 12:40 - 2017-08-17 12:40 - 000161200 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll 2016-06-28 01:19 - 2016-06-28 01:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll 2016-11-12 00:20 - 2016-11-12 00:20 - 000173128 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll 2016-11-12 00:20 - 2016-11-12 00:20 - 000199752 _____ () C:\Program Files (x86)\VMware\VMware Workstation\LIBEXPAT.dll 2016-11-12 00:20 - 2016-11-12 00:20 - 000396872 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll 2016-11-13 19:11 - 2007-09-02 14:57 - 000069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll 2017-02-03 14:06 - 2012-06-06 03:56 - 000143360 ____N () C:\Program Files\ASUS Xonar DX Audio\Customapp\VmixP8.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Windows:nlsPreferences [386] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\33799554.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\33799554.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2017-08-15 12:22 - 2017-08-23 21:13 - 000007026 ____R C:\Windows\system32\Drivers\etc\hosts 0.0.0.0 a.ads1.msn.com 0.0.0.0 a.ads2.msads.net 0.0.0.0 a.ads2.msn.com 0.0.0.0 a.rad.msn.com 0.0.0.0 a-0001.a-msedge.net 0.0.0.0 a-0002.a-msedge.net 0.0.0.0 a-0003.a-msedge.net 0.0.0.0 a-0004.a-msedge.net 0.0.0.0 a-0005.a-msedge.net 0.0.0.0 a-0006.a-msedge.net 0.0.0.0 a-0007.a-msedge.net 0.0.0.0 a-0008.a-msedge.net 0.0.0.0 a-0009.a-msedge.net 0.0.0.0 ac3.msn.com 0.0.0.0 ad.doubleclick.net 0.0.0.0 adnexus.net 0.0.0.0 adnxs.com 0.0.0.0 ads.msn.com 0.0.0.0 ads1.msads.net 0.0.0.0 ads1.msn.com 0.0.0.0 aidps.atdmt.com 0.0.0.0 aka-cdn-ns.adtech.de 0.0.0.0 a-msedge.net 0.0.0.0 apps.skype.com 0.0.0.0 az361816.vo.msecnd.net 0.0.0.0 az512334.vo.msecnd.net 0.0.0.0 b.ads1.msn.com 0.0.0.0 b.ads2.msads.net 0.0.0.0 b.rad.msn.com 0.0.0.0 bs.serving-sys.com Wykryto więcej niż wyliczono: 160 linii. ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-4006257210-923307027-1902655278-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\G3orG3\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 31.11.202.254 - 37.8.214.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKLM\...\StartupApproved\Run: => "WindowsDefender" HKLM\...\StartupApproved\Run: => "Andy" HKLM\...\StartupApproved\Run32: => "WindowsDefender" HKLM\...\StartupApproved\Run32: => "LogitechQuickCamRibbon" HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\StartupApproved\Run: => "DAEMON Tools Pro Agent" HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\StartupApproved\Run: => "CyberGhost" HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\StartupApproved\Run: => "RansomwareDefender" HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-4006257210-923307027-1902655278-1002\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{3D3CECEB-5413-4E52-96E5-D59E910FE3AF}] => (Allow) C:\Windows\KMS-R@1n.exe FirewallRules: [{ED468252-61C9-48C1-84EC-A82DB9BB79B3}] => (Allow) C:\Windows\KMS-R@1n.exe FirewallRules: [{2664A1B9-9D58-4042-8C64-537801AB1521}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{60E6D465-398E-4850-BE86-7EF7620A2377}] => (Block) C:\windows\system32\svchost.exe FirewallRules: [{A36B6FB6-8E8B-48D8-B43B-86E3C58CB50A}] => (Block) C:\Windows\explorer.exe FirewallRules: [{47F20769-9764-4789-A798-512CA82A7CE8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{90715981-2E9F-4E13-A6DA-18C9209CF0E7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{72814D08-66BF-4A13-9F6A-86C7EEFFAFE2}] => (Allow) C:\Users\G3orG3\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [TCP Query User{D881E88A-8CB7-42B4-99FD-3E0B63104981}C:3\kapitan maruda\sdi_update\sdi_x64_r448.exe] => (Allow) C:3\kapitan maruda\sdi_update\sdi_x64_r448.exe FirewallRules: [UDP Query User{E2998DFA-78BE-4F66-ABE8-B838F4120E5D}C:3\kapitan maruda\sdi_update\sdi_x64_r448.exe] => (Allow) C:3\kapitan maruda\sdi_update\sdi_x64_r448.exe FirewallRules: [{42E277B6-DC4D-419F-B1A6-307EE3D6B383}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{2A70D77B-60D8-4823-B1F1-A0A0C4640A2D}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{FE05BEBE-145B-4A99-85E4-9F85D789F82D}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{645D28BC-0D61-4DAE-8F5E-C47364CDAB1A}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{1BA683C6-24C9-4F5A-BDA0-860465B8A766}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{9EF3686A-F3A9-44A3-A678-4A662EEFBFD8}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{E122649E-F53C-4376-BBB9-820FE320BD8A}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder 6\Streaming Video Recorder 6.exe FirewallRules: [{70906F01-0780-4903-AE1D-4D12F65A3E33}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder 6\Streaming Video Recorder 6.exe FirewallRules: [{0250A91C-5614-4E35-BEB6-73E2E720602B}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder 6\rtmpsrv.exe FirewallRules: [{E7924D60-BE5D-4487-85EE-1B02E1BA6674}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder 6\rtmpsrv.exe FirewallRules: [{1F16A912-7EF1-4471-A143-3D0D301D4A50}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe FirewallRules: [{1DE674B8-202B-4B38-AA55-F4EE788CA4D8}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe FirewallRules: [{2D80A3A4-7339-4F91-A958-98240F66418E}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe FirewallRules: [{FEFB3CC4-3341-4820-B1E2-6869FE63129C}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe FirewallRules: [{E9E65852-4AA8-44FB-BAA9-374A1A8C33E8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{955FD04C-DEF4-4E2D-ABA4-223DB6701BDA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{BCB3CA4D-040D-46D4-93E2-F4698C7DA1C8}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe FirewallRules: [{59FB63E2-7278-484E-B01C-94AA6D1FC809}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe FirewallRules: [{3432968D-FAB3-44B7-B7ED-2FE62558F191}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe FirewallRules: [{B66BE7D6-2CDF-4107-ACA7-A21855F9CD25}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe FirewallRules: [{9EBC39CC-0E2A-4697-81AA-5F5F2839BBA7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{89B14858-6735-4DFA-9098-5376CB9EF1FD}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{52C5B59B-6A1A-48F1-948A-9974997E366A}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{C620B3F7-DA83-4C3D-A1EA-A6CE6E35931B}] => (Allow) C:\Program Files\SuperBeam\SuperBeam.exe FirewallRules: [{BFC67071-A68D-4465-86A2-68C1705FB879}] => (Allow) C:\Program Files\SuperBeam\app\ssl-proxy FirewallRules: [{4A381874-17B3-4E38-A9B2-D01E6D2E1CC4}] => (Allow) C:\Program Files (x86)\Mirillis\MonfloServer\MonfloServer.exe FirewallRules: [{980D40DB-F4B1-4B17-A178-C27F720C22D1}] => (Allow) C:\Program Files (x86)\Mirillis\MonfloServer\MonfloClientPC\MonfloClient.exe FirewallRules: [TCP Query User{31DC6D78-3C94-4DB8-86A7-6C18798B6663}C:\users\g3org3\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\g3org3\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{ACD23DBA-8405-4538-81FA-14F59FEDBC16}C:\users\g3org3\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\g3org3\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{9A5248A4-1460-469B-A7BB-9436797FD3B1}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe FirewallRules: [UDP Query User{9C449A46-68C2-4BD7-B600-132BC5AC32FF}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe FirewallRules: [{470F4A0D-2CEB-4F68-811A-DB11F1A78E2F}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe FirewallRules: [{47CE7C18-EEDC-4E9A-9B5C-E5D15BB433EB}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe FirewallRules: [{B5B729A8-C65E-41B3-9BBC-A405E2C1A773}] => (Allow) C:\Program Files\Opera\46.0.2597.57\opera.exe FirewallRules: [{6B58625D-F1A1-4766-AEE7-624DDF1EB7CF}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe FirewallRules: [{8358F446-DEB9-4925-8FAC-1D4C5CD71C21}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe FirewallRules: [{1B38312C-19D4-4993-B3D3-9329161D1BE8}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe FirewallRules: [{2B608387-7534-4085-AD88-2E1DF9BF4E03}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe FirewallRules: [{52FD2BA5-B1ED-428B-8615-3EB146C93F07}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe FirewallRules: [{1396A0AA-4A19-4AA2-BE73-0BD469AFFFAF}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe FirewallRules: [{F5F3A387-6871-415C-8D63-370DFCA60AE6}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{88C8EF10-AECB-439E-B533-AD4388CBDF28}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{E7B78974-3ACB-4EAF-91DC-9C98229083B7}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe FirewallRules: [{A299C868-D471-4856-A9A5-2F7FC9333A3B}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe FirewallRules: [{F4799ABF-9F33-48FF-A36D-EF44C39A31A2}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe FirewallRules: [{9EF39F87-505E-4F98-A57E-466154305B03}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{72A92BF8-D90B-4524-9FA5-467219A6CAFA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{DBAEAA38-D8AA-40DC-9C76-A43E91210833}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{A7C24458-CC92-4C1D-86F9-50F6AD80026A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{8295F23C-059C-47D8-B8F6-D9D870F0CE2F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{B5AC1753-981E-46B1-9C80-7D28819CE4B3}] => (Allow) C:\Program Files\Opera\47.0.2631.55\opera.exe ==================== Punkty Przywracania systemu ========================= ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (08/23/2017 09:01:10 PM) (Source: KMS-QAD) (EventID: 1001) (User: ) Description: Event-ID 1001 Error: (08/23/2017 08:42:50 PM) (Source: KMS-QAD) (EventID: 1001) (User: ) Description: Event-ID 1001 Error: (08/23/2017 08:04:27 PM) (Source: KMS-QAD) (EventID: 1001) (User: ) Description: Event-ID 1001 Error: (08/23/2017 07:54:49 PM) (Source: KMS-QAD) (EventID: 1001) (User: ) Description: Event-ID 1001 Error: (08/23/2017 04:48:37 PM) (Source: KMS-QAD) (EventID: 1001) (User: ) Description: Event-ID 1001 Error: (08/22/2017 09:22:58 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Nie powiodło się wykonanie procedury otwierania dla usługi „WmiApRpl” w bibliotece DLL „C:\Windows\system32\wbem\wmiaprpl.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu. Error: (08/22/2017 09:22:58 AM) (Source: Perflib) (EventID: 1023) (User: ) Description: System Windows nie może załadować biblioteki DLL licznika rozszerzalnego rdyboost. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu systemu Windows. Error: (08/22/2017 09:22:58 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Nie powiodło się wykonanie procedury otwierania dla usługi „BITS” w bibliotece DLL „C:\Windows\System32\bitsperf.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu. Error: (08/20/2017 11:36:44 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6015 Error: (08/20/2017 11:36:44 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6015 Dziennik System: ============= Error: (08/23/2017 09:13:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa KMS-R@1n niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/23/2017 09:13:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa NcaSvc zależy od usługi iphlpsvc, której nie można uruchomić z powodu następującego błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Error: (08/23/2017 09:13:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa iphlpsvc zależy od usługi WinHttpAutoProxySvc, której nie można uruchomić z powodu następującego błędu: Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia. Error: (08/23/2017 09:13:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi luafv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (08/23/2017 09:13:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa VMware Workstation Server niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/23/2017 09:01:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa KMS-R@1n zakończyła działanie; wystąpił następujący błąd: Parametr jest niepoprawny. Error: (08/23/2017 09:01:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa NcaSvc zależy od usługi iphlpsvc, której nie można uruchomić z powodu następującego błędu: Uruchomienie usługi zależności lub grupy nie powiodło się. Error: (08/23/2017 09:01:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa iphlpsvc zależy od usługi WinHttpAutoProxySvc, której nie można uruchomić z powodu następującego błędu: Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia. Error: (08/23/2017 09:01:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi luafv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (08/23/2017 09:00:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa VMware Workstation Server niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. CodeIntegrity: =================================== Date: 2017-08-23 20:03:18.497 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\wshhyperv.dll that did not meet the Windows signing level requirements. Date: 2017-08-23 20:03:18.497 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\wshhyperv.dll that did not meet the Windows signing level requirements. Date: 2017-08-23 20:03:18.496 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\wshhyperv.dll that did not meet the Windows signing level requirements. Date: 2017-08-23 20:03:18.496 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\wshhyperv.dll that did not meet the Windows signing level requirements. Date: 2017-08-23 16:47:58.240 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\wshhyperv.dll that did not meet the Windows signing level requirements. Date: 2017-08-23 16:47:58.198 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\wshhyperv.dll that did not meet the Windows signing level requirements. Date: 2017-08-23 16:47:58.198 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\wshhyperv.dll that did not meet the Windows signing level requirements. Date: 2017-08-23 16:47:58.172 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\wshhyperv.dll that did not meet the Windows signing level requirements. Date: 2017-08-03 19:55:39.331 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\wshhyperv.dll that did not meet the Windows signing level requirements. Date: 2017-08-03 19:55:39.331 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\wshhyperv.dll that did not meet the Windows signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz Procent pamięci w użyciu: 17% Całkowita pamięć fizyczna: 16336.64 MB Dostępna pamięć fizyczna: 13405.53 MB Całkowita pamięć wirtualna: 20250.63 MB Dostępna pamięć wirtualna: 17164.72 MB ==================== Dyski ================================ Drive c: (SYSTEM) (Fixed) (Total:238.47 GB) (Free:3.83 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: () (Fixed) (Total:1598.46 GB) (Free:1280.65 GB) NTFS Drive e: (HD Music) (Fixed) (Total:1035.78 GB) (Free:998.57 GB) NTFS Drive f: (Varia) (Fixed) (Total:160.27 GB) (Free:41.43 GB) NTFS Drive h: (Dysk S) (Fixed) (Total:102.19 GB) (Free:60.7 GB) NTFS Drive i: (Movie) (Fixed) (Total:179.67 GB) (Free:140.02 GB) NTFS Drive j: (Music) (Fixed) (Total:100.42 GB) (Free:1.11 GB) NTFS Drive k: (Game & Applications) (Fixed) (Total:50.7 GB) (Free:20.81 GB) NTFS Drive l: (Varia) (Fixed) (Total:32.77 GB) (Free:6.59 GB) NTFS Drive m: () (Fixed) (Total:149.03 GB) (Free:124.63 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 38899692) Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 2794.5 GB) (Disk ID: 49944993) Partition: GPT. ======================================================== Disk: 2 (Size: 465.8 GB) (Disk ID: 23BE23BD) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=OF Extended) ======================================================== Disk: 3 (Size: 149 GB) (Disk ID: 4D4F4356) Partition 1: (Not Active) - (Size=149 GB) - (Type=OF Extended) ==================== Koniec Addition.txt ============================