Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 21-09-2016 Uruchomiony przez Deeway (24-09-2016 12:29:24) Uruchomiony z C:\Users\szef\Downloads Windows 10 Home Wersja 1607 (X64) (2016-08-17 17:37:37) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1744258245-1269414707-2549313799-500 - Administrator - Disabled) Deeway (S-1-5-21-1744258245-1269414707-2549313799-1000 - Administrator - Enabled) => C:\Users\szef Gość (S-1-5-21-1744258245-1269414707-2549313799-501 - Limited - Disabled) Konto domyślne (S-1-5-21-1744258245-1269414707-2549313799-503 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AV: ESET NOD32 Antivirus 9.0.401.1 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET NOD32 Antivirus 9.0.401.1 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1744258245-1269414707-2549313799-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.4 64-bit (HKLM\...\{558B5965-CC1B-4AF1-BA07-5D6832404050}) (Version: 5.4.0 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{F37C2975-92EA-59CA-59E6-50E56F0E76DD}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version: - Ubisoft) Assassins Creed Syndicate (HKLM-x32\...\Assassins Creed Syndicate_is1) (Version: - ) Asystent uaktualnienia do systemu Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17350 - Microsoft Corporation) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Emergency 4 (HKLM-x32\...\{FDB2EB0C-1803-4367-B2F1-9B76C0CD4486}) (Version: 1.00.0000 - sixteen tons entertainment) ESET NOD32 Antivirus (HKLM\...\{F5CAEF3F-D580-4563-A41E-5830F37F9937}) (Version: 9.0.349.6 - ESET, spol. s r.o.) Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software) Euro Truck Simulator 2 Multiplayer 0.2.0.3.1 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.3.1 Alpha - ETS2MP Team) Fraps (HKLM-x32\...\Fraps) (Version: - ) <==== UWAGA Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation) L.A. Noire (HKLM\...\Steam App 110800) (Version: - Team Bondi) L.A. Noire PL [BDIP] wersja 1.01 (HKLM-x32\...\{C863E3ED-F40F-411B-925D-87824CC81DCF}_is1) (Version: 1.01 - BDIP) LSPD First Response (HKLM-x32\...\LSPD First Response) (Version: 0.3.1 - G17 Media) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Games for Windows - LIVE (HKLM-x32\...\{A1C962E2-2426-49C6-A38B-9A07E40D607C}) (Version: 3.2.217.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden NVIDIA PhysX (HKLM-x32\...\{F9835182-794B-4F24-902A-E2CA9D43380F}) (Version: 9.10.0512 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) polskiej lokalizacja dla Adobe Lightroom 5.x (HKU\S-1-5-21-1744258245-1269414707-2549313799-1000\...\polskiej lokalizacja dla Adobe Lightroom 5.x) (Version: - ) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.89.716.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games) S.T.A.L.K.E.R. - Clear Sky [v1.0003] (HKLM-x32\...\S.T.A.L.K.E.R. - Clear Sky_is1) (Version: 1.0003 - Deep Silver) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) <==== UWAGA Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) System Requirements Lab Detection (HKLM-x32\...\{6A393CEA-B5CB-451B-B1F5-896E7DB09979}) (Version: 6.1.6.0 - Husdawg, LLC) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer) The Sims 4 - Get to Work (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - ) The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com) TruckersMP 0.2.1.0.1 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.1.0.1 Alpha - ETS2MP Team) Unity Web Player (HKU\S-1-5-21-1744258245-1269414707-2549313799-1000\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft) WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Winterberg Configurator wersja WEM Confi 8.8 (HKLM-x32\...\{58C3816E-B1BC-40B6-A97C-4358292A74C6}_is1) (Version: WEM Confi 8.8 - ) Y2Go (HKLM-x32\...\Y2Go) (Version: - Y2Go) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1744258245-1269414707-2549313799-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\szef\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {07A8B3FE-E157-4C9C-8C2E-9369B53D96C3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {12DF5160-AA37-4437-B4EA-8378FBF95CA7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {132CD984-D83E-4A8C-B680-AF2E52E44FE6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {18A3F8E1-5B18-4E8A-8803-01E6ACFDB5DD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {2AF08598-B58A-414D-9575-C80E9FD3DCE4} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {2F66917E-5A48-4D25-85F7-FB6091273F79} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-22] (Google Inc.) Task: {308A01BD-D3E2-4561-B2F3-2691ACAFF621} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {3EBDD542-6D68-4EBF-A870-BD10F7719306} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {403E6ADD-6BCC-4151-BBD1-AD632F07C64B} - System32\Tasks\Y2Go\Updater\Y2GoUpdater => C:\Program Files (x86)\Y2GoUpdater\updater.exe Task: {43307F80-32E9-44F1-83D8-209DE0D89E62} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd) Task: {441740FD-CA28-4FAF-ACA1-41561EA700B0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {44D8076C-D72E-472B-B9C8-19299B71B564} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {483E8D8B-6E76-4584-B82D-EAE193A90D7F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {49E410DC-4C67-4A44-A319-6B13541AA2FD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {5DB3AC88-FD58-42BE-8F50-346D3F96D270} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-11] (Adobe Systems Incorporated) Task: {629786F0-022E-48C1-9DB7-28AD6382F0C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-22] (Google Inc.) Task: {69BD4826-71A8-4112-8C1A-534BA60326F5} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {7CBCA9C2-95C2-4AFE-BEA3-93F38173D3ED} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {862B6D19-689E-4F79-8AA1-3F8F83C5E0CA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {87EE9D59-5210-4288-AFBE-1B244AE92572} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {8B161DEB-16CC-4CBF-AA97-5776C4C1F008} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {9240AE9B-6436-4B93-96D6-18C4004D1333} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-09-14] (Microsoft Corporation) Task: {95172110-1B24-41B8-ACFD-C3A3AB40676F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {9BC99EF8-7768-4701-8F89-C518FFFAF16E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {A85D7188-1982-4636-BA05-6C2065DDE40C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {AC9D81C8-9BB0-4544-AD88-BEA29AF25672} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {AD236905-01FE-4234-920A-F935EE07E413} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {AF03FF84-7E62-4FDF-AE5C-CC191F2BF1F5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {B347B61D-4A89-4781-B004-D7A4A89A0344} - System32\Tasks\Y2Go\Y2Go\Y2Go => C:\Program Files (x86)\Y2Go\bin\Y2Go.exe Task: {B9A0E03C-7D14-4F6E-866B-8880461D734D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {C49C678A-63CB-48A3-9402-98284501A7E1} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Brak pliku <==== UWAGA Task: {C4BFEFA4-D381-4A51-B8A0-34B6214CA581} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {D2A0C977-01E2-4E46-A3C9-37E092C19EC9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {D44627F4-F513-49E8-A037-8C7DA7829236} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {D82E6043-F1B5-4AFC-AB62-315EF74713D4} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {E454C2FC-F831-4E18-9361-0670DAEA03CC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {E6C1EF5F-E66E-401F-961A-2AC4590A128D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {EA3AF552-5978-4E10-B9B6-7A96A8CB463E} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {F58BD1FD-B93E-4EAD-B53C-D9B921D996BC} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {F85E5397-2810-41BB-A601-D99402BC4B73} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {FDE9D01A-0DA2-40BC-A57E-1F14B59620CC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {FF6D002A-78E9-4359-8145-5DFD8F8FA472} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\szef\Desktop\Gry\Plаy Еurо Тruсk Simulаtоr 2 Мultiplаyеr.lnk -> D:\Steam\steam\games\Euro Truck Simulator 2 Multiplayer\launcher.bat () Shortcut: C:\Users\szef\Desktop\Gry\Еurо Тruсk Simulаtоr 2 Мultiplаyеr.lnk -> D:\TruckersMP\launcher_ets2mp.bat () Shortcut: C:\Users\szef\Desktop\Gry\Мuvе Dоwnlоаdеr.lnk -> D:\Muve\Muve Downloader\Launcher.bat () Shortcut: C:\Users\szef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (Brak pliku) Shortcut: C:\Users\szef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (Brak pliku) Shortcut: C:\Users\szef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (Brak pliku) Shortcut: C:\Users\szef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (Brak pliku) Shortcut: C:\Users\szef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (Brak pliku) Shortcut: C:\Users\szef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (Brak pliku) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (Brak pliku) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (Brak pliku) ShortcutWithArgument: C:\Users\szef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Załadowane moduły (filtrowane) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-09-14 15:59 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-09-14 18:38 - 2015-09-14 19:21 - 00076152 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe 2016-09-14 15:59 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-08-17 19:40 - 2016-08-17 19:40 - 00959168 _____ () C:\Users\szef\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll 2016-09-14 15:58 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-09-14 15:58 - 2016-09-07 06:57 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-09-14 15:57 - 2016-09-07 06:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-09-14 15:59 - 2016-09-07 06:35 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-09-14 15:59 - 2016-09-07 06:35 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-09-14 15:58 - 2016-09-07 06:35 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-09-14 15:57 - 2016-09-07 06:40 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll 2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2016-04-15 20:07 - 2016-04-15 20:07 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2016-06-24 12:51 - 2016-06-24 12:51 - 00138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe 2016-08-30 20:36 - 2016-08-30 20:37 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2016-08-30 20:36 - 2016-08-30 20:37 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2016-08-30 20:36 - 2016-08-30 20:37 - 35288064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2016-09-22 23:20 - 2016-09-14 04:52 - 02280264 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll 2016-09-22 23:20 - 2016-09-14 04:52 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2016-09-22 12:25 - 00001006 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1744258245-1269414707-2549313799-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\szef\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 188.120.239.115 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKLM\...\StartupApproved\Run32: => "StartCCC" HKU\S-1-5-21-1744258245-1269414707-2549313799-1000\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-1744258245-1269414707-2549313799-1000\...\StartupApproved\Run: => "OneDrive" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{543B8B81-0C4B-407E-9329-B89C3F80EF72}] => (Allow) D:\Steam\steamapps\common\L.A.Noire\LANLauncher.exe FirewallRules: [{BA900D9D-327C-41A4-AE56-4FCB1008EDA5}] => (Allow) D:\Steam\steamapps\common\L.A.Noire\LANLauncher.exe FirewallRules: [UDP Query User{F0677034-A7EA-429E-9C3D-23C364512E37}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe FirewallRules: [TCP Query User{B3A174DB-7DB7-41C9-A79F-627D6B211B26}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe FirewallRules: [{860FE8E9-7595-4E97-8B01-D393383B852B}] => (Allow) D:\WATCH_DOGS\bin\Watch_Dogs.exe FirewallRules: [{FF578984-F428-4028-8134-0EC47F89B37E}] => (Allow) D:\WATCH_DOGS\bin\Watch_Dogs.exe FirewallRules: [{8B2E3595-2688-4285-A426-89ACD11EE2B3}] => (Allow) D:\Assassin's Creed Rogue\ACC.exe FirewallRules: [{DCF2B2E1-6371-40C4-B857-1C83A5EFBB4D}] => (Allow) D:\Assassin's Creed Rogue\ACC.exe FirewallRules: [{4C42524B-7BE7-4156-A26B-510A69891A85}] => (Allow) D:\Zoo Tycoon 2\zt.exe FirewallRules: [{A83BFFC2-AEBD-473B-8886-1286F867EAD1}] => (Allow) D:\Zoo Tycoon 2\zt.exe FirewallRules: [UDP Query User{D929AAA0-6AC8-4DEB-9AE7-D88A52FBD295}D:\ride\ridex64.exe] => (Allow) D:\ride\ridex64.exe FirewallRules: [TCP Query User{B49F659A-72D7-4227-8511-451C99B088B1}D:\ride\ridex64.exe] => (Allow) D:\ride\ridex64.exe FirewallRules: [UDP Query User{128BBBEB-FEFF-470C-B9F8-D8073411754F}D:\ride\ride.exe] => (Allow) D:\ride\ride.exe FirewallRules: [TCP Query User{5E1E878A-643F-4A0B-A59E-0535AA2A9D6E}D:\ride\ride.exe] => (Allow) D:\ride\ride.exe FirewallRules: [UDP Query User{381EA7B7-1502-41F9-826B-810AD9416E16}D:\aciii\assassin's creed 3\ac3sp.exe] => (Allow) D:\aciii\assassin's creed 3\ac3sp.exe FirewallRules: [TCP Query User{15418FA3-96E1-483C-8BD4-DD99C041EB1E}D:\aciii\assassin's creed 3\ac3sp.exe] => (Allow) D:\aciii\assassin's creed 3\ac3sp.exe FirewallRules: [UDP Query User{11FD655A-311B-493B-BD40-29B3211B8EA8}D:\medal of honor\mohpa.exe] => (Allow) D:\medal of honor\mohpa.exe FirewallRules: [TCP Query User{ABF940C1-BABF-42C4-A617-72202DCAA0E0}D:\medal of honor\mohpa.exe] => (Allow) D:\medal of honor\mohpa.exe FirewallRules: [{90146F80-E3F0-4BD1-8F68-3454581868B5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [UDP Query User{0D9423CF-BA29-4106-BBFD-C376948080AE}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe FirewallRules: [TCP Query User{8B77C67B-7E55-4884-82A3-601EFE3B95C6}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe FirewallRules: [{F4D9501A-656F-4F50-A427-03C3E092F1B7}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{E6AD0179-FFC2-4764-8160-80FBFBC5D6A6}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{7DF2E7FE-96A4-48DE-88EC-716009C9D604}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{41BBC9BC-FD17-4613-A0E9-B0FF0B0C250B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [UDP Query User{50DEDB1E-5C40-45F2-988D-4A36EAA289DC}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe FirewallRules: [TCP Query User{F44214B5-0419-4F52-8A80-4DAD095CC026}D:\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\rockstar games\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{A0B7605E-01B8-4037-A08B-A070CB106680}D:\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) D:\r.g. mechanics\far cry 4\bin\farcry4.exe FirewallRules: [TCP Query User{7163CADB-0483-4632-B6AF-1F02A722A31A}D:\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) D:\r.g. mechanics\far cry 4\bin\farcry4.exe FirewallRules: [{C64B9D47-40D8-4908-BEEF-3711585C574E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{28A0931C-0E48-44E5-974D-6F4EF028A098}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{A493BDE3-46FB-4CA3-A178-5278F8BD3CBD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{CF27969C-C73E-420E-8D88-F5ABE1399224}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{BDFAE6D7-6819-4788-90D6-A156D752AE3C}] => (Allow) C:\Users\szef\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F04659A2-5694-4E49-BE4F-600282BD280C}] => (Allow) C:\Users\szef\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7550EA9E-3335-4C81-A418-A3FE6D882F80}] => (Allow) C:\Users\szef\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CDD46B19-0B27-4330-8078-3EAFD13C087C}] => (Allow) C:\Users\szef\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{80B60F77-5B31-430E-8E60-EAF6F3D5856C}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{38877FBF-6D38-4148-9430-66CE3EF50E20}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{AAB79CCE-A8B1-4FC3-B2FD-6F19432B73B9}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{D585EB87-8F94-43B0-8FEF-D2BE76F5755E}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{E3F96990-BDC8-4DE7-A9EB-07B5C151D20C}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{35B05C4D-CFF5-461A-B5FE-F85849032881}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{3D215675-32AD-46FC-A448-E9A4EF08C017}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{51D2A3A7-ACDF-44A6-B0B2-B847A68028B7}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{467AF4F2-4402-46C0-A7F3-B513363DD207}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{25107960-C073-4030-9B4C-BE65F0009970}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{A463DADE-1627-4083-9B6C-708AB1AF0ED3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{8EB8469C-AFB3-4D60-A35F-867F57CFBB6A}] => (Allow) LPort=2869 FirewallRules: [{86CC44B7-78B2-4246-B4F0-5EAA0B965AF7}] => (Allow) LPort=1900 FirewallRules: [{A93B0D6A-005E-4167-B73E-A99733987D02}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{2BD7E92A-F77F-4C18-9020-89AA212C0011}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{9D416379-53AF-471F-A0ED-09952CBCE29C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{439EE8BE-DFFA-47F6-B14F-057304FD856A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{EE308EA7-AB2A-49AB-9D83-A492773ACC0F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{D39E8185-D55D-4E1C-808D-40E721B7BC16}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{252857D9-F6E9-46B6-B041-EF43CF6C2A37}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe FirewallRules: [{F16FD39C-767E-4EC1-B833-EBC6D76ABE06}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe FirewallRules: [TCP Query User{36578562-9F9F-482C-B100-821C3261E631}C:\program files (x86)\origin games\command and conquer red alert ii\gamemd.exe] => (Allow) C:\program files (x86)\origin games\command and conquer red alert ii\gamemd.exe FirewallRules: [UDP Query User{35DF05AE-28B2-4129-8342-2E8B69869455}C:\program files (x86)\origin games\command and conquer red alert ii\gamemd.exe] => (Allow) C:\program files (x86)\origin games\command and conquer red alert ii\gamemd.exe FirewallRules: [TCP Query User{04C9369E-8D90-4F6B-BD86-6F4990607204}D:\dying light\dyinglightgame.exe] => (Allow) D:\dying light\dyinglightgame.exe FirewallRules: [UDP Query User{0A46B041-A4B9-49F6-B571-531BC8E75A89}D:\dying light\dyinglightgame.exe] => (Allow) D:\dying light\dyinglightgame.exe FirewallRules: [{702484A5-E5C0-4EAA-BF99-F6207F6A450A}] => (Allow) D:\Origin\Command and Conquer Red Alert II\RA2Launcher.exe FirewallRules: [{7E929CAF-E539-4B29-86AF-9EF3A11F4815}] => (Allow) D:\Origin\Command and Conquer Red Alert II\RA2Launcher.exe FirewallRules: [TCP Query User{CF4935BA-1870-4E35-9886-4CC0CE2A7FE6}D:\evolution soccer 2016\pes2016.exe] => (Allow) D:\evolution soccer 2016\pes2016.exe FirewallRules: [UDP Query User{15919182-1F98-4CEA-8285-98DB4C7F6ECD}D:\evolution soccer 2016\pes2016.exe] => (Allow) D:\evolution soccer 2016\pes2016.exe FirewallRules: [TCP Query User{1A08526B-A9AA-49A8-BBD8-137E31CA310A}D:\origin\command and conquer red alert ii\gamemd.exe] => (Allow) D:\origin\command and conquer red alert ii\gamemd.exe FirewallRules: [UDP Query User{499B9FE4-C709-4D46-8ABE-32567A638072}D:\origin\command and conquer red alert ii\gamemd.exe] => (Allow) D:\origin\command and conquer red alert ii\gamemd.exe FirewallRules: [TCP Query User{9DA84EC1-63D4-4714-95B5-682275E666AC}D:\origin\fifa 16 demo\fifa16_demo.exe] => (Allow) D:\origin\fifa 16 demo\fifa16_demo.exe FirewallRules: [UDP Query User{67528534-23D8-4141-8DFA-2D0207021F47}D:\origin\fifa 16 demo\fifa16_demo.exe] => (Allow) D:\origin\fifa 16 demo\fifa16_demo.exe FirewallRules: [{FE0F57B7-ADAD-4A0B-9E8B-8F9F55A8119A}] => (Allow) D:\Stronghold 2\Stronghold2.exe FirewallRules: [{67AA5E72-9F29-4AC4-BFCB-46B79F021D70}] => (Allow) D:\Stronghold 2\Stronghold2.exe FirewallRules: [{5BE6B576-7627-478E-899C-E3597E1D060B}] => (Allow) D:\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe FirewallRules: [{2112621D-1439-43C2-9B33-E12F262732AC}] => (Allow) D:\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe FirewallRules: [{75841B32-D678-4201-A412-E9FF89BB70D9}] => (Allow) D:\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe FirewallRules: [{5CC70918-CE53-4B58-B66B-DA2981CA8115}] => (Allow) D:\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe FirewallRules: [TCP Query User{5A83D984-544F-4C38-93C9-D0C9D2A87C9A}D:\motogp 15\motogp15x64.exe] => (Allow) D:\motogp 15\motogp15x64.exe FirewallRules: [UDP Query User{CA7B25AD-4288-4646-91B4-904D6C1683EC}D:\motogp 15\motogp15x64.exe] => (Allow) D:\motogp 15\motogp15x64.exe FirewallRules: [TCP Query User{79043223-6F66-4455-B971-1D785CE948C2}D:\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz.exe FirewallRules: [UDP Query User{B8D633A7-F109-4AEB-8D43-6C28FA809A21}D:\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz.exe FirewallRules: [{43E5DF6B-5CDF-4FE7-81FB-3C12BF6CA689}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{A06EF712-A23A-4824-B3F9-5D8D9B61EED2}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{4670AC7D-5AEF-408E-869F-308C1E0B45FC}D:\assassin's creed iii\ac3sp.exe] => (Allow) D:\assassin's creed iii\ac3sp.exe FirewallRules: [UDP Query User{353A324D-CEC2-459D-BB49-BBDAC3B58031}D:\assassin's creed iii\ac3sp.exe] => (Allow) D:\assassin's creed iii\ac3sp.exe FirewallRules: [TCP Query User{8A6363E4-D5A8-46C6-A3E9-8C6BF9C5EDF6}D:\origin\battlefield 1 open beta\bf1.exe] => (Allow) D:\origin\battlefield 1 open beta\bf1.exe FirewallRules: [UDP Query User{21D8EC16-62A2-46BD-A1DB-2217B6CFC159}D:\origin\battlefield 1 open beta\bf1.exe] => (Allow) D:\origin\battlefield 1 open beta\bf1.exe FirewallRules: [{78D6BF92-1772-40EB-BCCA-E256E592BD83}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{20068EF6-734B-42C4-A4B9-262CA023B1F3}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{522AFC6A-9903-41CC-90F6-293A2D25C8C4}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{00577E74-4A1B-4B24-8707-1AB69D00F7A5}] => (Allow) D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{C19702B6-623C-4DB6-B83F-B694DAF63C3D}] => (Allow) C:\Program Files (x86)\Y2Go\bin\Y2Go.exe FirewallRules: [{8FBCB350-89E0-440F-910D-41ABC542B9CB}] => (Allow) C:\Program Files (x86)\Y2Go\bin\Y2Go.exe FirewallRules: [{2A4AC7E2-B9A2-4F60-BDDF-0DDFAEB92FFE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Kontroler klasy magazynu SD Description: Kontroler klasy magazynu SD Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318} Manufacturer: Ogólne Service: sdstor Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (09/24/2016 11:22:35 AM) (Source: ESENT) (EventID: 455) (User: ) Description: taskhostw (3012) WebCacheLocal: Wystąpił błąd -1811 (0xfffff8ed) podczas otwierania pliku dziennika C:\Users\szef\AppData\Local\Microsoft\Windows\WebCache\V010031A.log. Error: (09/24/2016 11:21:09 AM) (Source: Windows Search Service) (EventID: 3104) (User: ) Description: Wyliczenie sesji użytkownika w celu wygenerowania puli filtrów nie powiodło się. Szczegóły: (HRESULT : 0x80040210) (0x80040210) Error: (09/24/2016 11:21:09 AM) (Source: Windows Search Service) (EventID: 3104) (User: ) Description: Wyliczenie sesji użytkownika w celu wygenerowania puli filtrów nie powiodło się. Szczegóły: (HRESULT : 0x80040210) (0x80040210) Error: (09/24/2016 12:34:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DEEWAYROCKET) Description: Aktywacja aplikacji Microsoft.Windows.Photos_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2147023673. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (09/24/2016 12:23:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DEEWAYROCKET) Description: Działanie pakietu Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe+App zostało zakończone, ponieważ operacja wstrzymywania pakietu trwała zbyt długo. Error: (09/24/2016 12:07:48 AM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Błąd podczas aktualizowania stanu na wartość SECURITY_PRODUCT_STATE_OFF (błąd %3). Error: (09/24/2016 12:07:48 AM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Błąd podczas aktualizowania stanu na wartość SECURITY_PRODUCT_STATE_OFF (błąd %3). Error: (09/24/2016 12:07:48 AM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Błąd podczas aktualizowania stanu na wartość SECURITY_PRODUCT_STATE_OFF (błąd %3). Error: (09/24/2016 12:07:44 AM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Błąd podczas aktualizowania stanu na wartość SECURITY_PRODUCT_STATE_OFF (błąd %3). Error: (09/24/2016 12:07:44 AM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Błąd podczas aktualizowania stanu na wartość SECURITY_PRODUCT_STATE_OFF (błąd %3). Dziennik System: ============= Error: (09/24/2016 11:22:33 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} i identyfikatorem aplikacji APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (09/24/2016 11:20:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa NetTcpActivator zależy od usługi NetTcpPortSharing, której nie można uruchomić z powodu następującego błędu: Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia. Error: (09/24/2016 11:19:40 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa AdaptiveSleepService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (09/24/2016 11:19:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (09/24/2016 11:19:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Kolejkowanie komunikatów niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (09/24/2016 11:19:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa PnkBstrA niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (09/24/2016 11:19:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa MBAMService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (09/24/2016 11:19:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa MBAMScheduler niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (09/24/2016 11:19:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 5000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (09/24/2016 11:19:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa AMD External Events Utility niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. CodeIntegrity: =================================== Date: 2016-09-24 11:21:29.607 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-09-24 11:21:29.605 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-09-24 11:21:29.603 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-09-24 11:21:29.467 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-09-24 11:12:28.565 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-09-24 11:12:28.562 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-09-24 11:12:28.560 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-09-24 11:12:28.356 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\Drivers\eelam\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-09-24 00:11:25.277 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-09-24 00:11:25.275 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: AMD FX(tm)-8320 Eight-Core Processor Procent pamięci w użyciu: 42% Całkowita pamięć fizyczna: 8174.11 MB Dostępna pamięć fizyczna: 4695.32 MB Całkowita pamięć wirtualna: 16366.11 MB Dostępna pamięć wirtualna: 12440.48 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:97.12 GB) (Free:33.64 GB) NTFS Drive d: (Nowy) (Fixed) (Total:368.1 GB) (Free:131.62 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5BF5FBEF) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=97.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================