Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 03.06.2018 Uruchomiony przez NergTHRONE (06-06-2018 19:22:51) Uruchomiony z C:\Users\NergTHRONE\Desktop Windows 7 Professional Service Pack 1 (X64) (2018-04-25 12:44:51) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1476387061-426778352-2266923776-500 - Administrator - Disabled) Gość (S-1-5-21-1476387061-426778352-2266923776-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1476387061-426778352-2266923776-1003 - Limited - Enabled) NergTHRONE (S-1-5-21-1476387061-426778352-2266923776-1000 - Administrator - Enabled) => C:\Users\NergTHRONE ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Acronis Disk Director 11 Home (HKLM-x32\...\{06E34C00-0446-4176-81C8-A5DAFE53CA36}) (Version: 11.0.2121 - Acronis) Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated) Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2077, 08.05.2018 - AIMP DevTeam) Andy Sneap Metal Foundry Presets (HKLM-x32\...\{30D0766D-5556-439F-9B1C-BFE5A2B78E56}) (Version: 1.0.0 - Toontrack) BASSMIDI System Synth (HKLM-x32\...\BASSMIDI System Synth) (Version: - ) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Camtasia 9 (HKLM\...\{5B345FC0-9E6D-4D22-9718-682DB0CF2414}) (Version: 9.0.0.1306 - TechSmith Corporation) Hidden Camtasia 9 (HKLM-x32\...\{357abfe9-0513-4326-9e53-3b7654e9819d}) (Version: 9.0.0.1306 - TechSmith Corporation) CGS17_Setup_x64 (HKLM\...\{83646B67-A878-4E95-BB4B-AF4A6E61F28C}) (Version: 17.0 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM\...\{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.491 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{FD4A43CE-ABAE-4161-83AC-314A3C804F42}) (Version: 17.0.491 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (HKLM\...\{2C91CB9D-323D-43E5-A433-229B71CFB773}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (HKLM\...\{9178F0A8-B6F6-4DA7-AD63-317CC4875F4B}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (HKLM\...\{BD036E95-A9CD-4DED-B744-95AB1DCAFF0C}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (HKLM\...\{5162E418-BB43-4C8F-ACD6-069645EF98C3}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (HKLM\...\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (HKLM\...\{D10A5CFA-FE33-4F06-AE37-554604F00A52}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (HKLM\...\{5406029B-67AD-4F8E-9F2D-F1959CD9CD86}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (HKLM\...\{EF44BCCD-13F9-4974-862C-CCFAF43EE082}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (HKLM\...\{13179AB2-69FD-459B-800F-81865A501AD4}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (HKLM\...\{C922F325-DD52-4E22-B204-431A06E63E51}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (HKLM\...\{1A73168F-5983-46A6-AAAB-FD83BC231E02}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PL (x64) (HKLM\...\{2EF3A93A-569E-4FD7-A5DF-64AF588B4FBA}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (HKLM\...\{C57EDB5A-AC8E-4E03-9F1A-DC013A2BB9B2}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (HKLM\...\{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (HKLM\...\{5672E0DC-7489-4EAC-8CFD-E01B3868FCB5}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (HKLM\...\{966996DC-D67C-40E3-8BD4-31FA0F093571}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (HKLM\...\{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation) CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== UWAGA DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 397.31 - NVIDIA Corporation) Hidden DisplayLink Core Software (HKLM\...\{8B03B41D-28B3-452F-825E-632AABB85B86}) (Version: 6.1.35667.0 - DisplayLink Corp.) DisplayLink Graphics (HKLM\...\{B2D59F49-0D58-4100-8BBE-64F3FF9DFD8D}) (Version: 6.1.35667.0 - DisplayLink Corp.) Edirol HQ Orchestral VSTi v1.03 (HKLM-x32\...\Edirol HQ Orchestral VSTi v1.03) (Version: - ) EZdrummer 2 32-bit (HKLM-x32\...\{7E36EB5B-0739-4DA7-BF26-E63DD2BECA76}) (Version: 2.0.0 - Toontrack) EZdrummer 2 32-bit Update (HKLM-x32\...\{CDE1FC7E-3E9A-48BA-BBB9-65C2026CA0A2}) (Version: 2.0.2 - Toontrack) EZdrummer 2 64-bit (HKLM\...\{B9217824-0EBE-49C7-98A0-A76CC46BBB7D}) (Version: 2.0.0 - Toontrack) EZdrummer 2 64-bit Update (HKLM\...\{11CC8964-9CB0-46E6-9218-CD39ED4A554D}) (Version: 2.0.2 - Toontrack) EZkeys Grand Piano 64 (HKLM\...\{23CA8D91-FD3B-4EE6-BBDF-B5924E7E44EB}) (Version: 1.0.1 - Toontrack) EZkeys Player 64-bit (HKLM\...\{35E5BAC5-47A5-449C-9244-C40659362DCF}) (Version: 1.1.1 - Toontrack) EZmix 64-bit (HKLM\...\{3D83CC9F-E2E1-47AE-B1AF-F6D3A8825196}) (Version: 2.0.9 - Toontrack) EZXMetalHeads (HKLM-x32\...\{F4F365AB-BD66-4775-A36A-E3D8055873FD}) (Version: 1.0.0 - Toontrack) EZXMetalMachine (HKLM-x32\...\{88A1D1DA-4327-4CAF-BA74-00D85D9353E8}) (Version: 1.0.0 - Toontrack) f.lux (HKU\S-1-5-21-1476387061-426778352-2266923776-1000\...\Flux) (Version: - f.lux Software LLC) FL Studio 12.0.2 (HKLM\...\FL Studio 12_is1) (Version: - ) FL Studio 8 (HKLM-x32\...\FL Studio 8) (Version: - Image-Line bvba) FL Studio ASIO (HKLM\...\FL Studio ASIO) (Version: - Image-Line) Gadu-Gadu 6.1 (HKLM-x32\...\Gadu-Gadu) (Version: - ) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden GIMP 2.10.0 (HKLM\...\GIMP-2_is1) (Version: 2.10.0 - The GIMP Team) Gladiator v1.2.2 (HKLM-x32\...\Tone2 Gladiator full_is1) (Version: - Tone2) GreenMachine Amp II v1.01 VST (HKLM-x32\...\GreenMachine Amp II v1.01 VST) (Version: - ) Hybrid (HKLM-x32\...\{a131ab43-5f9e-4241-87bf-e705d4045ac7}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hybrid Content (HKLM-x32\...\{77129154-5C4A-45D0-AFEF-5D9C2D307246}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden Hybrid VST32 (HKLM-x32\...\{592BA348-DA75-42DE-91C1-54FD5D62ABE8}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden Hybrid VST64 (HKLM\...\{EB4543A3-A9D8-4354-94BE-22400A619F7A}) (Version: 3.0.7.19000 - AIR Music Tech GmbH) Hidden IK Multimedia Authorization Manager version 1.0.19 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.19 - IK Multimedia) iNFekt NFO Viewer (HKLM\...\{B1AC8E6A-6C47-4B6D-A853-B4BF5C83421C}_is1) (Version: 0.9.5 - syndicode) Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel) Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.4.43 - Intel Corporation) K-Lite Codec Pack 14.1.0 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.1.0 - KLCP) Kontakt 5 PORTABLE (HKLM\...\{8C14C049-8207-4015-BC26-02FEB0BEE9C7}_is1) (Version: 5.8.0.36 - Native Instruments) Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation) Microsoft .NET Framework 4.7.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.7.02558 - Microsoft Corporation) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 3.2.116.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) MODO BASS version 1.5.1 (HKLM\...\{C882B130-90DD-4F00-9D6B-2F58D923E92B}_is1) (Version: 1.5.1 - IK Multimedia) Moo0 Video Cutter 1.10 (HKLM-x32\...\Moo0 VideoCutter) (Version: - ) Mozilla Firefox 59.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 59.0.2 (x64 pl)) (Version: 59.0.2 - Mozilla) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.6 - Notepad++ Team) NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Sterownik graficzny 397.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 397.31 - NVIDIA Corporation) Opera Stable 53.0.2907.68 (HKLM-x32\...\Opera 53.0.2907.68) (Version: 53.0.2907.68 - Opera Software) PACE License Support Win64 (HKLM\...\{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.) Hidden PACE License Support Win64 (HKLM-x32\...\InstallShield_{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 - PACE Anti-Piracy, Inc.) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden Panel sterowania NVIDIA 397.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 397.31 - NVIDIA Corporation) Hidden PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden PoiZone (HKLM-x32\...\PoiZone) (Version: - Image-Line bvba) PreSonus Studio One 3 x64 (HKLM\...\PreSonus Studio One 3) (Version: 3.5.1.43560 - PreSonus Audio Electronics) RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios) reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - ) Remo Recover (HKLM\...\{993DAF7C-A5F8-42EA-81D4-DAE3C9D2D1F7}_is1) (Version: 3.0.0.108 - Remo Software) SONiVOX Orchestral Companion Strings (HKLM-x32\...\SONiVOX OrchestralCompanionStrings_is1) (Version: - ) Spectrasonics Stylus RMX Library version 1.0 (HKLM-x32\...\Spectrasonics Stylus RMX Library_is1) (Version: - Copyright (C) 2005-2011 Spectrasonics) Spectrasonics Stylus RMX VSTi Plug-In version 1.9 (HKLM-x32\...\Spectrasonics Stylus RMX VSTi Plug-In_is1) (Version: - Copyright (C) 2005-2011 Spectrasonics) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Starplugs-Hammer 1.01 (HKLM-x32\...\Starplugs-Hammer) (Version: 1.01 - Starplugs) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Superior Drummer 3 64-bit (HKLM\...\{601B23D3-45DC-4B2B-BAEB-FACA2F9A3656}) (Version: 3.0.1 - Toontrack) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.9 - TeamSpeak Systems GmbH) teVirtualMIDI64 (HKLM\...\{300D1BB9-FA9E-40EA-ADD8-934D5066F6D5}) (Version: 1.2.11.41 - Tobias Erichsen) The KMPlayer (CUTA 2.4) (HKLM-x32\...\The KMPlayer (CUTA 2.4)) (Version: 2.4 - RePack by CUTA) Tixati (HKLM-x32\...\tixati) (Version: - ) Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version: - Image-Line bvba) Tracktion Software Collective (HKLM\...\Collective_is1) (Version: 1.0.4 - Tracktion Software) UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version: - ) UM-ONE Driver (HKLM\...\RolandRDID0115) (Version: - Roland Corporation) Universal Control (HKLM\...\Universal Control) (Version: 2.7.0.47644 - PreSonus Audio Electronics, Inc) Vanguard Demo 1.03 (HKLM-x32\...\Vanguard Demo_is1) (Version: - ) Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment) WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH) XLN Audio Addictive Drums 2 (HKLM\...\Addictive Drums 2_is1) (Version: 2.1.5 - XLN Audio) XLN Audio Addictive Keys (HKLM\...\Addictive Keys_is1) (Version: 1.1.4 - XLN Audio) Xpand!2 (HKLM-x32\...\{dadbcc76-2a7e-4f53-a77a-3868c51bdd80}) (Version: 2.2.7.19000 - AIR Music Tech GmbH) Xpand!2 Content (HKLM-x32\...\{AEB475C2-FC86-4082-87D7-352DFB075B2C}) (Version: 2.2.7.19000 - AIR Music Tech GmbH) Hidden Xpand!2 Factory Content (HKLM-x32\...\{C1149DC5-F5B9-455E-B6B3-B81D9B5C80A0}) (Version: 2.2.7.19000 - AIR Music Tech GmbH) Hidden Xpand!2 VST32 (HKLM-x32\...\{87716891-1EC0-46CC-8821-5A4DC75EEFD7}) (Version: 2.2.7.19000 - AIR Music Tech GmbH) Hidden Xpand!2 VST64 (HKLM\...\{B9802F00-659C-4C21-9BA5-0958BAC6EFEF}) (Version: 2.2.7.19000 - AIR Music Tech GmbH) Hidden Zero-G Phaedra (HKLM-x32\...\Zero-G Phaedra) (Version: - ) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1476387061-426778352-2266923776-1000_Classes\CLSID\{B3F5EDE0-4267-49eb-A775-799895476453}\InprocServer32 -> C:\Program Files\iNFekt\infekt-nfo-shell.dll (syndicode) CustomCLSID: HKU\S-1-5-21-1476387061-426778352-2266923776-1000_Classes\CLSID\{B8D080EE-9541-460f-A1AE-7C43CDA96C0F}\InprocServer32 -> C:\Program Files\iNFekt\infekt-nfo-shell.dll (syndicode) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll -> Brak pliku ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-03-19] () ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-02-17] () ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-02-17] () ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (EZB Systems, Inc.) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll -> Brak pliku ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (EZB Systems, Inc.) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-02-17] () ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-02-17] () ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-04-22] (NVIDIA Corporation) ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (EZB Systems, Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-02-17] () ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-02-17] () ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0077CE59-B19B-4916-B8D3-9F017FC5B2EB} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Moo0 VideoCutter 1.10\VideoCutter.exe [2018-01-29] (Moo0) Task: {0687ACA3-3F6A-4AD6-B123-0642D6F8BC3F} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control Task: {18D164D6-D9CE-4482-A699-79DCF0D906BB} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2017-10-11] (Microsoft Corporation) Task: {5B3B1E91-C48F-4FFD-8C17-1A5057132DA8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe [2018-05-13] (Adobe Systems Incorporated) Task: {6011C840-3F51-4B62-8FFA-47BEA7B2A099} - System32\Tasks\Opera scheduled Autoupdate 1524670308 => C:\Program Files\Opera\launcher.exe [2018-05-23] (Opera Software) Task: {6CED0AD8-AD97-4C2C-A705-3956E6097F3D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2017-10-11] (Microsoft Corporation) Task: {85D6E913-2FE2-49AA-9B68-906DE562ED83} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2017-10-11] (Microsoft) Task: {92C9F28F-48ED-431D-87D4-01C444B3E6F5} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2017-10-11] (Microsoft Corporation) Task: {BFBD8D68-C135-492E-9F28-C6FC4CDBE696} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [2017-10-11] (Microsoft) Task: {C0D36DD8-F16E-4B09-B162-D8F223667B9A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2017-10-11] (Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\NergTHRONE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 8\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk ==================== Załadowane moduły (filtrowane) ============== 2018-04-25 15:40 - 2018-04-22 08:52 - 000138128 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2010-09-29 19:30 - 2010-09-29 19:30 - 002139400 _____ () C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe 2016-02-06 04:17 - 2016-02-06 04:17 - 000118272 _____ () C:\Windows\system32\bassmididrv\bassmididrv.dll 2018-04-25 15:50 - 2012-02-17 20:55 - 000193536 _____ () C:\Program Files\WinRAR\rarext.dll 2018-03-19 01:40 - 2018-03-19 01:40 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll 2018-05-20 14:36 - 2018-05-30 02:45 - 083910632 _____ () D:\STEAM\steamapps\common\Cryptic Studios\Neverwinter.exe 2018-05-20 14:31 - 2018-05-01 09:32 - 000788256 _____ () D:\STEAM\SDL2.dll 2018-05-20 14:31 - 2016-09-01 03:02 - 004969248 _____ () D:\STEAM\v8.dll 2018-05-20 14:31 - 2016-09-01 03:02 - 001563936 _____ () D:\STEAM\icui18n.dll 2018-05-20 14:31 - 2016-09-01 03:02 - 001195296 _____ () D:\STEAM\icuuc.dll 2018-05-20 14:31 - 2018-06-01 21:02 - 002632480 _____ () D:\STEAM\video.dll 2018-05-20 14:31 - 2017-12-20 03:43 - 005137696 _____ () D:\STEAM\libavcodec-57.dll 2018-05-20 14:31 - 2017-12-20 03:43 - 000847136 _____ () D:\STEAM\libavutil-55.dll 2018-05-20 14:31 - 2017-12-20 03:43 - 000695584 _____ () D:\STEAM\libavformat-57.dll 2018-05-20 14:31 - 2017-12-20 03:43 - 000351520 _____ () D:\STEAM\libavresample-3.dll 2018-05-20 14:31 - 2017-12-20 03:43 - 000783648 _____ () D:\STEAM\libswscale-4.dll 2018-05-20 14:31 - 2018-06-01 21:02 - 000979744 _____ () D:\STEAM\bin\chromehtml.DLL 2018-05-20 14:31 - 2016-07-05 00:17 - 000266560 _____ () D:\STEAM\openvr_api.dll 2018-05-20 14:32 - 2018-05-01 09:32 - 000788256 _____ () D:\STEAM\bin\cef\cef.win7\SDL2.dll 2018-05-20 14:32 - 2018-05-14 21:39 - 083524384 _____ () D:\STEAM\bin\cef\cef.win7\libcef.dll 2018-05-20 14:31 - 2015-09-25 01:52 - 000119208 _____ () D:\STEAM\winh264.dll 2018-05-20 14:32 - 2018-05-14 21:39 - 002253600 _____ () D:\STEAM\bin\cef\cef.win7\swiftshader\libglesv2.dll 2018-05-20 14:32 - 2018-05-14 21:39 - 000109856 _____ () D:\STEAM\bin\cef\cef.win7\swiftshader\libegl.dll 2018-04-17 15:40 - 2018-04-17 15:40 - 000244976 _____ () C:\Program Files\PreSonus\Universal Control\Drivers\AudioBox\x86\paeusbaudioapi.dll 2018-05-09 18:43 - 2018-05-09 18:43 - 003226624 _____ () C:\Program Files\PreSonus\Universal Control\ipp.dll 2018-04-17 15:34 - 2018-04-17 15:34 - 001160192 _____ () C:\Program Files\PreSonus\Universal Control\vectorlib.dll 2018-05-20 14:36 - 2013-09-21 01:52 - 022217728 _____ () D:\STEAM\steamapps\common\Cryptic Studios\libcef.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData:8670E258FEF1D39F [217] AlternateDataStreams: C:\Users\All Users:8670E258FEF1D39F [217] AlternateDataStreams: C:\ProgramData\Application Data:8670E258FEF1D39F [217] AlternateDataStreams: C:\ProgramData\Dane aplikacji:8670E258FEF1D39F [217] AlternateDataStreams: C:\ProgramData\PACE:CBFE09AEAC244838 [217] AlternateDataStreams: C:\ProgramData\TEMP:65A7E066 [286] AlternateDataStreams: C:\ProgramData\TEMP:EC2E1DEC [464] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2018-06-03 22:43 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1476387061-426778352-2266923776-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\NergTHRONE\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 62.179.1.63 - 62.179.1.62 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: Steam => "D:\STEAM\steam.exe" -silent MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{90F9C346-132A-4CBD-AE35-B1BF738A5345}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{A1E50D9E-08C8-41A9-A055-5B2688AC3F43}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{EF806A7A-5200-4A08-8D4E-31504226EDD2}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe FirewallRules: [UDP Query User{973283B1-1524-4814-836F-166B5B31B078}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe FirewallRules: [{12A48B82-9F29-47C2-B664-86ED7E710716}] => (Allow) C:\Program Files\Opera\52.0.2871.97\opera.exe FirewallRules: [{76564C48-7824-41BB-87AE-AA9792342E0B}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{49288834-A056-4198-B88D-72DEB6A7EB6F}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{5BBA0250-DAB5-4B1E-816E-253F3FC27CED}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{D397ECB5-3A04-41EC-A6A7-06BFAFF2578C}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{1AFD9F4E-62AA-47EE-A2FF-3C6797A1C0DA}] => (Allow) D:\Steam\steamapps\common\Cryptic Studios\Neverwinter.exe FirewallRules: [{782A0E45-5709-4787-9F1C-A0B2836A86C4}] => (Allow) D:\Steam\steamapps\common\Cryptic Studios\Neverwinter.exe FirewallRules: [{DD87E293-E5EA-4C42-899E-BC99F5B7AE7F}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{2F6486DF-5C88-4D0C-9B8F-3EFA8CBBA5C5}] => (Allow) D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{3506E08C-5C01-47B8-86E9-C9A740BF35C7}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{9619DDE5-C7DA-4772-8884-EB49FC27062A}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{159A173E-BD5E-4831-9B47-476578D34AC7}C:\program files (x86)\gadu-gadu\gg.exe] => (Allow) C:\program files (x86)\gadu-gadu\gg.exe FirewallRules: [UDP Query User{545D2F15-5E80-4280-A4F9-C29F58B8B05B}C:\program files (x86)\gadu-gadu\gg.exe] => (Allow) C:\program files (x86)\gadu-gadu\gg.exe FirewallRules: [{1BC16076-2B9B-4F34-8815-AABDDA111AD6}] => (Block) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{B980770B-2358-47ED-A498-58158A10FD0B}] => (Block) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{CF5FFAA3-0BB7-4C32-9FE2-D849E76633F1}] => (Block) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{B6511539-AA0E-469A-A6AD-351ADAA28E09}] => (Block) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{835512C3-97DB-436B-9CA8-EB2110E33157}G:\program files (32)\fl studio 8\fl.exe] => (Block) G:\program files (32)\fl studio 8\fl.exe FirewallRules: [UDP Query User{EE220EA2-DC44-4F32-8622-739D79B75265}G:\program files (32)\fl studio 8\fl.exe] => (Block) G:\program files (32)\fl studio 8\fl.exe FirewallRules: [{01306A3C-3920-46CB-A6E0-4315F7D4CD3C}] => (Block) G:\Program Files (64)\Studio One 3 Pro\Studio One.exe FirewallRules: [TCP Query User{09EDE1C3-93DD-41D6-AD8D-46E42DD7B3F5}D:\warcraft iii\warcraft iii\warcraft iii.exe] => (Allow) D:\warcraft iii\warcraft iii\warcraft iii.exe FirewallRules: [UDP Query User{13527702-DCC9-4633-BCC3-492D42E0D6CC}D:\warcraft iii\warcraft iii\warcraft iii.exe] => (Allow) D:\warcraft iii\warcraft iii\warcraft iii.exe FirewallRules: [TCP Query User{4DAD4820-CD5C-4CCC-8BAB-D17F5A750401}D:\starcraft ii\versions\base64469\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base64469\sc2_x64.exe FirewallRules: [UDP Query User{BD4261BF-E0F1-4366-86A0-92F95D89CE2E}D:\starcraft ii\versions\base64469\sc2_x64.exe] => (Allow) D:\starcraft ii\versions\base64469\sc2_x64.exe FirewallRules: [TCP Query User{7C442DA4-902A-4B23-AE2A-B54AC8E25CBD}D:\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) D:\steam\steamapps\common\riders of icarus\bin64\launcher.exe FirewallRules: [UDP Query User{9E7D1EE4-C999-472C-A886-BBC8A167DFA9}D:\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) D:\steam\steamapps\common\riders of icarus\bin64\launcher.exe FirewallRules: [TCP Query User{4B9FAE76-4E10-43BB-9237-E6C698C9FAA1}D:\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe] => (Allow) D:\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe FirewallRules: [UDP Query User{32F00FE2-DC72-4C36-A086-5EA11FB222FF}D:\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe] => (Allow) D:\steam\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe FirewallRules: [{E74F8D34-4823-4EEC-8247-FCA9703326E2}] => (Allow) D:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{60473FF6-3381-434E-804C-B165E8C665B3}] => (Allow) D:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{4D397160-C132-4D7D-9560-E58D088C0359}] => (Block) LPort=0 FirewallRules: [{573CE690-F382-4C6C-BAEB-97F4213C2C16}] => (Block) C:\Program Files\TechSmith\Camtasia 9\CamtasiaStudio.exe FirewallRules: [{85E98835-6C34-478E-AB21-330152A110D8}] => (Block) C:\Program Files\TechSmith\Camtasia 9\CamRecorder.exe FirewallRules: [{94BFC1D2-29E7-4CFA-8C03-B194BCD2E230}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [{84381D95-3140-4248-AA52-C39D7A76E600}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe FirewallRules: [{2E273709-55FC-454D-BFB0-3B64D4B61FEB}] => (Allow) D:\STEAM\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe FirewallRules: [{048A9294-650A-4EB6-A830-0CF5ACDBBE11}] => (Allow) D:\STEAM\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe FirewallRules: [{15179461-959E-4E19-8FF4-DAC6D5B8DDE3}] => (Allow) D:\STEAM\steamapps\common\raceroom racing experience\Game\RRRE.exe FirewallRules: [{79990CE5-3FFB-4657-8219-2332D3E305B8}] => (Allow) D:\STEAM\steamapps\common\raceroom racing experience\Game\RRRE.exe FirewallRules: [{0CB34971-51DC-4A81-AC5C-665D2D7357B5}] => (Allow) C:\Program Files\Opera\53.0.2907.68\opera.exe FirewallRules: [{6C95B66D-187B-4E0D-8797-60BC3DEF609C}] => (Allow) C:\Program Files\PreSonus\Universal Control\Universal Control.exe FirewallRules: [{5F70BF75-4F78-4057-8217-F7B92A50D4CD}] => (Allow) C ==================== Punkty Przywracania systemu ========================= 03-06-2018 22:52:55 ComboFix created restore point 03-06-2018 22:53:55 Punkt przywracania utworzony przez HitmanPro 03-06-2018 22:55:30 Punkt przywracania utworzony przez HitmanPro 06-06-2018 14:18:53 Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 06-06-2018 14:19:10 Installed teVirtualMIDI64 ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Kontroler magistrali zarządzania systemem Description: Kontroler magistrali zarządzania systemem Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (06/06/2018 12:24:36 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/05/2018 03:40:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/04/2018 09:01:20 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/03/2018 10:55:38 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x000003f8,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0000000002EEEC40.72). hr = 0x80070005, Odmowa dostępu. . Error: (06/03/2018 10:55:38 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x000003f4,(null),0,REG_BINARY,0000000000F5E500.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {be930779-ea03-4366-bfd2-33f9dcdfb097} Error: (06/03/2018 10:55:38 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x00000ca8,(null),0,REG_BINARY,000000000ABBE500.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {cd3f2362-8bef-46c7-9181-d62844cdc0b2} Nazwa modułu zapisującego: MSSearch Service Writer Identyfikator wystąpienia modułu zapisującego: {af1cb19f-f339-4111-ba69-02bf2be6d8a7} Error: (06/03/2018 10:55:38 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x000005d8,(null),0,REG_BINARY,000000000212E1C0.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} Nazwa modułu zapisującego: WMI Writer Identyfikator wystąpienia modułu zapisującego: {5ed8291a-cfe7-414c-8b68-d74a8b1ff8e6} Error: (06/03/2018 10:55:38 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x000003f4,(null),0,REG_BINARY,0000000000F5E500.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {be930779-ea03-4366-bfd2-33f9dcdfb097} Dziennik System: ============= Error: (06/06/2018 12:24:12 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 106) (User: ZARZĄDZANIE NT) Description: Wykryto uszkodzenie w dzienniku dotyczącym kanału Microsoft-Windows-GroupPolicy/Operational. Niektóre dane zostały wymazane. Error: (06/03/2018 10:43:10 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (06/03/2018 10:42:50 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (06/03/2018 10:40:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (06/03/2018 10:02:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa udostępniania w sieci programu Windows Media Player z powodu następującego błędu: Usługa nie została uruchomiona z powodu nieudanego logowania. Error: (06/03/2018 10:02:22 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Usługa WMPNetworkSvc nie może zalogować się jako NT AUTHORITY\NetworkService za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: Żądanie nie jest obsługiwane. Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error: (06/03/2018 10:01:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa DisplayLinkManager niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 1000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (06/03/2018 10:01:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa NVIDIA Display Container LS niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 6000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Windows Defender: =================================== Date: 2018-04-25 14:42:14.731 Description: Produkt Windows Defender napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą:Bieżące Kod błędu:0x80070003 Opis błędu:System nie może odnaleźć określonej ścieżki. Wersja podpisu:0.0.0.0 Wersja aparatu:0.0.0.0 CodeIntegrity: =================================== Date: 2018-06-03 22:42:50.959 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-06-03 22:42:50.943 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Pentium(R) CPU G3420 @ 3.20GHz Procent pamięci w użyciu: 41% Całkowita pamięć fizyczna: 8111.09 MB Dostępna pamięć fizyczna: 4712.97 MB Całkowita pamięć wirtualna: 16220.36 MB Dostępna pamięć wirtualna: 12059.93 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:232.88 GB) (Free:160.17 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: (GRY) (Fixed) (Total:931.51 GB) (Free:893.2 GB) NTFS Drive e: (TORRENT TEMP) (Fixed) (Total:300.19 GB) (Free:94.33 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive f: (FOTY) (Fixed) (Total:301.49 GB) (Free:118.38 GB) NTFS Drive g: (STUDIO) (Fixed) (Total:1863.01 GB) (Free:573.87 GB) NTFS Drive i: (MUZYKA) (Fixed) (Total:329.83 GB) (Free:143.42 GB) NTFS Drive j: (KUFER - 3) (Fixed) (Total:728.21 GB) (Free:152.79 GB) NTFS Drive p: (%Przywaracanie SYSTEMU%) (Fixed) (Total:200.3 GB) (Free:125.06 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: EFE7FFC5) Partition 2: (Not Active) - (Size=931.5 GB) - (Type=0F Extended) ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 3360F6E5) Partition 1: (Active) - (Size=300.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=631.3 GB) - (Type=0F Extended) ======================================================== Disk: 2 (Size: 931.5 GB) (Disk ID: 0008B096) Partition 2: (Not Active) - (Size=928.5 GB) - (Type=0F Extended) ======================================================== Disk: 3 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: D39CE856) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 4 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 4E934E93) Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================