Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 06.06.2018 01 Uruchomiony przez admin2 (09-06-2018 18:50:58) Uruchomiony z C:\Users\admin2\Downloads Windows 10 Pro Wersja 1803 17134.48 (X64) (2018-05-22 11:56:23) Tryb startu: Safe Mode (with Networking) ========================================================== ==================== Konta użytkowników: ============================= admin2 (S-1-5-21-2862956822-3711799914-673392495-1002 - Administrator - Enabled) => C:\Users\admin2 Administrator (S-1-5-21-2862956822-3711799914-673392495-500 - Administrator - Disabled) Gość (S-1-5-21-2862956822-3711799914-673392495-501 - Limited - Disabled) Konto domyślne (S-1-5-21-2862956822-3711799914-673392495-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2862956822-3711799914-673392495-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-2862956822-3711799914-673392495-1002\...\uTorrent) (Version: 3.5.3.44396 - BitTorrent Inc.) Action Quake 2 Install v2 (HKLM-x32\...\Action Quake 2 Install v2) (Version: - ) ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.5.2 - ASUSTek COMPUTER INC.) Hidden ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.4.5.2 - ASUSTek COMPUTER INC.) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.4.2338 - AVAST Software) BitPay version 4.3.5 (HKLM-x32\...\2d1002d7-ee34-4f60-bd29-0c871ba0c195_is1) (Version: 4.3.5 - BitPay) Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden Chrome Remote Desktop Host (HKLM-x32\...\{FBB43A99-0B72-461A-A6D2-2F1B54D36B69}) (Version: 66.0.3359.12 - Google Inc.) ClamWin Free Antivirus 0.99.4 (HKLM-x32\...\ClamWin Free Antivirus_is1) (Version: - alch) DiRT 4 (HKLM\...\ZGlydDQ_is1) (Version: 1 - ) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.11 - NVIDIA Corporation) Hidden FIFA 18 (HKLM-x32\...\{213CC10A-B8CB-4EBA-B277-6B08B7C22A65}) (Version: 1.0.56.56285 - Electronic Arts) FIFA 18 (HKLM-x32\...\FIFA 18_is1) (Version: - ) Fraps (HKLM-x32\...\Fraps) (Version: - ) Futuremark SystemInfo (HKLM-x32\...\{71BFECB2-2CFD-4E6A-A8AF-4EE600A816B7}) (Version: 5.3.629.0 - Futuremark) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.79 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Heroes of Might and Magic III - Złota Edycja (HKLM-x32\...\{8B743AA0-53B2-11D2-808A-00600895FB43}) (Version: 1.0 - ) I-Doser v4 (HKU\S-1-5-21-2862956822-3711799914-673392495-1002\...\I-Doser v4) (Version: - ) Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Kingdom Come: Deliverance (HKLM-x32\...\Kingdom Come: Deliverance_is1) (Version: - ) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Need For Speed Most Wanted Black Edition version 1.3.0.0 (HKLM-x32\...\Need For Speed Most Wanted Black Edition_is1) (Version: 1.3.0.0 - Mr DJ) NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.11 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation) NVIDIA Sterownik graficzny 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.11 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) OpenOffice 4.1.5 (HKLM-x32\...\{7076105B-6FE8-464A-AC28-FFBB2686B68F}) (Version: 4.15.9789 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 10.5.20.63112 - Electronic Arts, Inc.) Panel sterowania NVIDIA 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.11 - NVIDIA Corporation) Hidden PCSX2 - Playstation 2 Emulator (HKLM-x32\...\PCSX2-beta-r1888) (Version: - ) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - ) PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.) Sid Meiers Civilization VI (HKLM-x32\...\Sid Meiers Civilization VI_is1) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1F3E59DD-7DCE-4103-9528-57DA43134312}) (Version: 2.9.0.0 - Microsoft Corporation) UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden Virtua Tennis 4™ (HKLM-x32\...\{53450FA2-E900-456E-9715-501000008200}) (Version: 1.0.0000.130 - SEGA) Hidden Virtua Tennis 4™ (HKLM-x32\...\GFWL_{53450FA2-E900-456E-9715-501000008200}) (Version: 1.0.0000.130 - SEGA) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation) WinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2862956822-3711799914-673392495-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\admin2\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64\FileSyncShell64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-2862956822-3711799914-673392495-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\admin2\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64\FileSyncShell64.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-2862956822-3711799914-673392495-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\admin2\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64\FileSyncShell64.dll => Brak pliku ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-18] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Brak pliku ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-18] (AVAST Software) ContextMenuHandlers1: [ClamWin] -> {65713842-C410-4f44-8383-BFE01A398C90} => C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll [2008-04-19] () ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-18] (AVAST Software) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-06-01] (NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-18] (AVAST Software) ContextMenuHandlers6: [ClamWin] -> {65713842-C410-4f44-8383-BFE01A398C90} => C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll [2008-04-19] () ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0CDDAC7E-44A8-4B3A-B8CD-694131A91DF9} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-06-01] (NVIDIA Corporation) Task: {18B8C4B6-3538-4A81-BA62-4E674FA529A0} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-06-01] (NVIDIA Corporation) Task: {2E88036A-359E-465D-A668-4E87DDCC82EB} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2862956822-3711799914-673392495-1002 Task: {3E7A005F-269E-493E-8B45-023E15EF95D4} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe Task: {4B2F5D9F-0910-4E1B-8C98-32E6C39432A0} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe Task: {5DB72EEC-13CD-4D4D-B6B3-61C0BF4162F2} - System32\Tasks\{8CBB3A06-B2D8-5979-8B3C-196EFC6FECB6} => C:\WINDOWS\vDaBa.exe [2017-09-29] (Microsoft Corporation) Task: {5F68FB74-3704-4E0F-9E62-C895CE03A760} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-06-01] (NVIDIA Corporation) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {68E3A816-4217-42F4-9DC4-398C4770ADE8} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe Task: {6DBE2979-6F08-4620-9DDE-E711A24577BD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-05-18] (AVAST Software) Task: {6F052391-3085-449C-982D-A04495079C9E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-13] (Google Inc.) Task: {893AB056-5C98-469C-8479-1837EA941396} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA Task: {9118F17F-964E-42E7-9D9E-F6B1FBE1AA70} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-05] (AVAST Software) Task: {98CD8430-8C94-4774-AB62-006FE7BDFCB6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-13] (Google Inc.) Task: {A53BC848-9B6F-4658-90B8-DACAA7F2C997} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-06-01] (NVIDIA Corporation) Task: {A7905800-FCF2-435B-90B2-55C29082F815} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-06-01] (NVIDIA Corporation) Task: {B03DEF79-6B0F-47EF-BE1D-1FA136F37624} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2862956822-3711799914-673392495-1001 => C:\Users\admin2\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {B2454FF3-35B2-4B60-986A-32D20C7736B9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-06-01] (NVIDIA Corporation) Task: {BB9919AB-5344-4549-9002-6B7AE0230193} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-06-01] (NVIDIA Corporation) Task: {D3A596F3-2994-443B-BD0F-51AE13C32766} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [2017-04-12] (TODO: ) Task: {F1C6ADA8-9FFA-4192-9E91-34898D2A7B75} - System32\Tasks\{701FA3D0-980C-6BFB-E6C6-7A3A56AA2FF2} => C:\WINDOWS\IIGoCow.exe [2017-09-29] (Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-04-12 01:35 - 2018-04-12 17:56 - 002184704 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-06-06 23:10 - 2018-06-06 03:25 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.79\libglesv2.dll 2018-06-06 23:10 - 2018-06-06 03:25 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.79\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2015-10-30 09:24 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2862956822-3711799914-673392495-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\admin2\Pictures\universe.jpg DNS Servers: 192.168.1.1 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "XboxStat" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-2862956822-3711799914-673392495-1002\...\StartupApproved\Run: => "True Color Pro" HKU\S-1-5-21-2862956822-3711799914-673392495-1002\...\StartupApproved\Run: => "ScreenSplitter" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{D614B4D5-986F-4FB9-AB0A-8C6CB7AFDB43}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{82B1CE22-1A52-4568-AC8B-553071E69D9F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{DA941046-5D39-4FAC-9CFC-36EBA46CB7F2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [UDP Query User{6D163BAF-C44F-4D76-8292-F7A229052DBF}H:\fifa 18\fifa18.exe] => (Allow) H:\fifa 18\fifa18.exe FirewallRules: [TCP Query User{60E3B9E8-F4C9-4094-9890-B7E39FC5502A}H:\fifa 18\fifa18.exe] => (Allow) H:\fifa 18\fifa18.exe FirewallRules: [{A064F204-E4B9-4AA4-A0FA-3D819517F9CC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{99499EF0-05FC-4804-A753-E809C71B0E62}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{E320CF68-C2B2-4AB5-8DBE-1F0B80B8DA1C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{CCCF7797-99A8-41CE-AB64-D14C76F46BFF}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{FC08AE97-1176-4BC2-83A8-C15741D7BFB0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{50917721-58F0-499A-A3C1-9698013A80BB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{80C06537-F028-4D14-B6BD-6B54689DA0FC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{4CF9A106-09EF-47DF-98DE-9D0371C7FEB0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{64008CF6-81A8-4A11-8CFB-ADF3AF8C1AAD}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{182EF0DC-7CD1-4A03-B709-195501E407D8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{9E6B1F54-25D4-4F72-8081-2AE754FC9D62}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{9113CCE6-B27A-42E8-88B2-3B621895F38E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{6AD49B3E-E2A2-44FD-B77A-BA00E5E52819}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{3FAC7F2E-5540-4D91-A7B2-571E64A4751B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{F712EABF-EFC9-43F2-A81C-24CAA1F77730}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{C5AA2BFF-03CD-4AC5-AF05-67F5A71FD9E0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{9BC65380-4480-492F-933F-BE8885F28ED1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{2C1040CF-8559-43E8-AF75-C3E42C49C29B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{4A7855A1-619F-42A9-8AB0-5193036DCDE4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{77B87FD3-9538-446F-8A98-A29F09500296}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{439866B2-04DB-4716-AB69-FB564CE4CCF5}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{1AC5472E-4AE9-4CB2-BA8F-8E4C4A1C289C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{9EB31344-4C7C-4F78-996B-1699F8DA32EA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{F12FFFCE-9EDC-4EA0-9624-5F660C4174B0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{86FD64F0-730D-42F5-8D83-661A7ABFED8B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [UDP Query User{6DF5DDE2-46E1-4D6F-BC8F-643A5CD45F42}C:\users\admin2\desktop\blobby volley 1.8\volley.exe] => (Allow) C:\users\admin2\desktop\blobby volley 1.8\volley.exe FirewallRules: [TCP Query User{91972E9F-409E-4C1E-BEFE-4777E330DBBC}C:\users\admin2\desktop\blobby volley 1.8\volley.exe] => (Allow) C:\users\admin2\desktop\blobby volley 1.8\volley.exe FirewallRules: [{4D8F21C9-956A-45B6-8740-AE0C5583A775}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{354564E5-7929-4415-854F-02F7C16ED9C1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{74E118C0-A996-4658-8FEA-CCDC58FB6754}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{31FB2AEB-A3C8-464F-A5EA-D93154C7970E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{64670021-2594-41F3-A231-2F7C4177CEEB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{A11B4A30-C9C5-4056-8886-EC57A3EE8E8A}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{078A3D22-AD51-4863-8DCF-21BAE13722A6}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{D6B58D9E-40CA-4AAF-B7F3-E49BD5440AEB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{C1FD4234-D7C5-4E68-AEB2-CEA4992FEEFE}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{00F3EAC7-8BF2-496A-977B-CC6BCA7F871A}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe FirewallRules: [{ACFABF8B-DCFD-412D-81F8-1F621D8FDA0E}] => (Allow) D:\Mr DJ\Need For Speed Most Wanted Black Edition\speed.exe FirewallRules: [{2976708A-E664-4040-BDA0-A293558C9AFA}] => (Allow) D:\Mr DJ\Need For Speed Most Wanted Black Edition\speed.exe FirewallRules: [UDP Query User{22C67F4A-4F17-4756-BD9E-1FBC6951C1D4}C:\users\admin2\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\admin2\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{3F40D81C-9901-45B3-83DE-43D3A61D00A0}C:\users\admin2\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\admin2\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{A2E1E68B-434F-4BB7-B299-86EDA32430B6}C:\users\admin2\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\admin2\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{0B2446F6-CC0E-46E0-95A6-E8490B119715}C:\users\admin2\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\admin2\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{67D9698A-F91D-4B1D-9BBA-0C74EF26EAC4}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty WWII\s2_sp64_ship.exe FirewallRules: [{F5C9E579-166F-484F-833C-A42DE54BA8DE}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty WWII\s2_sp64_ship.exe FirewallRules: [{12427532-D698-4DDD-92D7-5A4448340F85}] => (Allow) D:\SteamLibrary\steamapps\common\World of Tanks Blitz\wotblitz.exe FirewallRules: [{DA8F4F07-DD1F-4E6E-9E88-005CD439208F}] => (Allow) D:\SteamLibrary\steamapps\common\World of Tanks Blitz\wotblitz.exe FirewallRules: [{9E5E5019-BE0C-436D-AC9A-70F8D2B753E3}] => (Allow) D:\SteamLibrary\steamapps\common\Fishing Planet\FishingPlanet.exe FirewallRules: [{5DEA6CC1-D12A-4585-9480-C043D4FC8529}] => (Allow) D:\SteamLibrary\steamapps\common\Fishing Planet\FishingPlanet.exe FirewallRules: [{9CBB1B4B-49E8-43FC-9981-6B5A65FDBEDA}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe FirewallRules: [{56C42839-4216-4937-8B0D-78D965B0229F}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty WWII\s2_mp64_ship.exe FirewallRules: [{3923C14F-55CF-4615-87C9-052250DE75B7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{5D57F46C-451C-4BE4-894C-0A75F14C8150}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B1E86728-1007-4CA7-A148-73241CA79842}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{184C98FA-D2D4-451B-95E4-BD5C6F4F15CC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [UDP Query User{79DA5219-E614-4A61-B700-FF7B350B926B}C:\users\admin2\desktop\rpcs3-v0.0.5-6650-78bb9a72_win64\rpcs3.exe] => (Allow) C:\users\admin2\desktop\rpcs3-v0.0.5-6650-78bb9a72_win64\rpcs3.exe FirewallRules: [TCP Query User{B695F112-28AC-4E24-A479-1CE3E38F1A2A}C:\users\admin2\desktop\rpcs3-v0.0.5-6650-78bb9a72_win64\rpcs3.exe] => (Allow) C:\users\admin2\desktop\rpcs3-v0.0.5-6650-78bb9a72_win64\rpcs3.exe FirewallRules: [UDP Query User{979B9EB0-AE2D-4332-81F1-4E06EBAC9406}D:\games\kingdom come - deliverance\bin\win64\kingdomcome.exe] => (Block) D:\games\kingdom come - deliverance\bin\win64\kingdomcome.exe FirewallRules: [TCP Query User{EF8CC09E-F36F-4DA4-A819-05C2AB96E049}D:\games\kingdom come - deliverance\bin\win64\kingdomcome.exe] => (Block) D:\games\kingdom come - deliverance\bin\win64\kingdomcome.exe FirewallRules: [{03A25EA8-A137-488E-8DA1-A53D21F86937}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\66.0.3359.12\remoting_host.exe FirewallRules: [UDP Query User{4A76D3A8-9C09-4EC1-AB1C-2FB5DE76ED99}C:\program files (x86)\origin games\fifa 18\fifa18.exe] => (Allow) C:\program files (x86)\origin games\fifa 18\fifa18.exe FirewallRules: [TCP Query User{5FE82705-D2DF-40DD-ABDA-270AEDB1BE98}C:\program files (x86)\origin games\fifa 18\fifa18.exe] => (Allow) C:\program files (x86)\origin games\fifa 18\fifa18.exe FirewallRules: [{1CAD4CEC-E16C-47E3-B1E3-19EF3F5C32B2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{70318980-98E5-4303-8DDE-DA59F642176B}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{0D264A23-A7A1-4DE5-B972-A78642D6FFE1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{DCDF9C68-C992-485A-97E0-4988D277A180}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{92D489CF-DA94-4E24-9853-234EC0EA43DC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{416C72BB-B103-4C8A-AB84-561D441A2D68}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{D40BEC5A-3FAF-4170-8C03-D0279BBECAF8}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{19DF4370-2B2B-41C4-823E-7A15299E88E8}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{F8FA67B7-14B4-49EC-8F5D-BD771FAFC9B9}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{1946C65E-9796-499C-9539-53B21E32A894}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{638C6D2B-B46B-4430-B0D6-B580FE27AB58}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{DBA4A6C6-B669-4B76-B5E3-009461E9BAFD}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{BCF3024A-0D9E-429F-AD2C-BBD7FC3EE86A}] => (Allow) C:\Users\admin2\AppData\Local\ThunderbirdPortable\msiexec64.exe FirewallRules: [{D2490A29-8716-4488-AFD2-390CEA244C0E}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{AA367147-AA32-479B-824C-F29FC92DA134}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{0103532C-AEDE-4FC2-A536-1123F86DC2EA}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{17A30DA5-22CB-4FCA-A4DE-0A825F88C50A}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{7694C13B-C4B5-4FB3-A1C6-413A2E49DD23}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{3C4E99AF-85DA-4C6E-AC56-D6F775E1D4F2}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{CB44B126-9EC5-432C-911C-36E562061C93}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 18\FIFASetup\fifaconfig.exe FirewallRules: [{482B7DC2-DC37-49D0-96A1-02EE2C1E9F0A}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 18\FIFASetup\fifaconfig.exe FirewallRules: [{0C4D86C8-6FEB-40D9-9C9E-F8983FA5947F}] => (Allow) C:\Users\admin2\AppData\Local\helpctr\msiexec64.exe FirewallRules: [{CEB640F2-E014-462A-9250-CD7BC6DD1D6E}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{7DC60D49-2FF6-4960-96EB-71B7FA9EFB06}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{D7738ED8-E19A-4E6C-989D-939EA24A0A94}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{CF12CE1F-C6B7-4788-9100-855C3290EDA5}] => (Allow) C:\Users\admin2\AppData\Local\helpctr\msiexec64.exe FirewallRules: [{5F52683D-2C9B-4A42-AB5D-7D93B28B92CB}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{AE474589-4D7A-4C33-BD25-F058729E7102}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{2C20B8D7-0E2A-4F11-AD6A-E6215F7F4B11}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{98EA03E8-1C12-4567-A4F9-375EDFB0F81D}] => (Allow) C:\Users\admin2\AppData\Local\CamStudio 2.7\msiexec64.exe FirewallRules: [{4FAD3F80-E70B-406F-9EFB-C1DE6EE4456E}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{2ED9F9CC-36F6-42AC-A28A-1B8902ED7831}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{948B1B73-78FD-4206-A221-42C0D7AACFBC}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{2EE153F2-AFD8-4439-A3FA-283784E71E19}] => (Allow) C:\Users\admin2\AppData\Local\CamStudio 2.7\msiexec64.exe FirewallRules: [{70AB2E98-8B77-4BB3-9ECD-7BF9799AAA00}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{3707AF23-36D9-424A-8C89-9C87F289D8A0}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{78CEAD6F-1830-43F5-88D9-CCFE2A2C4FB5}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{006B637F-1A7A-4DE6-98DF-8D18C9BE8F06}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe FirewallRules: [{841F6384-8632-429D-AB24-BC7E7BED0D13}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{7FF72F4C-4487-4B13-90C9-B88B57F0CF36}] => (Allow) C:\Users\admin2\AppData\Local\CamStudio 2.7\msiexec64.exe FirewallRules: [{1908311B-2C32-4B75-B1E5-63E311BECA92}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{46BCD24B-3F6C-4ABD-AE8D-15D8EC6AA43E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{9EF6F18B-A173-46AB-8E26-B5DE9C296E4C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{6D29CCC6-47C9-4ADC-B148-6B71DA663671}] => (Allow) C:\Users\admin2\AppData\Local\CamStudio 2.7\msiexec64.exe FirewallRules: [{9D3D3FDE-34A9-4D46-AFFC-7704EF9FA47C}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{B3516D8B-9D3F-422D-B9EF-E46F6EB20154}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{D60FD993-E8D9-4596-AB4E-B6D5B8793CE4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{B9E73E95-1517-490B-ABC4-030BE351BF9E}] => (Allow) C:\Users\admin2\AppData\Local\DiskManagement\msiexec64.exe FirewallRules: [{21569392-A0E6-4A90-9FE6-DEA8530535D8}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{116C7835-AEA6-4AF3-A652-E1F289E69576}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{87882392-8BA2-4804-B64E-92834D1094B6}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [TCP Query User{7067E0FB-D463-4D4E-B437-11746A51EE5A}C:\users\admin2\appdata\local\gamerhash\miners\claymore_cryptonote_v1\nscpucnminer64.gh] => (Allow) C:\users\admin2\appdata\local\gamerhash\miners\claymore_cryptonote_v1\nscpucnminer64.gh FirewallRules: [UDP Query User{00CC45FA-A020-4E50-BDBD-E6B5B48239F0}C:\users\admin2\appdata\local\gamerhash\miners\claymore_cryptonote_v1\nscpucnminer64.gh] => (Allow) C:\users\admin2\appdata\local\gamerhash\miners\claymore_cryptonote_v1\nscpucnminer64.gh FirewallRules: [TCP Query User{AB116343-E11D-4D43-9FA6-173728714389}C:\users\admin2\appdata\local\gamerhash\miners\claymore_dual_v1\ethdcrminer64.gh] => (Allow) C:\users\admin2\appdata\local\gamerhash\miners\claymore_dual_v1\ethdcrminer64.gh FirewallRules: [UDP Query User{BC4BAF5F-9634-4092-84DC-C4D486BD6857}C:\users\admin2\appdata\local\gamerhash\miners\claymore_dual_v1\ethdcrminer64.gh] => (Allow) C:\users\admin2\appdata\local\gamerhash\miners\claymore_dual_v1\ethdcrminer64.gh FirewallRules: [TCP Query User{5235A0BE-CAD2-46B1-84BD-92752037E584}C:\users\admin2\appdata\local\gamerhash\miners\claymore_cryptonote_cpu_v2\nscpucnminer64.gh] => (Allow) C:\users\admin2\appdata\local\gamerhash\miners\claymore_cryptonote_cpu_v2\nscpucnminer64.gh FirewallRules: [UDP Query User{5A3B1AC4-33E0-448E-A925-CBAEDB0040B7}C:\users\admin2\appdata\local\gamerhash\miners\claymore_cryptonote_cpu_v2\nscpucnminer64.gh] => (Allow) C:\users\admin2\appdata\local\gamerhash\miners\claymore_cryptonote_cpu_v2\nscpucnminer64.gh FirewallRules: [{C9222B13-2943-46E6-A3B0-A1CB8B5C9046}] => (Allow) C:\Users\admin2\AppData\Local\DiskManagement\msiexec64.exe FirewallRules: [{9689730A-66C2-4374-839D-ED4F72559F80}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{5C8C2D92-DCD7-48E1-A9FD-61A9C9552DA1}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{0441EAF0-21D4-46D9-B79E-45BD7455BC1C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{2FB85E13-4A44-480B-AE72-49D279C65514}] => (Allow) C:\Users\admin2\AppData\Local\DiskManagement\msiexec64.exe FirewallRules: [{FCCDE9EE-B2CB-4268-AC25-98069D123293}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{9D8F3F85-E99F-46D4-BBF9-CB87DB2B5E0E}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{864D9D85-4E79-4FDE-B405-675965440DBE}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{55668D29-CAD2-4709-9FF6-7900D1582F97}] => (Allow) C:\Users\admin2\AppData\Local\DiskManagement\msiexec64.exe FirewallRules: [{0C2ECAA3-64D8-40A3-B08E-4DA064551970}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{5630E7FB-23E2-4BC9-8F8A-31A7B33A9934}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{142C4E44-6D16-491B-A3C7-D58D41FCCE25}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{9E6324F6-9A7A-4D07-9872-1EB8196E3DC5}] => (Allow) C:\Users\admin2\AppData\Local\DiskManagement\msiexec64.exe FirewallRules: [{D6A024FA-1733-42F6-9343-4FDE2D41E098}] => (Allow) C:\WINDOWS\SysWOW64\rundll32.exe FirewallRules: [{A4AAF83A-3C35-4026-870A-CA18CE4709DB}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe FirewallRules: [{6403FDCC-2D4E-4988-8E42-DC0C6C80A529}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe ==================== Punkty Przywracania systemu ========================= 31-05-2018 19:35:17 Zaplanowany punkt kontrolny 06-06-2018 12:00:45 Installed Oracle VM VirtualBox 5.2.12 08-06-2018 23:33:47 Removed Oracle VM VirtualBox 5.2.12 ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: NVIDIA High Definition Audio Description: NVIDIA High Definition Audio Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: NVIDIA Service: NVHDA Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Steam Streaming Microphone Description: Steam Streaming Microphone Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Valve Corporation Audio DDK Service: SteamStreamingMicrophone Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Realtek High Definition Audio Description: Realtek High Definition Audio Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: IntcAzAudAddService Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Steam Streaming Speakers Description: Steam Streaming Speakers Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Valve Corporation Audio DDK Service: SteamStreamingSpeakers Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (06/09/2018 06:32:44 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (06/09/2018 06:32:44 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (06/09/2018 05:31:03 PM) (Source: MsiInstaller) (EventID: 11704) (User: DESKTOP-VKLR95N) Description: Product: Adobe AIR -- Error 1704. An installation for __Privacy_Policy is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes? Error: (06/09/2018 05:19:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (06/09/2018 05:03:42 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (06/09/2018 05:03:22 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=2 Error: (06/08/2018 11:54:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (06/08/2018 11:54:06 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Dziennik System: ============= Error: (06/09/2018 06:51:43 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VKLR95N) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (06/09/2018 06:51:41 PM) (Source: DCOM) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi EventSystem z argumentami Niedostępny w celu uruchomienia serwera: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (06/09/2018 06:51:33 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VKLR95N) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (06/09/2018 06:49:12 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VKLR95N) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (06/09/2018 06:48:52 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VKLR95N) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (06/09/2018 06:48:46 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VKLR95N) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (06/09/2018 06:48:39 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VKLR95N) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi ShellHWDetection z argumentami Niedostępny w celu uruchomienia serwera: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (06/09/2018 06:48:36 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-VKLR95N) Description: Model DCOM odebrał błąd 1084 podczas próby uruchomienia usługi WSearch z argumentami Niedostępny w celu uruchomienia serwera: {9E175B6D-F52A-11D8-B9A5-505054503030} ==================== Statystyki pamięci =========================== Procesor: AMD Six-Core Processor Procent pamięci w użyciu: 21% Całkowita pamięć fizyczna: 8189.21 MB Dostępna pamięć fizyczna: 6454.73 MB Całkowita pamięć wirtualna: 25189.21 MB Dostępna pamięć wirtualna: 23576.43 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:231.92 GB) (Free:69.53 GB) NTFS Drive d: (VERBATIM HD) (Fixed) (Total:931.51 GB) (Free:245.86 GB) NTFS Drive e: () (Fixed) (Total:146.48 GB) (Free:3.08 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive g: () (Fixed) (Total:146.48 GB) (Free:9.93 GB) NTFS Drive h: () (Fixed) (Total:171.99 GB) (Free:25.89 GB) NTFS Drive i: () (Fixed) (Total:131.21 GB) (Free:59.41 GB) NTFS \\?\Volume{00000001-0000-0000-0000-100000000000}\ (Zastrzeżone przez system) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS \\?\Volume{00000001-0000-0000-0000-801a3a000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 00000001) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=231.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=481 MB) - (Type=27) ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: EE7A7A06) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: AE59AE59) Partition 1: (Active) - (Size=146.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=449.7 GB) - (Type=0F Extended) ==================== Koniec Addition.txt ============================