Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 19-05.2019 Uruchomiony przez MSI (22-05-2019 14:35:29) Uruchomiony z C:\Users\MSI\Downloads Windows 10 Pro Wersja 1803 17134.765 (X64) (2018-09-10 21:21:34) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-48022257-3295023164-590493501-500 - Administrator - Disabled) Gość (S-1-5-21-48022257-3295023164-590493501-501 - Limited - Disabled) Konto domyślne (S-1-5-21-48022257-3295023164-590493501-503 - Limited - Disabled) MSI (S-1-5-21-48022257-3295023164-590493501-1001 - Administrator - Enabled) => C:\Users\MSI WDAGUtilityAccount (S-1-5-21-48022257-3295023164-590493501-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-48022257-3295023164-590493501-1001\...\uTorrent) (Version: 3.5.5.45231 - BitTorrent Inc.) 7-Zip 19.00 (HKLM-x32\...\7-Zip) (Version: 19.00 - Igor Pavlov) Adobe After (HKLM\...\{6A915992-D887-4897-82F5-950EDD12DEB1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated) Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_0_1) (Version: 14.0.1 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.5.0.331 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated) Aktualizacje NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Audacity 2.3.1 (HKLM-x32\...\Audacity_is1) (Version: 2.3.1 - Audacity Team) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software) CastVPN version 1.1 (HKLM-x32\...\CastVPN_is1) (Version: 1.1 - ) CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform) CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 397.55 - NVIDIA Corporation) Hidden Driver Easy 5.6.10 (HKLM\...\DriverEasy_is1) (Version: 5.6.10 - Easeware) fik Trujillo Updater version 1.0.0.6 (HKLM\...\{7753FBBA-09F5-4968-9700-B051AC808831}_is1) (Version: 1.0.0.6 - ) FileZilla Client 3.37.1 (HKLM-x32\...\FileZilla Client) (Version: 3.37.1 - Tim Kosse) Free Sound Recorder v10.8.8 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright(C) 2005-2015 FreeSoundRecorder Technologies, Inc.) FTPRush 2.1.8 (HKLM-x32\...\FTP Rush_is1) (Version: 2.1.8 - wftpserver.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1823.12.0.1137 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6169 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.5.0.1027 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.295.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c700a043-5a4c-4d61-aa88-6c4191f25b64}) (Version: 1.50.295.0 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1045-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation) Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{D175D43C-776D-436D-A75A-E637EDE76973}) (Version: 16.5.0.1027 - Intel Corporation) IObit Uninstaller 8 (HKLM-x32\...\IObitUninstall) (Version: 8.5.0.6 - IObit) Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) KB Piano 2.5.1 Shareware version (HKLM-x32\...\KB Piano_is1) (Version: - ) Killer Performance Driver Suite UWD (HKLM\...\{EA96C191-90EF-45D3-A815-1557259B77F4}) (Version: 1.7.1030 - Rivet Networks) Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6) Live 8.2.2 (HKLM-x32\...\Live 8.2.2) (Version: - ) Max 5.1.9 (HKLM\...\{1ED09A2E-9CB0-4694-B108-BD414AD32C2F}) (Version: 135.1.9 - Cycling '74) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft OneDrive (HKU\S-1-5-21-48022257-3295023164-590493501-1001\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.18.0628 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0628 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 397.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 397.55 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.37.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 397.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 397.55 - NVIDIA Corporation) Obsługa programów Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.7.0 - Microleaves) Hidden <==== UWAGA Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{ba25c46f-28f8-4449-97ab-7bb20f3f9a9c}) (Version: 20.30.0 - Intel Corporation) Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden Panel sterowania NVIDIA 397.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 397.55 - NVIDIA Corporation) Hidden QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17134.31242 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8496 - Realtek Semiconductor Corp.) ShutdownTime version 1.0 (HKLM-x32\...\ShutdownTime_is1) (Version: 1.0 - ) Stellar Phoenix Video Repair (HKLM-x32\...\Stellar Phoenix Video Repair_is1) (Version: 2.0.0.0 - Stellar Information Technology Pvt Ltd.) Tibia (HKU\S-1-5-21-48022257-3295023164-590493501-1001\...\Tibia) (Version: - CipSoft GmbH) Trujillo version 1.5 (HKLM\...\{E1527582-8509-4011-B922-29E3FB548882}_is1) (Version: 1.5 - ) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden WinRAR 5.70 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) WinZip 23.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2411D}) (Version: 23.0.13300 - Corel Corporation) Packages: ========= Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1510.1.0_x86__kgqvnymyfvs32 [2019-05-20] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.139.500.0_x86__kgqvnymyfvs32 [2019-05-16] (king.com) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.520.0_x64__rz1tebttyb220 [2019-03-12] (Dolby Laboratories) Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.28.2803.0_x86__ytsefhwckbdv6 [2019-04-29] (G5 Entertainment AB) Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_1.6.2131.0_x64__rh07ty8m5nkag [2018-09-11] (Rivet Networks LLC) March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.0.1.1_x86__h6adky7gbf63m [2019-05-18] (Gameloft.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.136.0_x64__dt26b99r8h8gj [2018-09-11] (Realtek Semiconductor Corp) SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2019-01-10] (Synaptics Incorporated) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-48022257-3295023164-590493501-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-05-23] () [Brak podpisu cyfrowego] ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> ) ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-03-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-03-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2018-10-23] (Corel Corporation -> WinZip Computing) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> ) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> ) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-05-23] () [Brak podpisu cyfrowego] ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> ) ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2018-10-23] (Corel Corporation -> WinZip Computing) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2f24486b42920c1d\igfxDTCM.dll [2018-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-05-03] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-25] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-03-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-03-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2018-10-23] (Corel Corporation -> WinZip Computing) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2018-05-23 14:32 - 2018-05-23 14:32 - 000125952 _____ (Intel Corporation) [Brak podpisu cyfrowego] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-48022257-3295023164-590493501-1001\...\line6.net -> line6.net ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2018-04-12 01:38 - 2019-05-22 14:29 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\QuickTime\QTSystem\ HKU\S-1-5-21-48022257-3295023164-590493501-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg DNS Servers: 31.11.202.254 - 37.8.214.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == Załączenie wejścia w fixlist spowoduje jego usunięcie. ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{548757ED-38DB-4F9E-8364-5868B6C2596E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> ) FirewallRules: [{7018D6D4-1B29-474D-8481-9E84447950DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{780DF6B8-398D-4585-82DB-5FEC837EF715}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F6C821C3-C99E-4400-AB61-23DA0844A64B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B45D8B13-C96C-4B58-A372-F7E92CD5C485}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{854C1E09-D69E-458C-8F49-5F89C3CD47ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3C37EDB7-BF11-4C37-975A-691FF86F8CC0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8E53A8B7-78C8-4BEE-8CFC-1E40A68BC3A3}] => (Allow) C:\Users\MSI\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{F4A3E577-743A-4A4B-8A25-49A36474ABBA}] => (Allow) C:\Users\MSI\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{56D502AD-D25E-4193-828B-4464D5C4637F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{27AD6FE4-C65C-4487-8BD7-53C46EA69C56}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{E361FAE7-74AD-43D6-AD6B-65AE66F1F8B4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{BAC66922-6443-4839-B5D3-3CE8AA200078}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware) FirewallRules: [{397C7B5C-DC83-4346-AF12-4DE4EF44F0A6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) ==================== Punkty Przywracania systemu ========================= 10-05-2019 11:35:07 Zaplanowany punkt kontrolny 15-05-2019 16:47:41 Windows Update 20-05-2019 21:03:21 Windows Update 22-05-2019 01:20:03 Removed Ableton Live 10 Trial ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Kaspersky Lab power events provider Description: Kaspersky Lab power events provider Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: KL Service: klhk Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (05/22/2019 02:27:20 PM) (Source: MsiInstaller) (EventID: 10005) (User: ZARZĄDZANIE NT) Description: Aplikacja: Kaspersky Free -- Błąd 29000. Musisz zamknąć Kaspersky Free przed kontynuacją instalacji. Dziennik System: ============= Error: (05/22/2019 02:32:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-OVRVGRK) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-OVRVGRK\MSI o identyfikatorze zabezpieczeń SID (S-1-5-21-48022257-3295023164-590493501-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (05/22/2019 02:30:38 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (05/22/2019 02:30:38 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (05/22/2019 02:29:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OVRVGRK) Description: Serwer {9BA05972-F6A8-11CF-A442-00A0C90A8F39} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (05/22/2019 02:29:48 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OVRVGRK) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (05/22/2019 02:29:48 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OVRVGRK) Description: Serwer {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (05/22/2019 01:18:18 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (05/22/2019 12:45:52 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-OVRVGRK) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi DESKTOP-OVRVGRK\MSI o identyfikatorze zabezpieczeń SID (S-1-5-21-48022257-3295023164-590493501-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. CodeIntegrity: =================================== Date: 2019-05-22 14:32:12.584 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_050f64e5d1203d9e\nvdlistx.dll that did not meet the Microsoft signing level requirements. Date: 2019-05-22 14:23:00.893 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_050f64e5d1203d9e\nvdlistx.dll that did not meet the Microsoft signing level requirements. Date: 2019-05-22 14:22:38.919 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_050f64e5d1203d9e\nvdlistx.dll that did not meet the Microsoft signing level requirements. Date: 2019-05-22 14:22:36.842 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_050f64e5d1203d9e\nvdlistx.dll that did not meet the Microsoft signing level requirements. Date: 2019-05-22 14:22:33.473 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_050f64e5d1203d9e\nvdlistx.dll that did not meet the Microsoft signing level requirements. Date: 2019-05-22 14:22:33.180 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_050f64e5d1203d9e\nvdlistx.dll that did not meet the Microsoft signing level requirements. Date: 2019-05-22 14:22:30.906 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_050f64e5d1203d9e\nvdlistx.dll that did not meet the Microsoft signing level requirements. Date: 2019-05-22 12:45:53.241 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_050f64e5d1203d9e\nvdlistx.dll that did not meet the Microsoft signing level requirements. ==================== Statystyki pamięci =========================== BIOS: American Megatrends Inc. E16P5IMS.109 05/16/2018 Motherboard: Micro-Star International Co., Ltd. MS-16P5 Procesor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz Procent pamięci w użyciu: 25% Całkowita pamięć fizyczna: 32611.94 MB Dostępna pamięć fizyczna: 24383.9 MB Całkowita pamięć wirtualna: 37475.94 MB Dostępna pamięć wirtualna: 27864.34 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:237.87 GB) (Free:79.19 GB) NTFS Drive e: (DANIEL) (Removable) (Total:0.24 GB) (Free:0.18 GB) FAT Drive g: (video) (Fixed) (Total:476.91 GB) (Free:224.59 GB) exFAT \\?\Volume{e65fbff1-01ab-4913-a5d9-778a219c4b9c}\ (Odzyskiwanie) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS \\?\Volume{60892b55-2b52-49cc-b687-f0585ae8e9d2}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 2 (Protective MBR) (Size: 243.1 MB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt ============================