Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 01.12.2018 01 Uruchomiony przez Zod (03-12-2018 17:06:03) Uruchomiony z D:\Pobrane Windows 10 Pro Wersja 1803 17134.441 (X64) (2018-06-25 19:03:58) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2965024247-2335412768-829678967-500 - Administrator - Disabled) Gość (S-1-5-21-2965024247-2335412768-829678967-501 - Limited - Disabled) Konto domyślne (S-1-5-21-2965024247-2335412768-829678967-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2965024247-2335412768-829678967-504 - Limited - Disabled) Zod (S-1-5-21-2965024247-2335412768-829678967-1001 - Administrator - Enabled) => C:\Users\Zod ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-2965024247-2335412768-829678967-1001\...\uTorrent) (Version: 3.5.4.44632 - BitTorrent Inc.) BlasterX Acoustic Engine Pro (HKLM-x32\...\{6A50FEDA-0BE0-4226-9B94-37434EA5A9B2}) (Version: 1.02.09 - Creative Technology Limited) BlasterX Acoustic Engine Pro Extras (HKLM-x32\...\{181E01EF-AF4A-458D-A28C-2CB32CFF9A7F}) (Version: 1.0 - Creative Technology Limited) Creative ASIO (USB) (HKLM-x32\...\Creative_ASIO(USB)) (Version: 1.02 - Creative Technology Limited) CrystalDiskMark 6.0.1 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.1 - Crystal Dew World) Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.0.0 - Dell Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.36 - NVIDIA Corporation) Hidden DoNotSpy10 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 4.0 - pXc-coding.com) Goodix Fingerprint Driver (HKLM\...\{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 1.0.33.800 - Goodix, Inc.) HWiNFO64 Version 5.84 (HKLM\...\HWiNFO64_is1) (Version: 5.84 - Martin Malík - REALiX) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation) Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.364 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4982 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1045-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation) JetBrains PyCharm Community Edition 2018.2.4 (HKLM-x32\...\PyCharm Community Edition 2018.2.4) (Version: 182.4505.26 - JetBrains s.r.o.) KeePassXC (HKLM-x32\...\KeePassXC) (Version: 2.3.1 - KeePassXC Team) LibreOffice 6.0.2.1 (HKLM\...\{673086D4-1E80-4ED2-A68E-2F6AF26F9760}) (Version: 6.0.2.1 - The Document Foundation) Malwarebytes (wersja 3.6.1.2711) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9246.0 - Waves Audio Ltd.) Hidden Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 63.0.3 (x64 pl) (HKLM\...\Mozilla Firefox 63.0.3 (x64 pl)) (Version: 63.0.3 - Mozilla) Mozilla Thunderbird 60.3.1 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 60.3.1 (x86 pl)) (Version: 60.3.1 - Mozilla) NVIDIA Oprogramowanie systemu PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Sterownik graficzny 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.36 - NVIDIA Corporation) Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden Panel sterowania NVIDIA 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.36 - NVIDIA Corporation) Hidden Python 3.7.1 (64-bit) (HKU\S-1-5-21-2965024247-2335412768-829678967-1001\...\{8a84877c-26dd-4b77-8117-80eaec80127c}) (Version: 3.7.1150.0 - Python Software Foundation) Python 3.7.1 Add to Path (64-bit) (HKLM\...\{6846E653-89AC-47BC-8E11-FB9991EC90AA}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden Python 3.7.1 Core Interpreter (64-bit) (HKLM\...\{3CDB402E-5970-4DCB-8EE8-D50517AB55AE}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden Python 3.7.1 Development Libraries (64-bit) (HKLM\...\{61D00EE1-616D-4782-A8C5-EDD436BE9766}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden Python 3.7.1 Documentation (64-bit) (HKLM\...\{C66332A3-9916-4CA0-89B3-88E4F0789207}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden Python 3.7.1 Executables (64-bit) (HKLM\...\{C3B089F9-4BA6-45A6-91A2-C5938F8702F8}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden Python 3.7.1 pip Bootstrap (64-bit) (HKLM\...\{ED677B31-8BF6-49FA-9B99-A63CD45D316A}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden Python 3.7.1 Standard Library (64-bit) (HKLM\...\{7627B8B4-82DD-4BD2-B33B-465E41693F0D}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden Python 3.7.1 Tcl/Tk Support (64-bit) (HKLM\...\{00FB4D96-77D4-4043-950E-8FA816BCAD7D}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden Python 3.7.1 Test Suite (64-bit) (HKLM\...\{A1CFED46-5F31-4813-A494-681BBB2B6E23}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden Python 3.7.1 Utility Scripts (64-bit) (HKLM\...\{96DEF82E-CD26-4AB5-A7FB-81E1B6D1DE91}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{C3A1C6B1-9096-47A7-AB5C-09114002A996}) (Version: 3.7.6501.0 - Python Software Foundation) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31236 - Realtek Semiconductor Corp.) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.18.526.2017 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8219 - Realtek Semiconductor Corp.) SpyShelter Firewall 11.3 (HKLM\...\SpyshelterInternetSecurity_is1) (Version: 11.3 - Datpol) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk) TeamSpeak 3 Client (HKU\S-1-5-21-2965024247-2335412768-829678967-1001\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH) Thunderbolt™ Software (HKLM-x32\...\{1CAE7E2B-41ED-46BF-AA78-4658AE8C2130}) (Version: 17.4.77.400 - Intel Corporation) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.68.0 (HKLM\...\VulkanRT1.0.68.0) (Version: 1.0.68.0 - LunarG, Inc.) Hidden WinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) World of Tanks (HKU\S-1-5-21-2965024247-2335412768-829678967-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2965024247-2335412768-829678967-1001_Classes\CLSID\{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\Zod\AppData\Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation) ContextMenuHandlers1: [SpyshelterExt] -> {030D32F7-BF26-40a2-AB44-A34E78908701} => C:\Windows\system32\SpyShelterShellExt.dll [2017-08-29] (Datpol) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers2: [SpyshelterExt] -> {030D32F7-BF26-40a2-AB44-A34E78908701} => C:\Windows\system32\SpyShelterShellExt.dll [2017-08-29] (Datpol) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers4: [SpyshelterExt] -> {030D32F7-BF26-40a2-AB44-A34E78908701} => C:\Windows\system32\SpyShelterShellExt.dll [2017-08-29] (Datpol) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fe73d2ebaa05fb95\igfxDTCM.dll [2018-03-28] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-06-24] (NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1026CD47-585F-4A53-9B20-A476B6E7C93A} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-06-24] (NVIDIA Corporation) Task: {2E0C053A-0FF7-40B6-804A-39355AF2206E} - \Intel\Thunderbolt\Start Thunderbolt service when hardware is detected -> Brak pliku <==== UWAGA Task: {44988D35-E13B-4F2A-B20E-B689786AE8A4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-11-13] (Microsoft Corporation) Task: {4B40B0AD-CB99-4639-AD52-CB18AFE6783C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => ConditionalAppStarter.exe Task: {4D61203B-70E2-4122-94B5-BBA32446ABB9} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-06-24] (NVIDIA Corporation) Task: {52A93847-67DF-4114-BE28-FEEF77E03B7A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-11-13] (Microsoft Corporation) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {7606C95A-14F7-4E4A-A5C3-7562E80AF0D2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-11-13] (Microsoft Corporation) Task: {7FFF08BA-FE7F-485D-9319-2CD85D9BAF2E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => ConditionalAppStarter.exe Task: {809DB8BE-8F10-4FA3-AEF9-E80BA56D4847} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => ConditionalAppStarter.exe Task: {95E7E23E-A836-4539-AA4E-68963263599A} - \Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up -> Brak pliku <==== UWAGA Task: {B7864D92-A797-4947-B590-6B78188D97C1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-06-24] (NVIDIA Corporation) Task: {BF66A97E-6451-49C1-98CA-D41DC2991561} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-06-24] (NVIDIA Corporation) Task: {D78E175F-5AE1-499A-B886-0240ECB38042} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-11-13] (Microsoft Corporation) Task: {F658A8E6-2769-45CD-9442-0BAD5525B097} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-06-24] (NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2018-11-15 22:14 - 2018-11-15 22:14 - 000243888 _____ () c:\windows\system32\drivers\umdf\milanfusb.dll 2018-04-04 17:02 - 2018-04-04 17:02 - 000174280 _____ () C:\Windows\system32\IntelWifiIhv06.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\SYSTEM32\inputhost.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-11-27 20:13 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-11-27 20:13 - 2018-11-09 03:17 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2018-11-12 20:37 - 2018-11-27 20:25 - 000053366 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 0.0.0.0 storeedgefd.dsx.mp.microsoft.com 0.0.0.0 assets.onestore.ms 0.0.0.0 microsoftstore.btttag.com 0.0.0.0 pdtf4q.by3302.livefilestore.com 0.0.0.0 pti.store.microsoft.com 0.0.0.0 store-images.microsoft.com 0.0.0.0 store-images.s-microsoft.com 0.0.0.0 storecatalogrevocation.storequality.microsoft.com 0.0.0.0 settings-ssl.xboxlive.com.nsatc.net 0.0.0.0 tiles.xbox.com.nsatc.net 0.0.0.0 musicmatch-ssl.xboxlive.com.nsatc.net 0.0.0.0 epix.xbox.com.nsatc.net 0.0.0.0 vdlimages.xboxlive.com.nsatc.net 0.0.0.0 download-ssl.xbox.com.nsatc.net 0.0.0.0 1c.dl.delivery.mp.microsoft.com 0.0.0.0 1c.tlu.dl.delivery.mp.microsoft.com 0.0.0.0 2.dl.delivery.mp.microsoft.com 0.0.0.0 2.tlu.dl.delivery.mp.microsoft.com 0.0.0.0 205-trouter-eus2-a.drip.trouter.io 0.0.0.0 258-trouter-neu-a.drip.trouter.io 0.0.0.0 2df7e.v.fwmrm.net 0.0.0.0 3.dl.delivery.mp.microsoft.com 0.0.0.0 3.tlu.dl.delivery.mp.microsoft.com 0.0.0.0 39-trouter-eus2-a.drip.trouter.io 0.0.0.0 7.dl.delivery.mp.microsoft.com 0.0.0.0 7.tlu.dl.delivery.mp.microsoft.com 0.0.0.0 73-trouter-neu-a.drip.trouter.io 0.0.0.0 7962161087.cdn.optimizely.com 0.0.0.0 87-trouter-easia-a.drip.trouter.io Wykryto więcej niż wyliczono: 1545 linii. ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2965024247-2335412768-829678967-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg DNS Servers: 208.67.222.222 - 208.67.220.220 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: OFF) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. MSCONFIG\Services: DellUpdate => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: NvTelemetryContainer => 2 MSCONFIG\Services: Steam Client Service => 3 HKLM\...\StartupApproved\Run: => "SecurityHealth" HKU\S-1-5-21-2965024247-2335412768-829678967-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2965024247-2335412768-829678967-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2965024247-2335412768-829678967-1001\...\StartupApproved\Run: => "Vivaldi Update Notifier" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{831AA613-E4C7-4C77-B1C0-4474D4BB1F48}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{EF9BBA27-6E38-4A68-9277-CB2881826C91}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{27B8ED16-5147-418E-9F98-40A38A110453}] => (Allow) C:\Gry\WoT\WoTLauncher.exe FirewallRules: [{52E51E53-2A94-4533-9426-D14A27BCD18A}] => (Allow) C:\Gry\WoT\WoTLauncher.exe FirewallRules: [{948911BD-34FF-45D0-A586-E3169CADFC83}] => (Allow) C:\Gry\WoT\worldoftanks.exe FirewallRules: [{B7790972-A960-472C-BEB8-6149B5DB4E4D}] => (Allow) C:\Gry\WoT\worldoftanks.exe FirewallRules: [{8E256BB4-9FB0-451E-9CE1-133FE2331FB1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{C802A8B0-3DF1-429B-BC7D-6415DA846154}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{4DCADE29-1C7E-4327-92B9-59C585606ECD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{F08AF3D6-D9AD-4607-A571-AB7C16BFC990}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{F8DED679-8CA5-48BE-A433-559F3564BF4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Frostpunk\Frostpunk.exe FirewallRules: [{DEDB6D82-52D0-47F6-BFCE-956368128CF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Frostpunk\Frostpunk.exe FirewallRules: [{EF473E30-210C-445A-99F2-EEC77489BF22}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{A4E8AFD1-5E88-43F5-8F88-16AF94667C1D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{3AE4CBBC-9524-4E93-9B70-24CB946CCFF7}] => (Allow) C:\Users\Zod\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2D258CE6-051F-4EEC-AFF8-02AD16DA7104}] => (Allow) C:\Users\Zod\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B813ABA4-D49D-4512-9026-BD85B45AEBF7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe FirewallRules: [{9FAC504E-F314-409F-889E-6CFEFDBFB53A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DyingLightGame.exe FirewallRules: [{EA04F773-A433-48C9-8854-60719D371C88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe FirewallRules: [{0277134A-C71D-4D11-9F44-C7D793A00FE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe FirewallRules: [{5A6A5B20-A524-4117-9E95-D40EC248CC8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe FirewallRules: [{AFB39973-7D53-450A-B2DF-5EA6B743C8FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe FirewallRules: [{1C48868A-69FE-497D-90D5-1187F55B6B3D}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{0BE6B60D-025F-4F1D-B7B2-7024126CAB5C}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{03C5B238-F538-4478-9F7D-64E0F3BA084E}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{B2842DE8-EE2D-43BC-987E-376E0C674A32}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe ==================== Punkty Przywracania systemu ========================= 15-11-2018 22:14:29 Dell Client Management Service 17-11-2018 18:23:22 Instalator modułów systemu Windows 18-11-2018 20:23:22 Instalator modułów systemu Windows 19-11-2018 22:21:22 Instalator modułów systemu Windows 21-11-2018 00:21:22 Instalator modułów systemu Windows 22-11-2018 16:23:00 Instalator modułów systemu Windows 23-11-2018 18:23:22 Instalator modułów systemu Windows 24-11-2018 20:11:17 Instalator modułów systemu Windows 25-11-2018 22:13:59 Instalator modułów systemu Windows 27-11-2018 05:33:42 Instalator modułów systemu Windows 27-11-2018 20:23:57 RemoveSpy_AIO_2018-11-27_20:23:51 02-12-2018 19:30:48 IIF_MSI ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Dziennik System: ============= Error: (12/03/2018 06:40:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Intel(R) Content Protection HECI Service zakończyła działanie; wystąpił następujący błąd: Nieokreślony błąd. Error: (12/03/2018 06:40:59 AM) (Source: BugCheck) (EventID: 1001) (User: ) Description: Nastąpił ponowny rozruch komputera po operacji wykrywania błędów. Wyniki tej operacji były następujące: 0x00000050 (0xffffcd043eee9000, 0x0000000000000000, 0xfffff802b32ddfe5, 0x000000000000000c). Zrzut zapisano w: C:\Windows\MEMORY.DMP. Identyfikator raportu: 99de9baa-603d-4135-ae3f-50a59a4e390f. Error: (12/03/2018 06:40:59 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 00:11:51 na ‎03.‎12.‎2018 było nieoczekiwane. Error: (11/30/2018 06:34:22 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: ZARZĄDZANIE NT) Description: 3221225684Wystąpił błąd krytyczny podczas przetwarzania danych przywracania. Error: (11/30/2018 06:34:31 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 18:30:50 na ‎30.‎11.‎2018 było nieoczekiwane. Error: (11/30/2018 05:13:24 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi LAPTOP\Zod o identyfikatorze zabezpieczeń SID (S-1-5-21-2965024247-2335412768-829678967-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (11/30/2018 03:11:03 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: Nastąpił ponowny rozruch komputera po operacji wykrywania błędów. Wyniki tej operacji były następujące: 0x00000050 (0xffff858a2e07c000, 0x0000000000000000, 0xfffff802d04e3fe5, 0x000000000000000c). Zrzut zapisano w: C:\Windows\MEMORY.DMP. Identyfikator raportu: 7e8ac767-c0ef-4507-8f98-0235d82df02c. Error: (11/30/2018 03:11:03 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 23:51:50 na ‎29.‎11.‎2018 było nieoczekiwane. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz Procent pamięci w użyciu: 20% Całkowita pamięć fizyczna: 16249.16 MB Dostępna pamięć fizyczna: 12958.31 MB Całkowita pamięć wirtualna: 18681.16 MB Dostępna pamięć wirtualna: 14024.56 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:237.87 GB) (Free:106.64 GB) NTFS Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:927.92 GB) NTFS \\?\Volume{c8895477-30ba-4acb-8fec-da184ac31e3c}\ (Odzyskiwanie) (Fixed) (Total:0.49 GB) (Free:0.12 GB) NTFS \\?\Volume{9a25dba1-ccf8-4d36-af1d-7543a5af3f16}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: E3886B5B) Partition: GPT. ======================================================== Disk: 1 (Size: 238.5 GB) (Disk ID: E3886392) Partition: GPT. ==================== Koniec Addition.txt ============================