Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 24.12.2018 Uruchomiony przez Emanuel (25-12-2018 18:43:13) Uruchomiony z C:\Users\Emanuel\Desktop Windows 7 Professional Service Pack 1 (X64) (2018-04-09 09:53:03) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-652811554-794021937-3607036813-500 - Administrator - Disabled) Emanuel (S-1-5-21-652811554-794021937-3607036813-1000 - Administrator - Enabled) => C:\Users\Emanuel Gość (S-1-5-21-652811554-794021937-3607036813-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-652811554-794021937-3607036813-1002 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Acquisition version 0.8b (HKLM-x32\...\{53E25C0C-0305-47BB-9884-F0F202297AF4}_is1) (Version: 0.8b - ) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated) Adobe After Effects CC 2017 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F2}) (Version: 14.1.0 - Adobe Systems Incorporated) Adobe Audition CC 2018 (HKLM-x32\...\AUDT_11_1) (Version: 11.1.0 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.1.393 - Adobe Systems Incorporated) Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated) Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated) Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated) Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated) Aktualizacje NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment) Ashampoo Burning Studio 2019 (HKLM-x32\...\{91B33C97-293D-A984-2057-76661C44CB0E}_is1) (Version: 1.20.0 - Ashampoo GmbH & Co. KG) AutoHotkey 1.1.30.01 (HKLM\...\AutoHotkey) (Version: 1.1.30.01 - Lexikos) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) BELOW (HKLM-x32\...\BELOW_is1) (Version: - ) bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.9 - Kakao Games Europe B.V.) Blade & Soul (HKLM-x32\...\{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC) Hidden Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC) Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.03.0002 - Bloody) Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7041 - CDBurnerXP) CPUID HWMonitor Pro 1.36 (HKLM\...\CPUID HWMonitorPro_is1) (Version: 1.36 - CPUID, Inc.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0410 - Disc Soft Ltd) Destiny 2 (HKLM-x32\...\Destiny 2) (Version: - Blizzard Entertainment) Discord (HKU\S-1-5-21-652811554-794021937-3607036813-1000\...\Discord) (Version: 0.0.301 - Discord Inc.) Discord (HKU\S-1-5-21-652811554-794021937-3607036813-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Discord) (Version: 0.0.301 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.35 - NVIDIA Corporation) Hidden Dragon Quest XI (HKLM-x32\...\Dragon Quest XI_is1) (Version: - ) EdenEternal version 1 (HKLM-x32\...\EdenEternal_is1) (Version: 1 - Aeria Games) Ezviz Studio (HKLM-x32\...\{49DF99D3-BC81-439A-8F40-A0529159024C}_is1) (Version: - EZVIZ Inc.) FINAL FANTASY XIV ONLINE (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.) Freemake Audio Converter wersja 1.1.7 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.7 - Ellora Assets Corporation) Game Installer (HKLM-x32\...\Game Installer 1.0.0) (Version: 1.0.0 - Intrepid Studios, Inc.) GlassWire 2.1 (remove only) (HKLM-x32\...\GlassWire 2.1) (Version: 2.1.140 - SecureMix LLC) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) HP LaserJet Professional CP1020 Series (HKLM\...\HP LaserJet Professional CP1020 Series) (Version: - ) HPLJUT (HKLM-x32\...\{229D6185-BD7E-494B-A73B-C5215BE0690E}) (Version: 1.00.0012 - HP) Hidden hppcp1025LaserJetService (HKLM-x32\...\{F31BF057-0D5E-485E-ADFD-560314A27912}) (Version: 1.00.0000 - Hewlett-Packard) hppLaserJetService (HKLM-x32\...\{5093AE98-D510-4BEB-BAC1-7FC8ECE35B98}) (Version: 007.015.00635 - Hewlett-Packard) Hidden Informacje o systemie Creative (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation) Intrepid Studios Launcher (HKLM-x32\...\Launcher 1.0.114) (Version: 1.0.114 - Intrepid Studios, Inc.) Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Launcher (HKLM-x32\...\{57EBDBA4-CEEE-46D4-9B83-D020605160D4}) (Version: 1.0.114 - Intrepid Studios, Inc.) Hidden LibreOffice 6.0.2.1 (HKLM\...\{673086D4-1E80-4ED2-A68E-2F6AF26F9760}) (Version: 6.0.2.1 - The Document Foundation) Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains) Malwarebytes (wersja 3.6.1.2711) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) Mass Effect: Andromeda (HKLM-x32\...\Mass Effect: Andromeda_is1) (Version: - ) Microsoft .NET Core Runtime - 2.0.7 (x64) (HKLM-x32\...\{b7cb6538-e06d-4f16-ae77-f9d8b79960f5}) (Version: 2.0.7.26407 - Microsoft Corporation) Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation) Microsoft .NET Framework 4.7.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.7.03062 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Monster Hunter World (HKLM-x32\...\Monster Hunter World_is1) (Version: - ) Mozilla Firefox 64.0 (x64 pl) (HKLM\...\Mozilla Firefox 64.0 (x64 pl)) (Version: 64.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla) MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD) NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT) Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 2.0.0 - Nexon) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.1 - Notepad++ Team) Nox APP Player (HKLM-x32\...\Nox) (Version: 6.1.1.0 - Duodian Technology Co. Ltd.) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 417.35 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation) NVIDIA Sterownik graficzny 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.35 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.0 - OBS Project) Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.32.18460 - Electronic Arts, Inc.) Panel sterowania NVIDIA 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.35 - NVIDIA Corporation) Hidden ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.112.811.2017 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8382 - Realtek Semiconductor Corp.) RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder) Skype (wersja 8.34) (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.) Sound Blaster Tactic(3D) Alpha (HKLM-x32\...\{2226247D-9846-4370-A1EF-FAA6958F7632}) (Version: 1.0 - Creative Technology Limited) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Streamlabs OBS 0.9.8 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.9.8 - General Workings, Inc.) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: - Gameforge 4D GmbH) Tibia (HKU\S-1-5-21-652811554-794021937-3607036813-1000\...\Tibia) (Version: - CipSoft GmbH) Tibia (HKU\S-1-5-21-652811554-794021937-3607036813-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Tibia) (Version: - CipSoft GmbH) Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.1.0 - Topaz Labs, LLC) Uplay (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-2) (Version: 1.1.70.0 - LunarG, Inc.) Hidden WinRAR 5.50 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) WPS Office (10.2.0.7549) (HKU\S-1-5-21-652811554-794021937-3607036813-1000\...\Kingsoft Office) (Version: 10.2.0.7549 - Kingsoft Corp.) WPS Office (10.2.0.7549) (HKU\S-1-5-21-652811554-794021937-3607036813-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Kingsoft Office) (Version: 10.2.0.7549 - Kingsoft Corp.) XTREME GAMING ENGINE (HKLM-x32\...\GIGABYTE XTREME GAMING ENGINE_is1) (Version: 1.2.5.1 - GIGABYTE Technology Co.,Inc.) YouTube By Click (HKLM-x32\...\{4CFC33AD-851E-4618-B764-651D14E1B6D3}) (Version: 2.2.83 - ByClick) Hidden YouTube By Click (HKLM-x32\...\YouTube By Click 2.2.83) (Version: 2.2.83 - ByClick) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-652811554-794021937-3607036813-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-652811554-794021937-3607036813-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-652811554-794021937-3607036813-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-652811554-794021937-3607036813-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-652811554-794021937-3607036813-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-652811554-794021937-3607036813-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-652811554-794021937-3607036813-1000_Classes\CLSID\{70239788-4DAE-49B8-9270-5D8614384B49}\InprocServer32 -> C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll (Zhuhai Kingsoft Office Software Co.,Ltd) CustomCLSID: HKU\S-1-5-21-652811554-794021937-3607036813-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Brak pliku ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Brak pliku ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Brak pliku ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] () ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Brak pliku ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Brak pliku ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] () ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2016-10-16] () ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Brak pliku ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-04-03] (Disc Soft Ltd) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Brak pliku ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-04-03] (Disc Soft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Brak pliku ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Brak pliku ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-12-11] (NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] () ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-09-13] (Alexander Roshal) ContextMenuHandlers1_S-1-5-21-652811554-794021937-3607036813-1000: [kpdf2wordshellext] -> {70239788-4DAE-49B8-9270-5D8614384B49} => C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll [2018-11-30] (Zhuhai Kingsoft Office Software Co.,Ltd) ContextMenuHandlers1_S-1-5-21-652811554-794021937-3607036813-1000: [TextPad8] -> {5A9E21A2-851A-4BEB-B16F-DBBE7D648AF9} => -> Brak pliku ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0BCF19B4-8037-4E62-9EC6-8285489B9F9F} - System32\Tasks\WpsUpdateTask_Emanuel => C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\wtoolex\wpsupdate.exe [2018-12-07] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {0BF1BA2B-5A86-4E20-86F9-432B66074668} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation) Task: {1B839DCE-31FD-4F05-B133-FDB6E0035FF9} - System32\Tasks\WpsExternal_Emanuel_20181130140723 => C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe [2018-11-30] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {1D5ABCBC-5F9E-488F-80C7-164995B0178C} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation) Task: {3412C061-C9F7-4287-BA0F-4AB07A37B4A4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation) Task: {3A23CE01-7B59-4056-9111-C098640819AC} - System32\Tasks\update-S-1-5-21-652811554-794021937-3607036813-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: ) Task: {408181EC-E417-4E06-95C6-54B9A7BAF600} - System32\Tasks\AdobeGCInvoker-1.0-Emanuel-PC-Emanuel => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated) Task: {491F3922-63B0-4A85-A691-3D43A6083402} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation) Task: {58A0EB3B-F7EE-4B6B-B384-2C685F422F28} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22] (Hewlett Packard) Task: {66592BF5-D151-47B4-AE5F-B9FFAAE05330} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation) Task: {6E7FDE48-EFEF-4621-92CC-75CE08E04757} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-09-20] (Intel(R) Corporation) Task: {728AA929-E444-4EF9-85B3-0F759251CDEA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation) Task: {78AEF8F1-0A0D-4750-B666-07F5A073502B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation) Task: {86A8C328-D14D-4B22-B76B-46E24648D428} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd) Task: {8B467A06-90D3-4A8C-AACC-4727BC4BA52E} - System32\Tasks\AdobeAAMUpdater-1.0-Emanuel-PC-Emanuel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-10] (Adobe Systems Incorporated) Task: {9CA0E388-E27F-48B6-B4E9-4D5089B91D28} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd) Task: {A2E646D2-F011-4924-9567-12EAF985CCA4} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation) Task: {A99F4C69-B7F7-41B5-AC1C-5A07A4B3F065} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation) Task: {B51D9E26-0EBD-47CC-8A4A-652B6C98C03E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated) Task: {CD08E48B-39A9-4303-93F4-DA259302E480} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation) Task: {E9D17A3D-4BFD-487D-83C6-3DFE310A68C0} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation) Task: {F0489865-3608-47CE-84CA-479DC1AEA68C} - System32\Tasks\DecEmanuel => C:\Users\Emanuel\AppData\Roaming\rccajzyoup.exe <==== UWAGA Task: {F97E4D54-4BC0-4EC0-AABD-EC932B26BC21} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: ) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\update-S-1-5-21-652811554-794021937-3607036813-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2018-10-03 15:21 - 2018-12-11 08:08 - 000154504 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2018-04-09 11:35 - 2012-11-28 11:18 - 000129024 ____N () C:\Windows\System32\HPCP1020LM.DLL 2018-02-10 00:12 - 2018-03-05 19:47 - 000614848 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll 2016-10-16 02:19 - 2016-10-16 02:19 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll 2018-12-15 21:12 - 2018-12-06 11:13 - 001314672 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-06-05 12:01 - 2011-04-24 23:13 - 000753664 ____N () C:\WINDOW\System32\smss.exe 2018-11-28 16:46 - 2018-11-28 16:46 - 000061408 _____ () C:\Program Files\CCleaner\branding.dll 2018-12-25 03:54 - 2018-09-12 11:35 - 002701064 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-12-25 03:54 - 2018-09-12 17:57 - 002785784 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-12-15 21:12 - 2018-12-06 11:12 - 101251952 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2018-12-15 21:12 - 2018-12-06 11:12 - 004619632 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libglesv2.dll 2018-12-15 21:12 - 2018-12-06 11:12 - 000108400 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libegl.dll 2018-08-30 10:48 - 2018-10-30 19:06 - 001057056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll 2018-08-30 10:48 - 2018-09-23 01:00 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll 2018-08-30 10:48 - 2018-09-23 01:00 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll 2018-08-30 10:48 - 2018-09-23 01:00 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll 2018-05-01 21:00 - 2018-04-30 22:01 - 001891672 _____ () C:\Users\Emanuel\AppData\Local\Discord\app-0.0.301\ffmpeg.dll 2018-04-17 19:56 - 2018-10-30 19:06 - 000879904 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2018-04-17 19:56 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2018-04-17 19:56 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2018-04-17 19:56 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2018-04-17 19:56 - 2018-11-26 21:29 - 002649376 _____ () C:\Program Files (x86)\Steam\video.dll 2018-04-17 19:56 - 2017-12-20 02:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll 2018-04-17 19:56 - 2017-12-20 02:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll 2018-04-17 19:56 - 2017-12-20 02:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll 2018-04-17 19:56 - 2017-12-20 02:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll 2018-04-17 19:56 - 2017-12-20 02:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll 2018-04-17 19:56 - 2018-11-26 21:29 - 001028384 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2018-04-17 19:56 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2018-05-01 21:00 - 2018-04-30 22:01 - 001937752 _____ () C:\Users\Emanuel\AppData\Local\Discord\app-0.0.301\libglesv2.dll 2018-05-01 21:00 - 2018-04-30 22:01 - 000095576 _____ () C:\Users\Emanuel\AppData\Local\Discord\app-0.0.301\libegl.dll 2018-05-02 06:42 - 2018-12-19 15:49 - 011328856 _____ () \\?\C:\Users\Emanuel\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node 2018-05-02 06:42 - 2018-11-16 16:12 - 001639256 _____ () \\?\C:\Users\Emanuel\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node 2018-05-02 06:42 - 2018-05-02 06:42 - 000512856 _____ () \\?\C:\Users\Emanuel\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node 2018-05-02 06:42 - 2018-12-19 15:49 - 001658712 _____ () \\?\C:\Users\Emanuel\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node 2018-10-01 15:24 - 2018-10-10 16:13 - 009621848 _____ () \\?\C:\Users\Emanuel\AppData\Roaming\discord\0.0.301\modules\discord_cloudsync\discord_cloudsync.node 2018-05-02 06:42 - 2018-05-02 06:42 - 002722648 _____ () \\?\C:\Users\Emanuel\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node 2018-05-02 06:42 - 2018-11-27 15:48 - 001718104 _____ () \\?\C:\Users\Emanuel\AppData\Roaming\discord\0.0.301\modules\discord_overlay2\discord_overlay2.node 2018-08-11 08:29 - 2018-12-13 13:08 - 001261400 _____ () \\?\C:\Users\Emanuel\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node 2018-08-11 08:29 - 2018-12-11 15:29 - 021991256 _____ () \\?\C:\Users\Emanuel\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node 2018-05-02 06:43 - 2018-05-02 06:43 - 002760536 _____ () \\?\C:\Users\Emanuel\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node 2018-05-02 06:43 - 2018-05-02 06:43 - 001249112 _____ () \\?\C:\Users\Emanuel\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node 2018-05-02 06:42 - 2018-12-20 08:33 - 001639256 _____ () \\?\C:\Users\Emanuel\AppData\Roaming\discord\0.0.301\modules\discord_hook\discord_hook.node 2018-12-15 21:12 - 2018-12-06 11:13 - 001032560 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-09-25 12:28 - 2017-09-25 12:28 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2018-12-25 17:24 - 2018-12-13 08:34 - 000217512 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2019\decmpa.dll 2018-12-25 17:24 - 2018-12-13 08:34 - 001217960 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2019\acdwWAV.dll 2018-12-25 17:24 - 2018-12-13 08:34 - 001231272 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2019\acdwMP3.dll 2018-12-25 17:24 - 2018-12-13 08:34 - 001395624 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2019\acdwVorbis.dll 2018-12-25 17:24 - 2018-12-13 08:34 - 001266600 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2019\acdwFLAC.dll 2018-12-25 17:24 - 2018-12-13 08:34 - 001221544 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2019\acdwWMA.dll 2018-12-25 17:24 - 2018-12-13 08:34 - 001313704 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2019\acdwCDA.dll 2018-12-25 17:24 - 2018-12-13 08:34 - 001353128 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2019\acdwOpus.dll 2018-12-25 17:24 - 2018-12-13 08:34 - 001280936 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2019\acdwApe.dll 2018-12-25 17:24 - 2018-12-13 08:34 - 000139176 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2019\audiotools.dll 2018-12-12 13:03 - 2018-12-12 13:03 - 000180688 _____ () C:\Program Files (x86)\GlassWire\EasyHook32.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000068264 _____ () C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\krpt.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 009273000 _____ () C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\QtCore4.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000200360 _____ () C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\wpscloudsvrimp.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000894632 _____ () C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\QtNetwork4.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000277160 _____ () C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\curls.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 011410088 _____ () C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\QtWebKit4.DLL 2018-11-30 14:07 - 2018-11-30 14:07 - 000247976 _____ () C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\phonon4.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000189608 _____ () C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\addons\kpluginrunner\kpluginrunner.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000054440 _____ () C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\rubyenv.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 002253992 _____ () C:\Users\Emanuel\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.20181019.0\ruby.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000251560 _____ () C:\Users\Emanuel\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.20181019.0\qtruby4.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000031912 _____ () C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\smokebase.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 003614848 _____ () C:\Users\Emanuel\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.20181019.0\smokeqtcore.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 001018024 _____ () C:\Users\Emanuel\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.20181019.0\smokekso.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000046760 _____ () C:\Users\Emanuel\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.20181019.0\win32api.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000082088 _____ () C:\Users\Emanuel\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.20181019.0\win32ole.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000028840 _____ () C:\Users\Emanuel\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.20181019.0\qtwebkitruby.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000277160 _____ () C:\Users\Emanuel\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.20181019.0\smokeqtwebkit.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 001048744 _____ () C:\Users\Emanuel\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.20181019.0\QtScript4.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000030376 _____ () C:\Users\Emanuel\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.20181019.0\strscan.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000037544 _____ () C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\qt\plugins\imageformats\qgif4.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000039080 _____ () C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\qt\plugins\imageformats\qico4.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000174760 _____ () C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\qt\plugins\imageformats\qjpeg4.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000288936 _____ () C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\qt\plugins\imageformats\qtiff4.dll 2018-11-30 14:07 - 2018-11-30 14:07 - 000135848 _____ () C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\qt\plugins\imageformats\qwdp4.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\Users\Emanuel\AppData\Local\Temp:$DATA​ [16] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2018-12-25 03:29 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-652811554-794021937-3607036813-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-652811554-794021937-3607036813-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.8.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeUpdateService => 2 MSCONFIG\Services: AGMService => 2 MSCONFIG\Services: AGSService => 2 MSCONFIG\Services: Disc Soft Lite Bus Service => 3 MSCONFIG\Services: EasyAntiCheat => 3 MSCONFIG\Services: mracsvc => 3 MSCONFIG\Services: NGS => 3 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: Origin Web Helper Service => 2 MSCONFIG\Services: PnkBstrA => 2 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Corporation) FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Corporation) FirewallRules: [{6D225F32-790A-4A7E-BE14-F939C5F32DF9}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd) FirewallRules: [TCP Query User{E65B68AD-1C3E-4063-8F40-B059D360B76D}D:\nekopara vol.3\nekoparavol3.exe] => (Allow) D:\nekopara vol.3\nekoparavol3.exe (Ares inc.) FirewallRules: [UDP Query User{A374CECC-49F3-4437-8FDC-5D2F7F16ABDC}D:\nekopara vol.3\nekoparavol3.exe] => (Allow) D:\nekopara vol.3\nekoparavol3.exe (Ares inc.) FirewallRules: [TCP Query User{2F7AE020-85E8-4F2B-A6B3-BC34C2D391AA}C:\program files (x86)\black desert online\bin64\blackdesert64.exe] => (Allow) C:\program files (x86)\black desert online\bin64\blackdesert64.exe () FirewallRules: [UDP Query User{C742BB9C-2447-4154-92F2-D3FEA27ECD90}C:\program files (x86)\black desert online\bin64\blackdesert64.exe] => (Allow) C:\program files (x86)\black desert online\bin64\blackdesert64.exe () FirewallRules: [{DA3C33E8-51AF-4757-BED1-7BF547E8ADDF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) FirewallRules: [{D6588AE5-B05E-493C-9C73-F118208A5856}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) FirewallRules: [{466C8708-C031-4638-B758-EA73833335FC}] => (Allow) LPort=443 FirewallRules: [{7F9FCB56-0CA8-4FEA-8765-0FB957388585}] => (Allow) LPort=8080 FirewallRules: [{5F03E482-C2DC-418E-84AF-B9B39268533B}] => (Allow) LPort=3659 FirewallRules: [{3F5772EA-6DF0-420E-A94A-8972B010704D}] => (Allow) LPort=42127 FirewallRules: [{FF2FF07E-EAC4-43D9-83D3-909FEF786F1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe () FirewallRules: [{D8B8A23E-E284-4E38-BE81-8B9C858631BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe () FirewallRules: [{4B9AE092-DD2F-4D0E-B09E-90444660CCE0}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD.) FirewallRules: [{2D61D85D-939B-49DE-A60B-EBD2776666DF}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD.) FirewallRules: [{D666516E-69C1-4DE3-A000-7B3ED6BEB4B0}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD.) FirewallRules: [{D3C9BBEB-BB84-473F-A0C4-F37C6BBD7C73}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD.) FirewallRules: [{CEB9D1DA-AD60-4AC7-B159-EF6E4B91CD43}] => (Allow) D:\Program Files\Nox\bin\Nox.exe (Duodian Technology Co. Ltd.) FirewallRules: [{AA24C518-55C6-4439-8A44-4B346CDFCF7C}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (BigNox Corporation) FirewallRules: [TCP Query User{C552CE07-F9F7-4649-8C9F-13C1F9324183}D:\never\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe] => (Allow) D:\never\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe () FirewallRules: [UDP Query User{D22CE93B-FD14-4D4C-95CD-0812D2FF2DCD}D:\never\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe] => (Allow) D:\never\steamapps\common\cryptic studios\neverwinter\live\x64\gameclient.exe () FirewallRules: [{AB6D55F1-5697-41B6-8D29-6DF92102FD66}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) FirewallRules: [{54D4CC02-2A8C-42E8-8E4A-E124C01FE4D7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) FirewallRules: [{59BC4392-21DE-4148-A3B7-43B0E858F98C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation) FirewallRules: [{29F18EDE-5C47-46BC-BEE9-DC68FE45E320}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation) FirewallRules: [{3694AB53-08A8-423E-991C-A5D0DBA640D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation) FirewallRules: [{4C594DC4-B90D-4A65-AF34-F69ABCE14BD1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation) FirewallRules: [{66E5F0A1-28FD-4533-BA51-C71705AAB184}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe () FirewallRules: [{B35C124B-BCAB-4ED3-B567-4818A13A8FB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe () FirewallRules: [TCP Query User{EC17FEC2-B8FD-4C6B-9B6F-68E0E6DB20A8}C:\users\emanuel\desktop\anydesk.exe] => (Allow) C:\users\emanuel\desktop\anydesk.exe () FirewallRules: [UDP Query User{FE2F705C-2723-434A-8AB1-E4B4AE145014}C:\users\emanuel\desktop\anydesk.exe] => (Allow) C:\users\emanuel\desktop\anydesk.exe () FirewallRules: [TCP Query User{19C5B75F-989A-4551-AC9A-1B3781F2CEBE}C:\program files (x86)\neverwinter_pl\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_pl\neverwinter\live\x64\gameclient.exe () FirewallRules: [UDP Query User{2BB8DEEF-A6EB-4C4A-A725-D581AADAC0AE}C:\program files (x86)\neverwinter_pl\neverwinter\live\x64\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_pl\neverwinter\live\x64\gameclient.exe () FirewallRules: [TCP Query User{C5327547-BD42-48DD-93F8-7C0E0CF3FD5A}D:\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe () FirewallRules: [UDP Query User{6750FFFC-776C-4E0B-8222-F8E83B590450}D:\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.170\deploy\leagueclient.exe () FirewallRules: [{E43CBA2B-FFD9-4712-9A02-3F3A0378D87E}] => (Allow) D:\AeriaGames\Aura Kingdom\game.bin (X-LEGEND Entertaimment) FirewallRules: [{F6D8C7DE-D018-4601-AEF2-CF4354CFEE69}] => (Allow) D:\AeriaGames\Aura Kingdom\game.bin (X-LEGEND Entertaimment) FirewallRules: [{E9F8EE87-F870-4ED7-89F9-1CAD4EF2B5ED}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe () FirewallRules: [{E039A1C8-E524-4C59-B382-EF9CA2EA59A8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe () FirewallRules: [{31EB318F-E94C-4D9A-BA86-654A0E76EF1E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe () FirewallRules: [{E65998C0-0020-474F-A2B5-3F6426897766}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe () FirewallRules: [{5420F268-E4D6-4BA4-976F-941B67B9BCC1}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (EA Digital Illusions CE AB) FirewallRules: [{D1CF5680-7DF0-495F-BE85-5D162180F254}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (EA Digital Illusions CE AB) FirewallRules: [TCP Query User{1A9C882C-738C-4BD8-BC9B-040E25A4F1BB}D:\destiny 2\destiny2.exe] => (Allow) D:\destiny 2\destiny2.exe (Bungie) FirewallRules: [UDP Query User{449E31AE-43B3-48C3-95A2-F64A16F153F1}D:\destiny 2\destiny2.exe] => (Allow) D:\destiny 2\destiny2.exe (Bungie) FirewallRules: [TCP Query User{90C07075-8B3C-4B22-8FAD-5639B34B40B2}D:\destiny 2\destiny2.exe] => (Allow) D:\destiny 2\destiny2.exe (Bungie) FirewallRules: [UDP Query User{52A9EA07-85D1-48E1-9D3C-1373CC05D2DA}D:\destiny 2\destiny2.exe] => (Allow) D:\destiny 2\destiny2.exe (Bungie) FirewallRules: [{4BC91B91-9B0F-4F45-81F5-0BCA8177AFFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe () FirewallRules: [{4254C1D0-37EF-4A19-B659-CB6F15E1BE55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe () FirewallRules: [TCP Query User{5761B0A5-52CD-41A7-8F14-09ACB9BB7137}D:\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe () FirewallRules: [UDP Query User{AB35B224-6B5A-4A53-8187-64649EC09B23}D:\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) D:\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe () FirewallRules: [{A640A2BC-9D47-402D-80E6-730A40A60087}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{FC62113C-301A-452A-A0EF-3C0C745832FE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [TCP Query User{C29A9613-ADE9-4A81-8232-9CCC5FD3C125}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe (Blizzard Entertainment) FirewallRules: [UDP Query User{B421BFE3-556B-463C-871A-CD91B6F47DB5}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe (Blizzard Entertainment) FirewallRules: [{C928DF99-819D-4705-A5C5-C9CB3EDE718E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.) FirewallRules: [{7A5CF14A-F8E7-4B77-86CE-3B21C0C30DAE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.) FirewallRules: [{7EAE7371-55AD-4ADC-AEF2-2F2D679AC255}] => (Allow) D:\Never\steamapps\common\Ring of Elysium\SLauncher.exe () FirewallRules: [{05980C4B-3ED5-4F74-8C7D-22009546502B}] => (Allow) D:\Never\steamapps\common\Ring of Elysium\SLauncher.exe () FirewallRules: [{913A5037-E2D8-4A28-9420-FA6C75F00EA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe () FirewallRules: [{727D3DC0-C3EA-4636-9F93-B997B30C05D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe () FirewallRules: [{62AAE69F-CA68-4E9B-8709-CE071A4E5B47}] => (Allow) C:\Users\Emanuel\AppData\Local\Kingsoft\WPS Office\10.2.0.7549\office6\wpscloudsvr.exe (Zhuhai Kingsoft Office Software Co.,Ltd) FirewallRules: [{5F585BBD-3F00-4F79-8897-C64D5F68FC01}] => (Allow) D:\Never\steamapps\common\Spellbreak\Launch_Spellbreak.exe (EasyAntiCheat Ltd) FirewallRules: [{D160892C-1282-45C7-811D-91AD6B05D387}] => (Allow) D:\Never\steamapps\common\Spellbreak\Launch_Spellbreak.exe (EasyAntiCheat Ltd) FirewallRules: [{1C137E6C-BCF6-410C-BAF4-991BD2F59D2C}] => (Allow) C:\AeriaGames\EdenEternal\_Launcher.exe (X-LEGEND ENTERTAINMENT) FirewallRules: [{2DCA7819-B7F7-44D7-A685-50358F1F486A}] => (Allow) C:\AeriaGames\EdenEternal\_Launcher.exe (X-LEGEND ENTERTAINMENT) FirewallRules: [{E2D9247B-8AB7-4062-89D7-765B8DDE9BF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) FirewallRules: [{B4926EFA-9EF2-4647-A212-CF7426B384FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) FirewallRules: [{358CAC2A-419D-47D2-A5D0-E5BEB061C943}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) FirewallRules: [{009B4F38-557B-45F0-9D28-991AD5AA82DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) FirewallRules: [{7208EA19-5171-4BAF-B23E-7E5AA4D8E509}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation) FirewallRules: [{40CDF294-4DB3-431B-95E7-DB169F5EE3B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation) FirewallRules: [{B5AF7FF7-025D-40A4-9282-AD8C4B80BA85}] => (Allow) D:\AOC\Intrepid Studios Launcher.exe (Intrepid Studios) FirewallRules: [{D030314B-5F7F-4A2D-81DF-3C8DBBE87E5C}] => (Allow) D:\AOC\resources\app.asar.unpacked\externals\patcher\Patcher.exe () FirewallRules: [{19E95F3A-D9AD-428D-8134-5D8EFCBE0BDD}] => (Allow) D:\AOC\updater.exe (Intrepid Studios, Inc.) FirewallRules: [{9A2AF7E1-3842-450C-A50B-D99024E5EA06}] => (Allow) C:\Program Files (x86)\Intrepid Studios, Inc\Ashes of Creation Apocalypse\EasyAntiCheat\EasyAntiCheat_Setup.exe (EasyAntiCheat Ltd) FirewallRules: [TCP Query User{68783AD8-415A-474C-9CC2-05CF2FC60DB9}C:\program files (x86)\intrepid studios, inc\ashes of creation apocalypse\apoc\binaries\win64\apoc-win64-shipping.exe] => (Allow) C:\program files (x86)\intrepid studios, inc\ashes of creation apocalypse\apoc\binaries\win64\apoc-win64-shipping.exe (Intrepid Studios, Inc.) FirewallRules: [UDP Query User{9BEF28C5-26FE-4ABE-8DD7-53A02A73C1A0}C:\program files (x86)\intrepid studios, inc\ashes of creation apocalypse\apoc\binaries\win64\apoc-win64-shipping.exe] => (Allow) C:\program files (x86)\intrepid studios, inc\ashes of creation apocalypse\apoc\binaries\win64\apoc-win64-shipping.exe (Intrepid Studios, Inc.) FirewallRules: [{3A4F765B-5A7D-46B0-94EA-30C9F8BBC83C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe (Panic Art Studios ) FirewallRules: [{DE3E6E19-D665-4EC2-8A17-DE71A5E431C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe (Panic Art Studios ) FirewallRules: [{14CFFCA3-69E5-4654-9C7A-743043DA3441}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd) FirewallRules: [{7837B83D-6294-43C7-9060-D307EB6B1B6E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd) FirewallRules: [{21CE9244-4AB5-42D8-B656-3750E7A1F942}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD.exe Brak pliku FirewallRules: [{2492FA33-464C-400E-9806-8DE3EE334D54}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Kernel\DMS\CLMSServerPDVD18.exe Brak pliku FirewallRules: [{46B6B42F-9549-4F62-8D70-3C9D40FA8FBC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe Brak pliku FirewallRules: [{8E0D8E1C-9886-497C-931C-2EA5208C05B3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\Movie\PowerDVDMovie.exe Brak pliku FirewallRules: [{903B01B7-D214-474B-91E7-7821F5BF4E51}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD18\CastingStation.exe Brak pliku FirewallRules: [{4CFAE90C-1D11-440F-B43C-9245E27031D0}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (SecureMix LLC) FirewallRules: [{7C677EB8-DFEE-4106-A60C-BF88833F3997}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (SecureMix LLC) ==================== Punkty Przywracania systemu ========================= 21-12-2018 15:00:17 Windows Update 22-12-2018 09:31:45 Installed Launcher 22-12-2018 09:35:49 Zainstalowany program DirectX 25-12-2018 03:18:50 ComboFix created restore point 25-12-2018 04:08:17 Removed Warframe 25-12-2018 18:31:02 Malwarebytes Anti-Rootkit Restore Point ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Mysz Microsoft PS/2 Description: Mysz Microsoft PS/2 Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/25/2018 06:34:28 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program FRST64.exe w wersji 24.12.2018.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1044 Godzina rozpoczęcia: 01d49c76d984e7ff Godzina zakończenia: 10 Ścieżka aplikacji: C:\Users\Emanuel\Desktop\FRST64.exe Identyfikator raportu: Error: (12/25/2018 05:13:25 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program setup.exe w wersji 1.0.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 22bc Godzina rozpoczęcia: 01d49c6ca5e0475f Godzina zakończenia: 5 Ścieżka aplikacji: C:\Users\Emanuel\AppData\Local\Temp\RarSFX0\setup.exe Identyfikator raportu: Error: (12/25/2018 03:02:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: acquisition.exe, wersja: 0.8.2.0, sygnatura czasowa: 0x5c1051b0 Nazwa modułu powodującego błąd: Qt5WebEngineCore.dll, wersja: 5.10.1.0, sygnatura czasowa: 0x5a7dcff8 Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x00bf9881 Identyfikator procesu powodującego błąd: 0x1454 Godzina uruchomienia aplikacji powodującej błąd: 0x01d49c5424fc993f Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Acquisition\acquisition.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Acquisition\Qt5WebEngineCore.dll Identyfikator raportu: b78d798f-084d-11e9-b831-4ccc6a5f92ff Error: (12/25/2018 01:04:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: xcoronahost.xem, wersja: 3.5.0.42, sygnatura czasowa: 0x5be55832 Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0x80000002 Przesunięcie błędu: 0x77028658 Identyfikator procesu powodującego błąd: 0x1210 Godzina uruchomienia aplikacji powodującej błąd: 0x01d49c49b518631f Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Black Desert Online\bin64\XC\NA\2\xcoronahost.xem Ścieżka modułu powodującego błąd: unknown Identyfikator raportu: 4aa0721f-083d-11e9-b831-4ccc6a5f92ff Error: (12/25/2018 11:49:46 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: HPLaserJetService.exe, wersja: 7.15.635.0, sygnatura czasowa: 0x4d39aa4e Nazwa modułu powodującego błąd: hppccompio.DLL, wersja: 1.3.0.24, sygnatura czasowa: 0x4c9685d0 Kod wyjątku: 0xc0000417 Przesunięcie błędu: 0x000073bf Identyfikator procesu powodującego błąd: 0x5ac Godzina uruchomienia aplikacji powodującej błąd: 0x01d49c3f5afbb101 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\hppccompio.DLL Identyfikator raportu: cadc6054-0832-11e9-b831-4ccc6a5f92ff Error: (12/25/2018 11:48:46 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/25/2018 03:53:14 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/25/2018 03:52:45 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: HPLaserJetService.exe, wersja: 7.15.635.0, sygnatura czasowa: 0x4d39aa4e Nazwa modułu powodującego błąd: hppccompio.DLL, wersja: 1.3.0.24, sygnatura czasowa: 0x4c9685d0 Kod wyjątku: 0xc0000417 Przesunięcie błędu: 0x000073bf Identyfikator procesu powodującego błąd: 0x588 Godzina uruchomienia aplikacji powodującej błąd: 0x01d49bfcc0335341 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe Ścieżka modułu powodującego błąd: C:\Windows\system32\hppccompio.DLL Identyfikator raportu: 27600b34-07f0-11e9-b9ce-4ccc6a5f92ff Dziennik System: ============= Error: (12/25/2018 05:02:35 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\CdRom1. Error: (12/25/2018 05:02:26 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\CdRom1. Error: (12/25/2018 05:02:18 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\CdRom1. Error: (12/25/2018 04:54:33 PM) (Source: cdrom) (EventID: 7) (User: ) Description: W urządzeniu \Device\CdRom0 wystąpił zły blok. Error: (12/25/2018 04:54:25 PM) (Source: cdrom) (EventID: 7) (User: ) Description: W urządzeniu \Device\CdRom0 wystąpił zły blok. Error: (12/25/2018 04:54:17 PM) (Source: cdrom) (EventID: 7) (User: ) Description: W urządzeniu \Device\CdRom0 wystąpił zły blok. Error: (12/25/2018 04:54:09 PM) (Source: cdrom) (EventID: 7) (User: ) Description: W urządzeniu \Device\CdRom0 wystąpił zły blok. Error: (12/25/2018 04:54:01 PM) (Source: cdrom) (EventID: 7) (User: ) Description: W urządzeniu \Device\CdRom0 wystąpił zły blok. Windows Defender: =================================== Date: 2018-05-23 10:49:05.413 Description: Podczas skanowania produktu Windows Defender wykryto program szpiegujący lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Prepscram&threatid=226289 Nazwa:SoftwareBundler:Win32/Prepscram Id.:226289 Ważność:Wysoki Kategoria:Program instalujący niezamówione pakiety oprogramowania Znaleziona ścieżka:file:C:\Program Files (x86)\Removewat 2.2.7\Setup activation.exe;process:pid:4476 Typ wykrycia:Konkretne Źródło wykrycia:Ochrona w czasie rzeczywistym Stan:Nieznane Użytkownik:\ Nazwa procesu: Date: 2018-07-04 16:38:27.956 Description: Produkt Windows Defender napotkał błąd podczas próby aktualizacji podpisów. Nowa wersja podpisu:1.271.442.0 Poprzednia wersja podpisu:1.269.1075.0 Źródło aktualizacji:Użytkownik Typ podpisu:Oprogramowanie antyszpiegowskie Typ aktualizacji:Różnica Użytkownik:ZARZĄDZANIE NT\SYSTEM Bieżąca wersja aparatu:1.1.15000.2 Poprzednia wersja aparatu:1.1.14901.4 Kod błędu:0x80070666 Opis błędu:Inna wersja tego produktu jest już zainstalowana na tym komputerze. Nie można kontynuować instalowania tej wersji. Aby skonfigurować lub usunąć istniejącą wersję tego produktu, użyj aplikacji Dodaj/Usuń Programy z Panelu sterowania. Date: 2018-07-04 16:38:27.956 Description: Produkt Windows Defender napotkał błąd podczas próby aktualizacji aparatu. Nowa wersja aparatu:1.1.15000.2 Poprzednia wersja aparatu:1.1.14901.4 Źródło aktualizacji:Użytkownik Użytkownik:ZARZĄDZANIE NT\SYSTEM Kod błędu:0x80070666 Opis błędu:Inna wersja tego produktu jest już zainstalowana na tym komputerze. Nie można kontynuować instalowania tej wersji. Aby skonfigurować lub usunąć istniejącą wersję tego produktu, użyj aplikacji Dodaj/Usuń Programy z Panelu sterowania. Date: 2018-04-09 11:54:46.055 Description: Produkt Windows Defender napotkał błąd podczas próby załadowania podpisów i podejmie próbę powrotu do znanego zestawu dobrych podpisów. Podpisy objęte próbą:Bieżące Kod błędu:0x80070003 Opis błędu:System nie może odnaleźć określonej ścieżki. Wersja podpisu:0.0.0.0 Wersja aparatu:0.0.0.0 CodeIntegrity: =================================== Date: 2018-12-25 03:27:22.146 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-12-25 03:27:22.087 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-12-25 03:27:22.027 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-12-25 03:27:21.965 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-10-03 12:25:09.490 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-10-03 12:25:09.443 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-10-02 21:03:33.148 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-10-02 21:03:33.101 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz Procent pamięci w użyciu: 37% Całkowita pamięć fizyczna: 16331.91 MB Dostępna pamięć fizyczna: 10209.6 MB Całkowita pamięć wirtualna: 32661.96 MB Dostępna pamięć wirtualna: 24734.06 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:495.73 GB) (Free:138.46 GB) NTFS Drive d: () (Fixed) (Total:1367.19 GB) (Free:589.76 GB) NTFS \\?\Volume{2ba033a4-3bdb-11e8-853e-806e6f6e6963}\ (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 4654CCF2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=495.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=1367.2 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================