Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 23-10-2017 01 Uruchomiony przez XolX (24-10-2017 08:07:48) Uruchomiony z C:\Users\XolX\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2017-01-17 22:09:41) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2366344879-1748881955-3678331948-500 - Administrator - Disabled) Gość (S-1-5-21-2366344879-1748881955-3678331948-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2366344879-1748881955-3678331948-1002 - Limited - Enabled) UpdatusUser (S-1-5-21-2366344879-1748881955-3678331948-1003 - Limited - Enabled) => C:\Users\UpdatusUser XolX (S-1-5-21-2366344879-1748881955-3678331948-1000 - Administrator - Enabled) => C:\Users\XolX ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD} AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) CM Installer (HKLM-x32\...\{E8F42777-958D-4C14-9A42-8DCA1929FD26}) (Version: 1.0.0.0 - Cyanogen Inc.) Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 58.0.3029.115 - Comodo) COMODO Internet Security Premium (HKLM\...\{4F6FC44D-AE9F-472B-8F00-B8388BC9AA04}) (Version: 10.0.1.6294 - COMODO Security Solutions Inc.) Hidden COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 10.0.1.6294 - COMODO Security Solutions Inc.) COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA421657}) (Version: 1.1.99.0 - COMODO) Hidden COMODO Secure Shopping (HKLM-x32\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.1.421657.99 - Comodo) Dell Custom Help (HKLM\...\{BE1CF6CA-3182-45D8-9535-A18055B73607}) (Version: 16.01.1000.0235 - Intel Corporation) Hidden Dell Feature Enhancement Pack (HKLM\...\{992D1CE7-A20F-4AB0-9D9D-AFC3418844DA}) (Version: 2.2.1 - Dell) Dell System Detect (HKU\S-1-5-21-2366344879-1748881955-3678331948-1000\...\58d94f3ce2c27db0) (Version: 7.11.0.6 - Dell) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1208.101.125 - ALPS ELECTRIC CO., LTD.) Discord (HKU\S-1-5-21-2366344879-1748881955-3678331948-1000\...\Discord) (Version: 0.0.298 - Discord Inc.) Electrum (HKU\S-1-5-21-2366344879-1748881955-3678331948-1000\...\Electrum) (Version: 2.9.3 - Electrum Technologies GmbH) f.lux (HKU\S-1-5-21-2366344879-1748881955-3678331948-1000\...\Flux) (Version: - ) GameSessions Data Delivery x86 (HKLM-x32\...\{29B2C550-F1EB-4392-B905-A721261D5938}) (Version: 1.28.438.0 - Tangentix Ltd) Glary Utilities 5.86 (HKLM-x32\...\Glary Utilities 5) (Version: 5.86.0.107 - Glarysoft Ltd) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Handset WinDriver 1.02.03.00 (HKLM-x32\...\Handset WinDriver) (Version: 1.02.03.00 - Huawei technologies Co., Ltd.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.70.1205 - Intel Corporation) Intel(R) Network Connections 21.0.504.0 (HKLM\...\PROSetDX) (Version: 21.0.504.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3040 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Kingo ROOT version 1.5.1.2996 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.5.1.2996 - Kingosoft Technology Ltd.) Mapy do Open General wersja OG Map 4.27 (HKLM-x32\...\{47C47584-9788-47D8-BEE6-028B6D22E3E5}_is1) (Version: OG Map 4.27 - kowdar) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{35b83883-40fa-423c-ae73-2aff7e1ea820}) (Version: 12.0.40649.5 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation) Mozilla Firefox 56.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 pl)) (Version: 56.0 - Mozilla) MSVC80_x64 (HKLM\...\{68660049-8D48-427C-9FF7-139D8340CDC0}) (Version: 1.0.1.0 - Nokia) Hidden MSVC80_x86 (HKLM-x32\...\{212748BB-0DA5-46DE-82A1-403736DC9F27}) (Version: 1.0.1.0 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) NVIDIA nView 136.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 136.28 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.12.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.12.0 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{b6b417a3-1f40-4618-aadd-49628bda7836}) (Version: 16.1.1 - Intel Corporation) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.107.254.0 - Overwolf Ltd.) Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia) Panel sterowania NVIDIA 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 327.62 - NVIDIA Corporation) Hidden PC Connectivity Solution (HKLM-x32\...\{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}) (Version: 8.47.7.0 - Nokia) Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.13.0.18 - GOG.com) Pillars of Eternity Kickstarter Item (HKLM-x32\...\1427204139_is1) (Version: 2.13.0.18 - GOG.com) Pillars of Eternity Preorder Item and Pet (HKLM-x32\...\1207666843_is1) (Version: 2.13.0.18 - GOG.com) qBittorrent 3.3.10 (HKLM-x32\...\qBittorrent) (Version: 3.3.10 - The qBittorrent project) Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.) Scid 4.6.4 (HKU\S-1-5-21-2366344879-1748881955-3678331948-1000\...\Scid_is1) (Version: 4.6.4 - The Scid project) Scid vs PC 4.18 (HKLM-x32\...\Scid vs PC_is1) (Version: 4.18 - Steven Atkinson) Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.0 - TeamSpeak Systems GmbH) Unity Web Player (HKU\S-1-5-21-2366344879-1748881955-3678331948-1000\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) Wireshark 2.2.6 (32-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.6 - The Wireshark developer community, hxxps://www.wireshark.org) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (COMODO) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-23] (Glarysoft Ltd) ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (COMODO) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-23] (Glarysoft Ltd) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2012-05-11] () ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-02-22] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-10-29] (NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-08-29] (COMODO) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-23] (Glarysoft Ltd) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1B3D63F7-6E2C-4B4E-A33D-C703A0386408} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2017-10-23] (Glarysoft Ltd) Task: {2FCAB273-27BA-41A8-AAEA-2DB09FB0B099} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-08-29] (COMODO) Task: {45E7F014-6124-4486-9003-A0AB78BAE776} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {63BE4C92-1FA7-4786-BE0B-E7ACEA135E8A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-29] (Google Inc.) Task: {9B8D5F6A-DE29-41D3-A33E-177977677C89} - System32\Tasks\{8AAB2CB3-511F-43F6-B659-39EB1DA3E4C1} => C:\Windows\system32\pcalua.exe -a C:\Users\XolX\Downloads\vcredist_x86(1).exe -d C:\Users\XolX\Downloads Task: {ADF67C8C-6420-4FEF-BD2C-AD1BFF32F50F} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {BA196A72-9CF2-4131-8464-854967E04EA4} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {D75A3EDB-90E8-4ACC-8895-2110BDAAA531} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2017-10-23] (Glarysoft Ltd) Task: {E0CD873D-D447-4480-9F3B-A96A57BD6A59} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-08-29] (COMODO) Task: {EFFF42B7-4ECE-4056-9836-0B12CF0FAC56} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-29] (Google Inc.) Task: {F03B7C99-FA70-413C-996A-8BF73DDFDAC9} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-10-17] (Overwolf LTD) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\XolX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm ==================== Załadowane moduły (filtrowane) ============== 2017-08-29 05:56 - 2017-08-29 05:56 - 000244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll 2017-08-29 05:56 - 2017-08-29 05:56 - 000107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll 2017-01-18 09:01 - 2013-10-29 01:38 - 000097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-01-18 08:57 - 2013-12-04 03:22 - 000013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2017-07-20 16:03 - 2017-07-20 16:03 - 000073920 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav 2017-10-24 07:48 - 2016-11-09 08:31 - 000178176 _____ () C:\Users\XolX\AppData\Local\Temp\HouseCall\libexpatw.dll 2017-06-14 17:52 - 2017-06-14 17:52 - 005709248 _____ () C:\Users\XolX\AppData\Local\Temp\HouseCall\tmase\nmap\bonjour.exe ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-2366344879-1748881955-3678331948-1000\...\dell.com -> dell.com ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2366344879-1748881955-3678331948-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 185.138.236.105 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupfolder: C:^Users^XolX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Smart Settings.lnk => C:\Windows\pss\Smart Settings.lnk.Startup MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: DellSystemDetect => C:\Users\XolX\AppData\Local\Apps\2.0\X9MBZP34.Y7V\YYL1VPJA.QHN\dell..tion_6d0a76327dca4869_0007.000b_df227eeaae3cac0d\DellSystemDetect.exe 4zZn5oeQk9WMM5ZBt7fsYA== MSCONFIG\startupreg: DFEPApplication => C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe MSCONFIG\startupreg: GalaxyClient => C:\gry\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: IntelPROSet => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless MSCONFIG\startupreg: IseUI => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: Steam => "C:\gry\Steam\steam.exe" -silent ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{F9C034BA-1075-4207-810A-A6D083CDA4EC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{3A840402-800A-4B62-BB10-BAC7394F1BB3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{B5B34B60-DBEF-4AF9-ABF7-B1DB84BB02E2}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{B73F95BA-42A0-4240-AEE6-3A31B7D2FB42}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E854A59B-2B1C-44BB-98BF-9F72366C80E0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A6211365-63AE-43AF-9827-ED5737A85757}] => (Allow) C:\gry\Steam\Steam.exe FirewallRules: [{485A7122-9620-487B-832A-51CBAFD8A759}] => (Allow) C:\gry\Steam\Steam.exe FirewallRules: [{2AC9D94C-07E1-4FDD-9874-3591229C3B15}] => (Allow) C:\gry\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B653C2F2-4DB9-4B5F-9E9B-786E5721336A}] => (Allow) C:\gry\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{D2697CD5-6728-46C2-AFF4-07A79AF6DD02}] => (Allow) C:\gry\Steam\steamapps\common\World of Tanks Blitz\wotblitz.exe FirewallRules: [{6E91D9A7-D23A-4700-B8AA-7095D330C141}] => (Allow) C:\gry\Steam\steamapps\common\World of Tanks Blitz\wotblitz.exe FirewallRules: [{88D82D2D-A89A-4615-B3C7-6C07FDA08686}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{CA5242D6-3717-459A-8990-AD248964A009}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{88839DD6-E91B-4053-9A5D-2A273E3C3BF5}] => (Allow) C:\gry\Steam\steamapps\common\Football Manager 2014\fm.exe FirewallRules: [{AA5CBEA4-E001-4FDD-B1D9-4B7DE571C9A6}] => (Allow) C:\gry\Steam\steamapps\common\Football Manager 2014\fm.exe FirewallRules: [{88BDF918-620E-4F5E-A55A-0FC7E7DE8F03}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{29E5E48D-0FEA-4A85-8723-ED3A010379CB}] => (Allow) C:\gry\Steam\steamapps\common\Fallout\FalloutLauncher.exe FirewallRules: [{F428598D-1D1D-4D47-9B8F-66908435018D}] => (Allow) C:\gry\Steam\steamapps\common\Fallout\FalloutLauncher.exe FirewallRules: [{E75F9DAC-2E24-4BDC-955C-8AB588CD4539}] => (Allow) C:\Users\XolX\AppData\Local\Temp\HouseCall\tmase\nmap\bonjour.exe FirewallRules: [{61F10C56-C31E-4255-9857-A5682A9BBBA1}] => (Allow) C:\Users\XolX\AppData\Local\Temp\HouseCall\tmase\drs\DrScaner.exe FirewallRules: [{1B3AE520-3A91-46F1-8F65-C2E733430C87}] => (Allow) C:\Users\XolX\AppData\Local\Temp\HouseCall\tmase\drs\DrScaner.exe ==================== Punkty Przywracania systemu ========================= 23-10-2017 08:45:22 Revo Uninstaller's restore point - Internet Security Essentials 23-10-2017 08:47:42 Revo Uninstaller's restore point - Smart View 23-10-2017 08:48:20 Revo Uninstaller's restore point - COMODO Internet Security Premium 23-10-2017 08:52:51 Revo Uninstaller's restore point - COMODO Internet Security Premium 23-10-2017 08:53:53 Removing COMODO Client - Security 23-10-2017 08:56:32 Revo Uninstaller's restore point - Electrum 23-10-2017 08:59:15 Revo Uninstaller's restore point - CCleaner 23-10-2017 09:07:23 Installed COMODO Secure Shopping 23-10-2017 09:08:40 Installing COMODO Internet Security Premium 23-10-2017 09:09:56 Instalacja pakietu sterownika urządzenia: COMODO Usługa sieciowa ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Broadcom USH Description: Broadcom USH Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler pamięci masowej Description: Kontroler pamięci masowej Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (10/24/2017 07:25:45 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (10/24/2017 07:25:45 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (10/24/2017 07:25:45 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (10/24/2017 07:18:29 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/23/2017 09:25:24 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (10/23/2017 09:25:24 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (10/23/2017 09:25:24 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (10/23/2017 09:18:33 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/23/2017 09:10:39 AM) (Source: WinMgmt) (EventID: 24) (User: ) Description: Event provider CisWmi attempted to register query "SELECT * FROM CisFileRatingChange" whose target class "CisFileRatingChange" in //./root/cis namespace does not exist. The query will be ignored. Error: (10/23/2017 09:10:39 AM) (Source: WinMgmt) (EventID: 24) (User: ) Description: Event provider CisWmi attempted to register query "SELECT * FROM CisStatusChange" whose target class "CisStatusChange" in //./root/cis namespace does not exist. The query will be ignored. Dziennik System: ============= Error: (10/24/2017 07:18:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi MemPort z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/24/2017 07:18:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi IOPort z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/23/2017 09:28:24 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 20. Error: (10/23/2017 02:21:53 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT) Description: Odebrano następujący alert krytyczny: 20. Error: (10/23/2017 09:18:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi MemPort z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/23/2017 09:18:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi IOPort z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/23/2017 08:58:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi MemPort z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/23/2017 08:58:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi IOPort z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/23/2017 08:50:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi MemPort z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/23/2017 08:50:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi IOPort z powodu następującego błędu: Nie można odnaleźć określonego pliku. CodeIntegrity: =================================== Date: 2017-10-24 07:24:45.157 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-10-24 07:24:45.141 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-10-24 07:24:44.751 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-10-24 07:18:16.512 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-10-24 07:18:16.497 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-10-24 07:18:16.122 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-10-23 22:36:31.091 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-10-23 22:36:31.067 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-10-23 22:36:30.500 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-10-23 21:21:26.982 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-2540M CPU @ 2.60GHz Procent pamięci w użyciu: 38% Całkowita pamięć fizyczna: 8073.02 MB Dostępna pamięć fizyczna: 4991.66 MB Całkowita pamięć wirtualna: 16144.21 MB Dostępna pamięć wirtualna: 12978.89 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:111.79 GB) (Free:29.13 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 9EDB265C) Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================