Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 16-10-2017 Uruchomiony przez Rafał (17-10-2017 17:54:02) Uruchomiony z C:\Users\Rafał\Downloads\Programy Windows 8.1 (Update) (X64) (2016-10-11 18:08:08) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= 146C06C1D4F5442AB34C (S-1-5-21-886091981-26357939-1909133584-1004 - Limited - Enabled) Administrator (S-1-5-21-886091981-26357939-1909133584-500 - Administrator - Disabled) Gość (S-1-5-21-886091981-26357939-1909133584-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-886091981-26357939-1909133584-1003 - Limited - Enabled) Rafał (S-1-5-21-886091981-26357939-1909133584-1001 - Administrator - Enabled) => C:\Users\Rafał ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.3.28705 - BitTorrent Inc.) µTorrent (HKU\S-1-5-21-886091981-26357939-1909133584-1001\...\uTorrent) (Version: 3.4.9.42923 - BitTorrent Inc.) 4K Video Downloader 4.2 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.2.1.2185 - Open Media LLC) Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated) Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.12.1878, 25.12.2016 - AIMP DevTeam) Aktualizacje NVIDIA 15.3.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 15.3.33 - NVIDIA Corporation) Hidden Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.66 - NVIDIA Corporation) Hidden ATLAS.ti (HKLM-x32\...\{B7E953D4-FD01-4F06-B2CF-F8D453FB8BD2}) (Version: 7.5.15.0 - ATLAS.ti Scientific Software Development GmbH) Backup and Sync from Google (HKLM-x32\...\{A30E2377-AFC5-4EF3-A1E1-ECBC3843C73B}) (Version: 3.36.6884.5911 - Google, Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform) Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 58.0.3029.113 - Comodo) COMODO Internet Security Premium (HKLM\...\{4F6FC44D-AE9F-472B-8F00-B8388BC9AA04}) (Version: 10.0.1.6294 - COMODO Security Solutions Inc.) Hidden COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 10.0.1.6294 - COMODO Security Solutions Inc.) COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA421657}) (Version: 1.1.99.0 - COMODO) Hidden COMODO Secure Shopping (HKLM-x32\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.1.421657.99 - Comodo) Corel AfterShot 3 - ICA x64 (HKLM\...\{FE875B02-11A1-4D1E-B57A-8DE2C00C0B51}) (Version: 3.2 - Corel Corporation) Hidden Corel AfterShot 3 - IPM Content x64 (HKLM\...\{3E064BED-C9D8-4BEF-A2EE-8D67E99C3932}) (Version: 3.2 - Corel Corporation) Hidden Corel AfterShot 3 - IPM x64 (HKLM\...\{5059B47C-4D7B-46E9-9D7A-1E2FCF5DDBED}) (Version: 3.2.0.205 - Corel Corporation) Hidden Corel AfterShot 3 x64 (HKLM\...\{FB96A937-BCF7-4AD6-B6D2-216FF162A744}) (Version: 3.0 - Corel Corporation) Hidden Corel AfterShot 3(64-bit) (HKLM\...\_{FE875B02-11A1-4D1E-B57A-8DE2C00C0B51}) (Version: 3.2.0.205 - Corel Corporation) Corel Update Manager (HKLM\...\{B6C0FB43-0C9B-46E6-93E4-DF171ED80C53}) (Version: 2.4.244 - Corel corporation) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.) Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.4.2.0 - Dell Inc.) Hidden Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP) Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.) Dell SupportAssistAgent (HKLM-x32\...\{A10101BE-714B-42EE-B88B-5D3725B61425}) (Version: 1.4.2.2 - Dell) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.1.34.40 - Synaptics Incorporated) Dell Update (HKLM-x32\...\{D9D0E75C-F791-402A-98E2-A2F43E7B0CE3}) (Version: 1.1.1054.0 - Dell Inc.) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.) Dishonored 2 (HKLM\...\Dishonored 2_is1) (Version: 1.0 - ) FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== UWAGA Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden HitFilm Express 2017 (HKLM\...\{01DF9929-F932-49CB-BDFE-6FC20F724056}) (Version: 5.0.6718.07202 - FXHOME) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation) Malwarebytes (wersja 3.2.2.2029) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team) NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.66 - NVIDIA Corporation) NVIDIA Sterownik graficzny 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation) Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Panel sterowania NVIDIA 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 378.66 - NVIDIA Corporation) Hidden PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.18 - Dell Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.) REAPER (HKLM-x32\...\REAPER) (Version: - ) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.100 - NVIDIA Corporation) Hidden Total War - WARHAMMER II version 1.0 (HKLM\...\Total War - WARHAMMER II_is1) (Version: 1.0 - STEAMPUNKS) WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-886091981-26357939-1909133584-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Rafał\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-886091981-26357939-1909133584-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Rafał\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-886091981-26357939-1909133584-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Rafał\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => Brak pliku ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-09-15] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-09-15] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-09-15] (Google) ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-12-26] (AIMP DevTeam) ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvAppExt.dll [2014-01-08] (Atheros Commnucations) ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (COMODO) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-09-15] (Google) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-08] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-08] (Alexander Roshal) ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (COMODO) ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll [2014-01-08] (Qualcomm®Atheros®) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-12-26] (AIMP DevTeam) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-09-15] (Google) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2014-02-04] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-02-10] (NVIDIA Corporation) ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (COMODO) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-08] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-08] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {065EF658-77B2-4837-990B-8AA80DBA5049} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-09-26] (Corel Corporation) Task: {1CF04B0B-D27D-4CAD-892A-D77B2C69EF0C} - System32\Tasks\SafeZone scheduled Autoupdate 1479649039 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe Task: {26EA6BC2-31E5-455A-BCA2-C84F7D124411} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc) Task: {2815BE5B-F5E9-401D-81AE-D1ED1E47F971} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd) Task: {5AC67092-F67C-4EFF-825C-88827A8364BF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {646F8BCF-37C5-485D-86A3-3CC2779EDC2E} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {6B1A48B7-C8F5-4934-9805-05B7F5407ABF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-16] (Adobe Systems Incorporated) Task: {6CACCBBE-6A29-4D20-8626-5112F011B18E} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-08-29] (COMODO) Task: {703DB337-CF41-453C-A2EB-01BF44B10AA6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-12] (AVAST Software) Task: {73E07990-DAFE-41AB-97DB-75BAEDFFB3D4} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {79C06A0F-BDAC-4397-BD62-46C870285ECB} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe Task: {7BA4A075-D6F1-4516-9726-D23A25744BAF} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc) Task: {83F70E08-A512-470E-8B53-1B7CDE696D0C} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {8659D3BA-B8AA-48E9-9253-83953E381FAF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-09] (Google Inc.) Task: {872FE94A-88A5-4CE3-B737-5A6A9595C244} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {88F8A770-49DA-4805-810D-58E66B4E41E7} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {90898426-91BD-4D1D-8C13-1437B8163B40} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {90DD8F09-00ED-4D2E-837D-FBDB4C7F47CB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {C5AD9F31-CA27-49B2-A9D0-9304E66B2B0B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-09] (Google Inc.) Task: {D0AA08D5-CB29-4F49-8633-8C676AA56EAE} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-04-25] (Dell Inc.) Task: {D49B9351-6B93-41A6-96B9-F35CF3F1C914} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe [2017-10-16] (Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2014-10-28 21:08 - 2017-02-10 00:57 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-08-29 05:57 - 2017-08-29 05:57 - 000156352 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll 2017-08-29 05:56 - 2017-08-29 05:56 - 000107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll 2017-08-29 05:56 - 2017-08-29 05:56 - 000244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll 2017-10-16 18:35 - 2017-10-16 18:38 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-10-16 18:35 - 2017-10-16 18:38 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2015-07-31 09:58 - 2015-07-31 09:58 - 008901800 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2017-07-20 16:03 - 2017-07-20 16:03 - 000073920 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2014-01-08 02:00 - 2014-01-08 02:00 - 000011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2014-01-08 01:58 - 2014-01-08 01:58 - 000086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll 2014-01-08 02:03 - 2014-01-08 02:03 - 000012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe 2017-09-15 09:49 - 2017-09-15 09:49 - 040258552 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe 2017-09-26 01:35 - 2017-09-21 09:29 - 002692440 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\swiftshader\libglesv2.dll 2017-09-26 01:35 - 2017-09-21 09:29 - 000138584 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\swiftshader\libegl.dll 2014-10-28 21:01 - 2013-12-10 17:27 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2017-10-17 17:48 - 2017-10-17 17:48 - 000088064 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\_ctypes.pyd 2017-10-17 17:48 - 2017-10-17 17:48 - 000918528 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\_hashlib.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000098816 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\win32api.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000110080 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\pywintypes27.dll 2017-10-17 17:49 - 2017-10-17 17:49 - 000364544 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\pythoncom27.dll 2017-10-17 17:49 - 2017-10-17 17:49 - 000686080 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\unicodedata.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000320512 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\win32com.shell.shell.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 001177088 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\wx._core_.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000806912 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\wx._gdi_.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000816640 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\wx._windows_.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 001067520 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\wx._controls_.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000733696 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\wx._misc_.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000736256 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\pysqlite2._sqlite.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000119808 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\win32file.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000108544 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\win32security.pyd 2017-10-17 17:48 - 2017-10-17 17:48 - 000007168 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\hashobjs_ext.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000017920 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\thumbnails_ext.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000082432 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\usb_ext.pyd 2017-10-17 17:48 - 2017-10-17 17:48 - 000013824 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\common.time34.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000018432 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\win32event.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000088576 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\windows.volumes.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000017408 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\windows.winwrap.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000167936 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\win32gui.pyd 2017-10-17 17:48 - 2017-10-17 17:48 - 000046080 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\_socket.pyd 2017-10-17 17:48 - 2017-10-17 17:48 - 001309696 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\_ssl.pyd 2017-10-17 17:48 - 2017-10-17 17:48 - 000129536 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\_elementtree.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000127488 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\pyexpat.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000038912 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\win32inet.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000077824 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\wx._html2.pyd 2017-10-17 17:48 - 2017-10-17 17:48 - 000036864 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\_psutil_windows.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000524248 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\windows._lib_cacheinvalidation.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000011264 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\win32crypt.pyd 2017-10-17 17:48 - 2017-10-17 17:48 - 000218624 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\PIL._imaging.pyd 2017-10-17 17:48 - 2017-10-17 17:48 - 000027648 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\_multiprocessing.pyd 2017-10-17 17:48 - 2017-10-17 17:48 - 000020480 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\_yappi.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000035840 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\win32process.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000024064 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\win32pipe.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000010240 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\select.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000025600 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\win32pdh.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000058880 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\windows.device_monitor.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000017408 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\win32profile.pyd 2017-10-17 17:49 - 2017-10-17 17:49 - 000022528 _____ () C:\Users\Rafał\AppData\Local\Temp\_MEI39642\win32ts.pyd ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Windows\NvContainerRecovery.bat:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\asycfilt.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\DafPrintProvider.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mfmjpegdec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mfmp4srcsnk.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mispace.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\nvcompiler.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\nvcuda.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\nvcuvid.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\nvd3dumx.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\nvdispco6437866.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\nvdispgenco6437866.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\nvEncodeAPI64.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\nvfatbinaryLoader.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\NvFBC64.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\NvIFR64.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\NvIFROpenGL.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\nvinitx.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\nvoglv64.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\nvopencl.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\nvptxJitCompiler.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\nvwgf2umx.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\OpenCL.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\storagewmi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\tdc.ocx:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ucrtbase.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WinSCard.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wisp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wmitomi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\xvid.ax:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\xvidcore.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\xvidvfw.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\asycfilt.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\DafPrintProvider.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mfmjpegdec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mfmp4srcsnk.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mispace.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\netlogon.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\nvapi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\nvcompiler.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\nvcuda.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\nvcuvid.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\nvd3dum.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\nvEncodeAPI.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\nvfatbinaryLoader.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\NvFBC.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\NvIFR.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\NvIFROpenGL.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\nvinit.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\nvoglv32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\nvopencl.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\nvptxJitCompiler.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\nvStreaming.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\nvwgf2um.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\samlib.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\storagewmi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\tdc.ocx:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ucrtbase.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wincorlib.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WinSCard.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WinTypes.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wisp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wmitomi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WsmSvc.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WsmWmiPl.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\xvid.ax:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\xvidcore.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\xvidvfw.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\BasicRender.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\dfsc.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\dxgkrnl.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\dxgmms1.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\ndis.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\nvlddmkm.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\scfilter.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\spaceport.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\WdBoot.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\WdFilter.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\WdNisDrv.sys:$CmdTcID [130] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 15:25 - 2017-10-17 17:44 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-886091981-26357939-1909133584-1001\Control Panel\Desktop\\Wallpaper -> E:\Program Files (x86)\GALERIA\OBRAZKI\okladka.png DNS Servers: 31.11.202.254 - 37.8.214.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKLM\...\StartupApproved\Run: => "WavesSvc" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}" HKLM\...\StartupApproved\Run: => "NvBackend" HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKU\S-1-5-21-886091981-26357939-1909133584-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-886091981-26357939-1909133584-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-886091981-26357939-1909133584-1001\...\StartupApproved\Run: => "RESTART_STICKY_NOTES" HKU\S-1-5-21-886091981-26357939-1909133584-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-886091981-26357939-1909133584-1001\...\StartupApproved\Run: => "Xvid" HKU\S-1-5-21-886091981-26357939-1909133584-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-886091981-26357939-1909133584-1001\...\StartupApproved\Run: => "BitTorrent" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{5B47A4C3-A1A9-4A2F-82FC-E9C05F759C24}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{E3FA95B2-F62F-44DD-ABAB-371276E5F2F0}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe ==================== Punkty Przywracania systemu ========================= Sprawdź usługę "winmgmt" lub napraw WMI. ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Niepowodzenie przy listowaniu urządzeń. Sprawdź usługę "winmgmt" lub napraw WMI. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (10/17/2017 05:48:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: quickset.exe, wersja: 11.1.18.1, sygnatura czasowa: 0x52d7a29c Nazwa modułu powodującego błąd: quickset.exe, wersja: 11.1.18.1, sygnatura czasowa: 0x52d7a29c Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000012690 Identyfikator procesu powodującego błąd: 0x90c Godzina uruchomienia aplikacji powodującej błąd: 0x01d3475f62119cd6 Ścieżka aplikacji powodującej błąd: C:\Program Files\Dell\QuickSet\quickset.exe Ścieżka modułu powodującego błąd: C:\Program Files\Dell\QuickSet\quickset.exe Identyfikator raportu: a259bd74-b352-11e7-82c0-4cbb58361d73 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Dziennik System: ============= Error: (10/17/2017 05:49:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Dell Digital Delivery Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (10/17/2017 05:49:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Dell Digital Delivery Service. Error: (10/17/2017 05:48:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Windows Defender z powodu następującego błędu: System Windows nie może zweryfikować podpisu cyfrowego tego pliku. Ostatnia zmiana sprzętu lub oprogramowania mogła spowodować zainstalowanie pliku, który jest niepoprawnie podpisany lub uszkodzony. Możliwe także, że jest to złośliwe oprogramowanie pochodzące z nieznanego źródła. Error: (10/17/2017 05:46:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa KMS-host Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/17/2017 05:46:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi vcs z powodu następującego błędu: System Windows nie może zweryfikować podpisu cyfrowego tego pliku. Ostatnia zmiana sprzętu lub oprogramowania mogła spowodować zainstalowanie pliku, który jest niepoprawnie podpisany lub uszkodzony. Możliwe także, że jest to złośliwe oprogramowanie pochodzące z nieznanego źródła. Error: (10/17/2017 05:45:15 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\system32\athihvs.dll Error: (10/17/2017 05:45:15 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\system32\athihvs.dll Error: (10/17/2017 05:45:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\system32\athihvs.dll CodeIntegrity: =================================== Date: 2017-10-17 17:52:16.181 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-10-17 17:52:16.165 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-10-17 17:48:56.023 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-17 17:47:58.989 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-10-17 17:46:52.363 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-17 17:46:38.678 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\WINDOWS\System32\services.exe) attempted to load \Device\HarddiskVolume5\WINDOWS\System32\cssguard64.dll that did not meet the Windows signing level requirements. Date: 2017-10-17 17:44:04.252 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\WINDOWS\System32\guard64.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz Procent pamięci w użyciu: 33% Całkowita pamięć fizyczna: 8095.82 MB Dostępna pamięć fizyczna: 5420.05 MB Całkowita pamięć wirtualna: 16287.82 MB Dostępna pamięć wirtualna: 13538.1 MB ==================== Dyski ================================ Drive c: (Dysk) (Fixed) (Total:488.82 GB) (Free:280.37 GB) NTFS Drive e: (Dysk) (Fixed) (Total:433.88 GB) (Free:119.45 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: D08D7FA9) Partition: GPT. ==================== Koniec Addition.txt ============================