Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 28.09.2018
Uruchomiony przez Bula (02-10-2018 14:43:20)
Uruchomiony z C:\Users\Bula\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-12-13 21:15:29)
Tryb startu: Normal
==========================================================


==================== Konta użytkowników: =============================

Administrator (S-1-5-21-557026980-2374518597-3869201236-500 - Administrator - Disabled)
ASPNET (S-1-5-21-557026980-2374518597-3869201236-1002 - Limited - Enabled)
Bula (S-1-5-21-557026980-2374518597-3869201236-1000 - Administrator - Enabled) => C:\Users\Bula
Gość (S-1-5-21-557026980-2374518597-3869201236-501 - Limited - Disabled)

==================== Centrum zabezpieczeń ========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: COMODO Antivirus (Enabled - Up to date) {08B84BA8-CC77-5A8B-A100-3F522B1B6106}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Advanced Protection (Enabled - Up to date) {B3D9AA4C-EA4D-5505-9BB0-0420509C2BBB}
FW: COMODO Firewall (Enabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}

==================== Zainstalowane programy ======================

(W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.)

. . (HKLM\...\{BDB21711-3628-4159-B1E2-0BF55D105E2E}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{46267326-17DC-4A08-94BB-0FB32E31ACC2}) (Version: 3.1.1.2 - Intel) Hidden
4K Video Downloader 4.4 (HKLM-x32\...\{D04F9BA2-CF6F-41AD-8BD1-313ABD28FAF2}) (Version: 4.4.4.2275 - Open Media LLC)
Acquisition version 0.7b (HKLM-x32\...\{53E25C0C-0305-47BB-9884-F0F202297AF4}_is1) (Version: 0.7b - )
Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Aktualizacje NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
ArtMoney SE v7.45.1 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.45.1 - System SoftLab)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.3.0.1175 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Brytenwalda wersja 1.40 (HKLM-x32\...\{4D15C6C1-74C9-4AA4-8378-CEEDE7E53F39}_is1) (Version: 1.40 - Brytenwalda Dev.)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Colin McRae Rally 2 (HKLM-x32\...\{19B72AA9-985A-11D4-9C8A-00D0B75D1498}) (Version:  - )
COMODO Internet Security Premium (HKLM\...\{C7C71F0C-4CC1-4B17-943C-96E5196DDA74}) (Version: 10.2.0.6526 - COMODO Security Solutions Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Detektor Winampa (HKU\S-1-5-21-557026980-2374518597-3869201236-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 411.70 - NVIDIA Corporation) Hidden
DriverIdentifier 5.2 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version:  - DriverIdentifier)
DX-Ball 1.09 (HKLM-x32\...\DX-Ball 1.09) (Version:  - )
Epic Games Launcher (HKLM-x32\...\{A1FB061E-4E60-4A82-8893-21DF7A4D63D0}) (Version: 1.1.132.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.119 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.119 - Etron Technology)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4578 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{35fa0dcf-eda2-402b-b1f0-64973bb1938a}) (Version: 3.1.1.2 - Intel)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.3.438464.135 - Comodo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
K-Lite Mega Codec Pack 10.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.0 - )
Knights and Merchants Złota Edycja (HKLM-x32\...\{0BA83C1E-76B3-4FF7-9657-F2C36C2CCC66}_is1) (Version: 1.5 - TopWare Interactive)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Malwarebytes (wersja 3.5.1.2522) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mount and Blade Warband version 1.1.60 (HKLM-x32\...\Mount and Blade Warband_is1) (Version: 1.1.60 - )
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 62.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 62.0.2 (x64 pl)) (Version: 62.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.2.6837 - Mozilla)
Need for Speed Underground 2 wersja 1.2 (HKLM-x32\...\Need for Speed Underground 2_is1) (Version: 1.2 - EA Games)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Oprogramowanie systemu PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
NVIDIA Sterownik 3D Vision 411.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 411.70 - NVIDIA Corporation)
NVIDIA Sterownik dźwięku HD 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation)
NVIDIA Sterownik graficzny 411.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 411.70 - NVIDIA Corporation)
NVIDIA Sterownik kontrolera 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.5 (HKLM-x32\...\{7076105B-6FE8-464A-AC28-FFBB2686B68F}) (Version: 4.15.9789 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.21.179 - Electronic Arts, Inc.)
Panel sterowania NVIDIA 411.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 411.70 - NVIDIA Corporation) Hidden
Path of Exile (HKLM-x32\...\{2e1f0d5f-d699-4d85-a97d-58b601d5b189}) (Version: 3.4.1.40987 - Grinding Gear Games)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.4.1.40987 - Grinding Gear Games) Hidden
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.22 - Qualcomm Atheros Communications Inc.)
Rapture3D 2.3.22 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
screenSHU - the fastest screen capture ever. (HKLM-x32\...\screenSHU) (Version:  - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-557026980-2374518597-3869201236-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Witcher 3, âĺđńč˙ 2.0 (HKLM-x32\...\The Witcher 3_is1) (Version: 2.0 - CD PROJEKT RED)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Niestandardowe rejestracje CLSID (filtrowane): ==========================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

CustomCLSID: HKU\S-1-5-21-557026980-2374518597-3869201236-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => D:\Programy\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => D:\Programy\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => D:\Programy\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => D:\Programy\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => D:\Programy\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => D:\Programy\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => D:\Programy\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => D:\Programy\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => D:\Programy\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => D:\Programy\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\winrar\rarext64.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\winrar\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => D:\Programy\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Programy\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => D:\Programy\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => D:\Programy\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-01-24] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-09-25] (NVIDIA Corporation)
ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => D:\Programy\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Programy\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\winrar\rarext64.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\winrar\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => D:\Programy\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)

==================== Zaplanowane zadania (filtrowane) =============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

Task: {0270FCE8-C02C-48B6-A4E4-67BBC4EDFF7D} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {02C67161-1557-43FC-B7C1-BE7D8E0A3BE5} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {0B0E78D1-3894-4BA5-8E94-3EABD5EEDE14} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-25] (NVIDIA Corporation)
Task: {1811FA49-ED7E-4807-A357-094C539C0C16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {22784988-4AF0-48D1-BA56-2CBB6954BE55} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {2821B238-122E-48C2-98C6-43513C17849F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {35AF07A2-67B6-411F-8CCA-AA0156AEB074} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-09-25] (NVIDIA Corporation)
Task: {3B8F2716-B3E2-4A05-A5AC-F1CF1A02F7A8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-25] (NVIDIA Corporation)
Task: {3D5BCAD7-F0DA-4D69-B530-55D145535DD1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-09-11] (Adobe Systems Incorporated)
Task: {4070A0C8-F82E-4E58-8E1D-0B498EB33C7B} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {43986685-1710-414E-A1AE-CF5C4A0F6481} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {56F74DAA-1530-4252-AED2-011AB027586D} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {592BDDAA-0D50-4CC6-BB86-E65C96A9BBDD} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {6108AFE8-8E76-44BA-8791-0A6ADA6F9E47} - System32\Tasks\{603A4C40-7B68-453A-9689-E826391F9FA5} => C:\Windows\system32\pcalua.exe -a D:\Flash_Disinfector_www.INSTALKI.pl.exe -d D:\
Task: {6662864B-3DD6-4B8C-94B3-D73AC0292380} - System32\Tasks\{9EA4D002-7D50-41F1-B432-01E4B783E019} => C:\Windows\system32\pcalua.exe -a G:\dx8a\DX81pol.exe -d G:\dx8a
Task: {77186D02-8BAE-4F40-B1B4-1E4864B7F43E} - System32\Tasks\{B0EBAF8D-D44B-4826-89E0-95E3F7B176C2} => C:\Windows\system32\pcalua.exe -a D:\Gry\kam\Km\setup.EXE -d D:\Gry\kam\Km
Task: {79218626-4E9B-483E-ACF9-77AA4F022F30} - System32\Tasks\{1922E8B9-17ED-4FC5-A94E-2BD63D81DDCF} => C:\Windows\system32\pcalua.exe -a D:\Gry\dirt3\Installer.exe -d D:\Gry\dirt3
Task: {7B910F32-A76D-4D89-8182-26A0CABEABB4} - System32\Tasks\{6C497C24-6871-4325-897E-7D18D8E2A0DC} => C:\Windows\system32\pcalua.exe -a D:\win64_154037.4835.exe -d D:\
Task: {7D2891F6-5E17-4C0D-8F8F-4BCBA9B8DDD2} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {8077A32B-3138-4933-9707-3FEAA945C1F9} - System32\Tasks\{379D1E27-E6E2-4800-B864-0ACC0CE82119} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Flexrancof\uninstall.exe" -c -f "C:\Program Files (x86)\Common Files\Flexrancof\uninstall.dat" -a uninstallme B15E5C24-012D-417D-84EA-C5CE518444DA DeviceId=6941b483-eb3d-b347-43bc-4f8421b29054 BarcodeId=50027003 ChannelId=3 DistributerName=APSnapdoAMRev
Task: {8ADF2A8A-BD13-43F4-8FC6-1F67EB448956} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2018-03-13] (COMODO)
Task: {8BD63843-60D0-435F-87E9-102BCE155EFD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-25] (NVIDIA Corporation)
Task: {9E440477-5EB4-4E69-AA74-6F7A5B6A16B1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {A5659F93-A29A-4EA8-82AB-352C4B4E807A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-09-25] (NVIDIA Corporation)
Task: {AF4606AB-487E-4B2C-99D2-B2C0F22FCBBA} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {BA5876AF-2654-4CBB-9E66-2B7650BEF9BD} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {C0814620-BAB3-41A7-89C2-DC09F6D0EB82} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {D62CB0FD-2D95-4016-B6EC-F3D52B19DC10} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {D8757133-EDFC-48B9-9661-EF8553EFF351} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-11] (Adobe Systems Incorporated)
Task: {D8C0B6A3-A714-4E77-BF8B-CF3CF8F6049E} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2018-03-13] (COMODO)
Task: {DF2C675D-EFE6-433C-85A4-D1F76FD39FC2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-09-25] (NVIDIA Corporation)
Task: {EBC2B03D-0A4C-4938-BAA1-19807FC6DD34} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {ECA3CE62-9FEE-47FF-A882-CDAFF8E22E8D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {F12B4F1F-971D-431A-8DD6-986F1BCF27C3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-25] (NVIDIA Corporation)
Task: {F74E03EF-1B77-4F2A-B13B-0BC1BBD18CBE} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)

(Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.)


==================== Skróty & WMI ========================

(Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.)


==================== Załadowane moduły (filtrowane) ==============

2016-09-15 01:03 - 2018-03-13 19:17 - 000244416 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2016-09-15 01:02 - 2018-03-13 19:17 - 000107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2018-10-01 19:35 - 2018-09-25 19:49 - 000143344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-10-01 19:36 - 2018-09-25 22:12 - 001314672 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2014-12-21 23:10 - 2017-01-31 17:39 - 000076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-12-08 00:29 - 2017-12-08 00:29 - 000181992 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2017-12-08 00:29 - 2017-12-08 00:29 - 000167656 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Common.dll
2017-12-08 00:29 - 2017-12-08 00:29 - 000014056 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Config.dll
2017-12-08 00:29 - 2017-12-08 00:29 - 000044776 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\AnalyzerTask.dll
2017-12-08 00:29 - 2017-12-08 00:29 - 000266984 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\analyzer.dll
2010-01-30 03:40 - 2010-01-30 03:40 - 004254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-08-24 20:28 - 2015-08-24 20:28 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll
2017-08-09 23:12 - 2017-02-26 22:50 - 000228352 _____ () C:\Program Files (x86)\SteamServerBrowser\SteamServerBrowser.exe
2016-03-16 12:25 - 2017-09-07 10:39 - 000073920 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2017-10-31 21:53 - 2018-04-25 13:16 - 002297040 _____ () D:\PROGRAMY\ANTI-MALWARE\SelfProtectionSdk.dll
2017-10-31 21:53 - 2018-04-30 12:54 - 002493648 _____ () D:\PROGRAMY\ANTI-MALWARE\MwacLib.dll
2018-07-01 19:01 - 2017-12-16 10:26 - 000143360 _____ () C:\Users\Bula\AppData\Roaming\Python\zm.exe
2018-10-01 19:36 - 2018-09-25 22:12 - 001032560 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-07-01 19:01 - 2017-12-16 10:26 - 000173568 _____ () C:\Users\Bula\AppData\Roaming\Python\lib\site-packages\win32\win32gui.pyd
2018-07-01 19:01 - 2017-12-16 10:26 - 000111616 _____ () C:\Users\Bula\AppData\Roaming\Python\lib\site-packages\pypiwin32_system32\pywintypes36.dll
2018-07-01 19:01 - 2017-12-16 10:26 - 000041984 _____ () C:\Users\Bula\AppData\Roaming\Python\lib\site-packages\win32\win32process.pyd
2018-07-01 19:01 - 2017-12-16 10:26 - 000103424 _____ () C:\Users\Bula\AppData\Roaming\Python\lib\site-packages\win32\win32api.pyd
2018-07-01 19:01 - 2017-12-16 10:26 - 000053760 _____ () C:\Users\Bula\AppData\Roaming\Python\lib\site-packages\psutil\_psutil_windows.cp36-win32.pyd

==================== Alternate Data Streams (filtrowane) =========

(Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.)

AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\dllme.txt:$CmdZnID [26]
AlternateDataStreams: C:\Windows\system32\hpotiop1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hpowiav1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\hpz3lw71.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mousecpl.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ucrtbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\pbsvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\ucrtbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Windows\system32\Drivers\t_mouse.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\usbscan.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Public\AppData:CSM [228]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [474]

==================== Tryb awaryjny (filtrowane) ===================

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Powiązania plików (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.)


==================== Internet Explorer - Witryny zaufane i z ograniczeniami ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.)


==================== Hosts - zawartość: ===============================

(Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Inne obszary ============================

(Obecnie brak automatycznej naprawy dla tej sekcji.)

HKU\S-1-5-21-557026980-2374518597-3869201236-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Zapora systemu Windows [funkcja wyłączona]

==================== MSCONFIG/TASK MANAGER - Wyłączone elementy ==

Załączenie wejścia w fixlist spowoduje jego usunięcie.

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GalaxyClient => D:\Programy\GalaxyClient\GalaxyClient.exe /launchViaAutoStart
MSCONFIG\startupreg: screenSHU => "D:\Programy\screen\screenSHU\screenSHU.exe" --hidden
MSCONFIG\startupreg: Skype => "D:\Programy\skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "D:\Programy\steam\steam.exe" -silent
MSCONFIG\startupreg: World of Tanks => "D:\Gry\wot\WargamingGameUpdater.exe"

==================== Reguły Zapory systemu Windows (filtrowane) ===============

(Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.)

FirewallRules: [TCP Query User{6C15187B-5612-4117-81BA-3A917E0F7B01}F:\ravia s2\game.exe] => (Block) F:\ravia s2\game.exe
FirewallRules: [UDP Query User{A55E9FEE-8A60-48D4-8124-E40B4CD50F3F}F:\ravia s2\game.exe] => (Allow) F:\ravia s2\game.exe
FirewallRules: [{708454D5-AEDA-4C8F-902F-DB2C5B855151}] => (Allow) D:\Programy\winamp\winamp.exe
FirewallRules: [{A68FF55F-1C52-4BDA-8F53-67B8CAFB069B}] => (Allow) D:\Programy\winamp\winamp.exe
FirewallRules: [{46C2E15F-59CD-439E-8437-EA66C9436F61}] => (Allow) D:\Programy\Firefox\firefox.exe
FirewallRules: [{F3073F1E-7BEC-4CDE-A2CD-8DEE6DBFCFE7}] => (Allow) D:\Programy\Firefox\firefox.exe
FirewallRules: [{40DC5F7A-E9BE-4E2B-B3EF-E29BFB3E8E57}] => (Allow) D:\Programy\steam\Steam.exe
FirewallRules: [{930A0578-DF6D-4A35-96C7-FBBB490103F7}] => (Allow) D:\Programy\steam\Steam.exe
FirewallRules: [{55A0B1D1-0411-43C4-A134-B7E0E2FF5A1E}] => (Allow) D:\Programy\Firefox\firefox.exe
FirewallRules: [{1B765924-185F-49CA-B22C-0AC6D35663BA}] => (Allow) D:\Programy\Firefox\firefox.exe
FirewallRules: [{34BECD3C-DD85-477F-A74E-EF16AE76F0BD}] => (Allow) LPort=80
FirewallRules: [{8431AAA5-FC27-49EE-98F0-4F243176A75C}] => (Allow) LPort=443
FirewallRules: [{4A816EFA-F314-4EE6-A754-E460A1263823}] => (Allow) LPort=20010
FirewallRules: [{23450B1F-1BCF-4D35-9446-CBF80E5818F0}] => (Allow) LPort=3478
FirewallRules: [{E5C61B59-5FBA-4EC4-B5F0-CAADBCE313C1}] => (Allow) LPort=7850
FirewallRules: [{8CE29AC5-AC52-4B54-A3AD-DD6E12DB9B17}] => (Allow) LPort=7852
FirewallRules: [{46483E04-BF83-45AD-865D-2C6B5907F104}] => (Allow) LPort=7853
FirewallRules: [{9A75D806-4157-4F11-91F7-522E80096DD7}] => (Allow) LPort=27022
FirewallRules: [{8202ADE7-0A22-460F-9A71-A1076B402E5B}] => (Allow) LPort=6881
FirewallRules: [{3A9BFD0B-E65C-463A-B248-4BEB9EC68046}] => (Allow) LPort=33333
FirewallRules: [{18031AEF-DDA6-41B3-98E0-365F1D566482}] => (Allow) LPort=20443
FirewallRules: [{F3CD891A-AF4E-4D61-9251-B20EA7F99108}] => (Allow) LPort=8090
FirewallRules: [{261066E1-6A67-4D35-B1E0-D521936ECC68}] => (Allow) D:\Programy\Office14\GROOVE.EXE
FirewallRules: [{7E36B8EB-C691-4188-A646-4DE3401016C0}] => (Allow) D:\Programy\Office14\GROOVE.EXE
FirewallRules: [{2B157387-5CD3-4098-B4BB-6FB3CE0F9237}] => (Allow) D:\Programy\Office14\ONENOTE.EXE
FirewallRules: [{684476BE-944C-4D25-9B9A-D8404C7E5698}] => (Allow) D:\Programy\Office14\ONENOTE.EXE
FirewallRules: [{9598D170-ED07-4859-B9CC-962999823768}] => (Allow) D:\Programy\Office14\outlook.exe
FirewallRules: [{D805AB05-3BD0-4D33-8068-3EE75BC88543}] => (Allow) D:\Programy\steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F07B60D6-15E0-4458-8D29-DE8478C77527}] => (Allow) D:\Programy\steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BC146E26-4FDA-4B3B-9FE9-6B8E719FE937}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{78B73047-5DD0-41E8-BCCA-7E7B410AC984}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FFA91A60-41B8-4B3A-BADC-4CF09AA99DDB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E9A5CE1A-F206-45E2-8ECA-D0063EBC2D2D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4A471F15-36C9-4DC3-A3E2-E937DF4A1833}] => (Allow) D:\Programy\steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{EF79EED9-B18B-428C-A6FE-E6EE711D990A}] => (Allow) D:\Programy\steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{0942D643-F14E-4345-8D50-4791E75775AF}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{79BC106D-1E70-4AF0-928C-24E51419DDBA}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{52445BAD-3065-4D86-BE91-E54748015BAA}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{C0D250E0-A4FD-4E02-9ED0-91515C7ABC32}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{FEE13E4E-AE08-4610-8277-D78DA90D1E93}] => (Allow) D:\Gry\Knights and Merchants\KM_TPR.exe
FirewallRules: [{80DD74E4-E072-417A-A43E-3AC48D70483D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D78677D3-FF6A-42CE-852B-2F4180C72E1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{19F2F1A9-BF8E-4B77-9CF7-B19A4754E5E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DCE66019-E815-4261-9BD6-D0D54FB44F86}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{30DC5728-C73E-4D6C-B88C-FBBAF911BDEB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{00B752E9-7F52-466A-B4C6-9B3FF362EB1C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Punkty Przywracania systemu =========================


==================== Wadliwe urządzenia w Menedżerze urządzeń =============

Name: Karta tunelowania Teredo firmy Microsoft
Description: Karta tunelowania Teredo firmy Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Błędy w Dzienniku zdarzeń: =========================

Dziennik Aplikacja:
==================
Error: (10/02/2018 01:03:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT)
Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu.

Error: (10/02/2018 01:03:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT)
Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data.

Error: (10/02/2018 01:03:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT)
Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data.

Error: (10/02/2018 12:57:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/01/2018 07:42:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT)
Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu.

Error: (10/01/2018 07:42:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT)
Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data.

Error: (10/01/2018 07:42:12 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT)
Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data.

Error: (10/01/2018 07:38:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT)
Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu.


Dziennik System:
=============
Error: (10/02/2018 01:01:36 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 40.

Error: (10/02/2018 01:01:36 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.

Error: (10/02/2018 01:01:36 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 40.

Error: (10/02/2018 01:01:36 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.

Error: (10/02/2018 01:00:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Usługa Energy Server Service queencreek zakończyła działanie; wystąpił następujący błąd: 
Operacja tworzenia została zatrzymana po napotkaniu łącza symbolicznego.

Error: (10/02/2018 01:00:06 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 40.

Error: (10/02/2018 01:00:06 PM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 70.

Error: (10/02/2018 01:41:00 AM) (Source: Schannel) (EventID: 4119) (User: ZARZĄDZANIE NT)
Description: Odebrano następujący alert krytyczny: 40.


CodeIntegrity:
===================================

Date: 2017-11-28 14:44:51.321
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-11-28 14:44:51.309
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-01 05:49:24.218
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-31 14:12:18.415
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-31 13:25:05.855
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-30 12:19:23.349
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-30 11:38:27.997
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-03-30 03:58:13.238
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\iseguard64.dll because the set of per-page image hashes could not be found on the system.

==================== Statystyki pamięci =========================== 

Procesor: Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
Procent pamięci w użyciu: 56%
Całkowita pamięć fizyczna: 4032.59 MB
Dostępna pamięć fizyczna: 1740.79 MB
Całkowita pamięć wirtualna: 12095.96 MB
Dostępna pamięć wirtualna: 7433.05 MB

==================== Dyski ================================

Drive c: () (Fixed) (Total:48.6 GB) (Free:4.47 GB) NTFS
Drive d: () (Fixed) (Total:174.74 GB) (Free:8.48 GB) NTFS


==================== MBR & Tablica partycji ==================

========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Koniec  Addition.txt ============================