Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 04.03.2018 Uruchomiony przez Administrator (06-03-2018 19:45:40) Uruchomiony z C:\Users\Administrator\Downloads Windows 7 Professional Service Pack 1 (X64) (2017-10-21 12:42:46) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2788730441-2907322347-830627286-500 - Administrator - Enabled) => C:\Users\Administrator Gość (S-1-5-21-2788730441-2907322347-830627286-501 - Limited - Disabled) T-1600 (S-1-5-21-2788730441-2907322347-830627286-1000 - Administrator - Enabled) => C:\Users\T-1600 ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: G DATA INTERNET SECURITY (Enabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885} AS: G DATA INTERNET SECURITY (Enabled - Up to date) {12A48B7F-CAF7-5864-4246-A92366268238} FW: G DATA Personal Firewall (Enabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-2788730441-2907322347-830627286-500\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.161 - Adobe Systems Incorporated) Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.3 (HKLM-x32\...\{175D1C2E-CEF4-4909-901D-52AF3CD8ECD2}) (Version: 12.3.1.201 - Adobe Systems, Inc) AIMP (HKLM-x32\...\AIMP) (Version: v4.50.2042, 30.10.2017 - AIMP DevTeam) Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.1 - Sereby Corporation) AnyMusic 5.0.0 (HKLM\...\4e5f07cb-57d0-511b-8d72-f92e9ac978dd) (Version: 5.0.0 - AmoyShare Technology Company) AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.) Assassin's Creed Revelations (HKLM-x32\...\Uplay Install 40) (Version: - Ubisoft) AutoCAD 2013 – Polski (Polish) (HKLM\...\{5783F2D7-B001-0000-0102-0060B0CE6BBA}) (Version: 19.0.55.0 - Autodesk) Hidden AutoCAD 2013 – Polski (Polish) (HKLM\...\{5783F2D7-B001-0415-2102-0060B0CE6BBA}) (Version: 19.0.55.0 - Autodesk) Hidden AutoCAD 2013 – Polski (Polish) (HKLM\...\AutoCAD 2013 – Polski (Polish)) (Version: 19.0.55.0 - Autodesk) AutoCAD 2013 Language Pack – Polski (Polish) (HKLM\...\{5783F2D7-B001-0415-1102-0060B0CE6BBA}) (Version: 19.0.55.0 - Autodesk) Hidden Autodesk Content Service (HKLM-x32\...\{62F029AB-85F2-0000-866A-9FC0DD99DDBC}) (Version: 3.0.84.0 - Autodesk) Hidden Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk) Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.0.84.0 - Autodesk) Hidden Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk) Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk) Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.) DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation) FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production) G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.4.0.2 - G DATA Software AG) Genie Timeline (HKLM-x32\...\Genie Timeline) (Version: 3.0 - Genie9) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.1.0 - Brother Industries, Ltd.) Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) Kingsoft PDF to Word SDK (2.0.1) (HKLM\...\{F0915BBA-A86F-4672-807D-30F38DFC2B44}) (Version: 2.0.1 - Zhuhai Kingsoft Office Software Co.,Ltd) Kolor Autopano Giga 3.7 (HKLM\...\AutopanoGiga3.7) (Version: V3.7.1 - Kolor) Malwarebytes (wersja 3.3.1.2183) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden Mathcad 14.0 M020 (HKLM-x32\...\{8796E14E-2031-463F-8A9A-31062B2652B4}) (Version: 14.0.2.0 - PTC) Mathcad 14.0 M020 Help (HKLM-x32\...\{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}) (Version: 14.0.2.0 - PTC) Mathcad 14.0 M020 Resource Center (HKLM-x32\...\{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}) (Version: 14.0.2.0 - PTC) Microsoft .NET Framework 4.7.1 (HKLM\...\{E0C7523C-686B-3EE6-8FB1-CB4339E30EDD}) (Version: 4.7.02558 - Microsoft Corporation) Microsoft .NET Framework 4.7.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.7.02558 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{4ffaf7b8-a84a-4813-840c-8b1f1343ae54}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{dd1e9bde-2ad6-4e92-8c07-7d4723eab8b8}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25711 (HKLM-x32\...\{1bffbfc8-3cfb-4b1d-aca9-64f1c7c9f811}) (Version: 14.12.25711.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25711 (HKLM-x32\...\{f381fb0a-b38e-44ab-bca5-7f651c8c6b93}) (Version: 14.12.25711.0 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation) Mozilla Firefox 58.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 58.0.2 (x64 pl)) (Version: 58.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) NVIDIA Sterownik graficzny 320.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.27 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.10.24870 - Electronic Arts, Inc.) Panel sterowania NVIDIA 320.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 320.27 - NVIDIA Corporation) Hidden PDF Architect 5 (HKLM-x32\...\PDF Architect 5) (Version: 5.0.26.34003 - pdfforge GmbH) PDF Architect 5 Create Module (HKLM\...\{E6BB3749-AC9F-4BDE-84D9-1E22EF689573}) (Version: 5.1.28.35989 - pdfforge GmbH) Hidden PDF Architect 5 Edit Module (HKLM\...\{CC1439A7-3054-4C5F-AF60-7F770DAD7793}) (Version: 5.1.28.35989 - pdfforge GmbH) Hidden PDF Architect 5 View Module (HKLM\...\{23AFD2CD-3930-451E-A27C-07A9457CE07F}) (Version: 5.1.28.35989 - pdfforge GmbH) Hidden PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.1.2 - pdfforge GmbH) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8351 - Realtek Semiconductor Corp.) SeaTools for Windows 1.4.0.6 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.6 - Seagate Technology) Sentinel HASP Run-time (HKLM-x32\...\{2A414CBE-CDF3-48C6-A91B-D3D4522F8EB5}) (Version: 5.10.1.17163 - SafeNet Inc.) SharewareOnSale Notifier (HKU\S-1-5-21-2788730441-2907322347-830627286-500\...\SharewareOnSale Notifier) (Version: 20 - SharewareOnSale) SMPlayer 17.11.0 (x64) (HKLM\...\SMPlayer) (Version: 17.11.0 - Ricardo Villalba) Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform) Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.12 - Stardock Software, Inc.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\1207658930_is1) (Version: 3.5.0.26 - GOG.com) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 - Ghisler Software GmbH) Total Uninstall 6 wersja 6.16.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.16.0 - ) Uplay (HKLM-x32\...\Uplay) (Version: 44.0 - Ubisoft) VSDC Free Video Editor version 5.8.6.806 (HKLM\...\VSDC Free Video Editor_is1) (Version: 5.8.6.806 - Flash-Integro LLC) WhereIsIt? 2014 (HKLM-x32\...\whereisit-wii_is1) (Version: 2014 - Robert Galle) WPS Office (10.2.0.5978) (HKLM-x32\...\Kingsoft Office) (Version: 10.2.0.5978 - Kingsoft Corp.) XnView 2.43 (HKLM-x32\...\XnView_is1) (Version: 2.43 - Gougelet Pierre-e) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2788730441-2907322347-830627286-500_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2788730441-2907322347-830627286-500_Classes\CLSID\{70239788-4DAE-49B8-9270-5D8614384B49}\InprocServer32 -> c:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll (Zhuhai Kingsoft Office Software Co.,Ltd) CustomCLSID: HKU\S-1-5-21-2788730441-2907322347-830627286-500_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2788730441-2907322347-830627286-500_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2013\pl-PL\acadficn.dll (Autodesk, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2012-02-07] (Autodesk, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2012-02-07] (Autodesk) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-11-25] (AIMP DevTeam) ContextMenuHandlers1: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G DATA\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG) ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2013-11-26] (Stardock) ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers3: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G DATA\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-11-25] (AIMP DevTeam) ContextMenuHandlers4: [AutopanoShell.ShellContextMenu] -> {4B4F4C4F-5220-4798-ABF3-EC03F7C8A498} => C:\Program Files\Kolor\Autopano Giga 3.7\AutopanoShell_x64.dll [2014-06-24] (Kolor) ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2013-11-26] (Stardock) ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2013-11-26] (Stardock) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-05-29] (NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G DATA\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG) ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2013-11-26] (Stardock) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers6: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G DATA\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG) ContextMenuHandlers1_S-1-5-21-2788730441-2907322347-830627286-500: [kpdf2wordshellext] -> {70239788-4DAE-49B8-9270-5D8614384B49} => c:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll [2017-11-25] (Zhuhai Kingsoft Office Software Co.,Ltd) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {347E5437-6501-47FA-A787-78E0F24FC4F0} - System32\Tasks\WpsUpdateTask_Administrator => c:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\wtoolex\wpsupdate.exe [2017-11-25] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {D0491F8D-95B7-4CB5-9FED-852A97F6F468} - System32\Tasks\WpsExternal_Administrator_20180306184928 => c:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe [2017-11-25] (Zhuhai Kingsoft Office Software Co.,Ltd) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2018-02-25 20:17 - 2013-05-29 06:51 - 000087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2018-03-02 22:41 - 2018-03-02 22:41 - 000075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2017-08-03 04:49 - 2017-08-03 04:49 - 000562664 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll 2018-03-06 19:33 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-02-15 18:04 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2017-11-25 00:35 - 2017-11-25 00:34 - 000064648 _____ () c:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\krpt.dll 2017-11-25 00:35 - 2017-11-25 00:35 - 009145480 _____ () c:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\QtCore4.dll 2017-11-25 00:35 - 2017-11-25 00:35 - 000226440 _____ () c:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\wpscloudsvrimp.dll 2017-11-25 00:35 - 2017-11-25 00:35 - 000901768 _____ () c:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\QtNetwork4.dll 2017-11-25 00:35 - 2017-11-25 00:34 - 000275592 _____ () c:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\curls.dll 2017-11-25 00:35 - 2017-11-25 00:35 - 011446408 _____ () c:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\QtWebKit4.DLL 2017-11-25 00:35 - 2017-11-25 00:35 - 000248456 _____ () c:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\phonon4.dll 2017-11-25 00:35 - 2017-11-25 00:34 - 000188552 _____ () c:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\addons\kpluginrunner\kpluginrunner.dll 2017-11-25 00:35 - 2017-11-25 00:35 - 000054408 _____ () c:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\rubyenv.dll 2017-11-25 02:39 - 2017-11-25 02:39 - 002253416 _____ () C:\Users\Administrator\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.48\ruby.dll 2017-11-25 02:39 - 2017-11-25 02:39 - 000251496 _____ () C:\Users\Administrator\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.48\qtruby4.dll 2017-11-25 00:35 - 2017-11-25 00:35 - 000032392 _____ () C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\smokebase.dll 2017-11-25 02:39 - 2017-11-25 02:39 - 003602024 _____ () C:\Users\Administrator\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.48\smokeqtcore.dll 2017-11-25 02:39 - 2017-11-25 02:39 - 000945768 _____ () C:\Users\Administrator\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.48\smokekso.dll 2017-11-25 02:39 - 2017-11-25 02:39 - 000046696 _____ () C:\Users\Administrator\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.48\win32api.dll 2017-11-25 02:39 - 2017-11-25 02:39 - 000082024 _____ () C:\Users\Administrator\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.48\win32ole.dll 2017-11-25 02:39 - 2017-11-25 02:39 - 000028776 _____ () C:\Users\Administrator\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.48\qtwebkitruby.dll 2017-11-25 02:39 - 2017-11-25 02:39 - 000276584 _____ () C:\Users\Administrator\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.48\smokeqtwebkit.dll 2017-11-25 02:39 - 2017-11-25 02:39 - 001048680 _____ () C:\Users\Administrator\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.48\QtScript4.dll 2017-11-25 02:39 - 2017-11-25 02:39 - 000030312 _____ () C:\Users\Administrator\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.48\strscan.dll 2017-11-25 00:35 - 2017-11-25 00:35 - 000038024 _____ () C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\qt\plugins\imageformats\qgif4.dll 2017-11-25 00:35 - 2017-11-25 00:35 - 000039560 _____ () C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\qt\plugins\imageformats\qico4.dll 2017-11-25 00:35 - 2017-11-25 00:35 - 000175240 _____ () C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\qt\plugins\imageformats\qjpeg4.dll 2017-11-25 00:35 - 2017-11-25 00:35 - 000275080 _____ () C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\qt\plugins\imageformats\qtiff4.dll 2017-11-25 00:35 - 2017-11-25 00:35 - 000136328 _____ () C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\qt\plugins\imageformats\qwdp4.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) HKU\S-1-5-21-2788730441-2907322347-830627286-500\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2788730441-2907322347-830627286-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{E3ED9D63-2B89-4B36-8F33-BECCABF04D05}] => (Allow) c:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5978\office6\wpscloudsvr.exe FirewallRules: [{9CE64E17-67FF-4CD3-8507-8B65BDF345A0}] => (Allow) LPort=50248 FirewallRules: [{5AA32700-1F9C-4BCF-8E79-6302402F9DDC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{511CED16-4AC1-4780-86D8-5E8F1B2A8F7D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{851A5523-466A-4611-983D-53251C6BD186}] => (Allow) C:\Windows\system32\hasplms.exe FirewallRules: [{54FB8905-5F25-4ADD-B2CD-BBFAA67C5AC4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{D3F451AC-75E4-4B5A-9504-C98D22B9F77A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{53E23963-713B-402F-B44F-BA9E83DD08FF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{5E6C8524-AC07-4A84-AD17-1B8FFF601081}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{D467AB72-C05A-479B-B959-F9571B9D31EB}C:\program files (x86)\gog galaxy\games\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\gog galaxy\games\the witcher 2\bin\witcher2.exe FirewallRules: [UDP Query User{FB3D1622-5CCF-4CCD-936A-4E85537CBBEF}C:\program files (x86)\gog galaxy\games\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\gog galaxy\games\the witcher 2\bin\witcher2.exe FirewallRules: [{C0D26E8A-FB96-4865-A6C4-106F78C6549A}] => (Allow) C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0FBC260C-189B-4ACB-B5B5-84F0DA6DE86C}] => (Allow) C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2BF4BB9E-CD34-4C6D-A1FC-79DB554AD057}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe FirewallRules: [{5657F7DA-6281-4182-97FE-B7D910DFC2A9}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe FirewallRules: [{76023F7E-92B4-4029-848D-4DE1D8C91289}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe FirewallRules: [{17788429-6397-4692-8E63-CE9D7731FA09}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe FirewallRules: [{27758706-438D-4A50-97CF-C65F73737DC2}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe FirewallRules: [{DD7C1B18-ECB5-487E-8FE9-7D2AC520F1A2}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe FirewallRules: [{99BAA617-E13B-4F11-9972-FB5846495E61}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Revelations\ACRSP.exe FirewallRules: [{7851687D-721E-4594-9BB3-E04D1ADB0B44}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Revelations\ACRSP.exe FirewallRules: [{771D5311-6029-4684-AAB1-8200B392670C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Revelations\ACRPR.exe FirewallRules: [{303ECF6D-8B6C-4BC1-AF16-41BB135AB44A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Revelations\ACRPR.exe FirewallRules: [{9B764126-4EC2-46EE-B2B6-C566B7EFA300}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Revelations\ACRMP.exe FirewallRules: [{37B0E7BC-4B2C-45F7-A24D-F656D718EC35}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Revelations\ACRMP.exe FirewallRules: [{8F642E3E-BCD7-4178-B469-6A877249A1CD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{CD33D496-A1D2-4F6A-8F7F-9F18A8A6B9FF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{524084D6-0BE6-4C57-90EC-256805D651CD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{D91BD60B-2A09-4881-8D10-4BC66A31A6E2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe ==================== Punkty Przywracania systemu ========================= 25-02-2018 19:11:38 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 25-02-2018 20:07:42 DDU Restore Point 01-03-2018 01:43:16 Installed PDF Architect 5 View Module 01-03-2018 01:44:37 Installed PDF Architect 5 Edit Module 01-03-2018 01:45:11 Installed PDF Architect 5 Create Module 01-03-2018 01:46:05 Installed Manager 02-03-2018 19:24:24 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 02-03-2018 19:24:59 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 02-03-2018 22:36:11 Zainstalowano: Microsoft Visual C++ 2005 Redistributable 02-03-2018 22:38:28 Zainstalowany program DirectX 06-03-2018 19:04:43 Restore Point Created by FRST ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Dziennik System: ============= Error: (03/06/2018 07:22:18 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Windows Update zawiesiła się podczas uruchamiania. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Xeon(R) CPU E31225 @ 3.10GHz Procent pamięci w użyciu: 31% Całkowita pamięć fizyczna: 4053.05 MB Dostępna pamięć fizyczna: 2757.17 MB Całkowita pamięć wirtualna: 8104.27 MB Dostępna pamięć wirtualna: 5998.86 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:232.88 GB) (Free:103.77 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive e: (DOKUMENTY I FILMY) (Fixed) (Total:127.99 GB) (Free:98.3 GB) NTFS Drive f: (ZDJĘCIA) (Fixed) (Total:104.89 GB) (Free:75.64 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: BFA3A3A8) Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 232.9 GB) (Disk ID: 11961195) Partition 1: (Active) - (Size=128 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=104.9 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================