Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 04-10-2016 Uruchomiony przez User (07-10-2016 17:54:55) Uruchomiony z C:\Users\User\Desktop\POMOC Windows 8.1 (Update) (X64) (2014-01-29 04:02:04) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1603572158-3032660878-2733051914-500 - Administrator - Disabled) Gość (S-1-5-21-1603572158-3032660878-2733051914-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1603572158-3032660878-2733051914-1006 - Limited - Enabled) User (S-1-5-21-1603572158-3032660878-2733051914-1001 - Administrator - Enabled) => C:\Users\User ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Ace of Spades (HKLM-x32\...\{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}) (Version: 0.75.015 - Ben Aksoy) Acoustica Basic Edition 6.0 (HKLM-x32\...\{947C5345-DAF2-4516-97E1-5BC72F1FE3B6}_is1) (Version: 6.0.14 - Acon AS) Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.31.4 - Mirillis) Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated) Adobe Reader XI (11.0.17) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated) Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Aktualizacje NVIDIA 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Archeblade (HKLM-x32\...\Steam App 207230) (Version: - CodeBrush Games) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach) Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.5.510 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Bandizip (HKLM\...\Bandizip) (Version: 5.03 - Bandisoft.com) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Broforce (HKLM\...\Steam App 274190) (Version: - Free Lives) Camtasia Studio 8 (HKLM-x32\...\{45F34E54-DAD9-405B-A4F6-B12B0A46B984}) (Version: 8.4.1.1745 - TechSmith Corporation) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Craften Terminal 3.3.4897.28268 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.3.4897.28268 - Craften Dev Team) Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Devil Daggers (HKLM\...\Steam App 422970) (Version: - Sorath) EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts) Elsword_IT (HKLM-x32\...\Elsword_IT_is1) (Version: - ) Elsword_PL (HKLM-x32\...\Elsword_PL_is1) (Version: - ) FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line) FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - ) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version: - Mode 7) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge) Ghost Recon Phantoms - EU (HKU\S-1-5-21-1603572158-3032660878-2733051914-1001\...\d8be6c3f847d7d92) (Version: 1.36.2063.1 - Ubisoft) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 2.02 - Creative Technology Limited) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line) Kaspersky Internet Security Technical Preview (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Internet Security Technical Preview (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Secure Connection Technical Preview (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Secure Connection Technical Preview (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden K-Lite Codec Pack 9.9.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.0 - ) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden LibreOffice 5.2.1.2 (HKLM-x32\...\{30566BDB-4658-461F-AF23-09CF7E2BC1D1}) (Version: 5.2.1.2 - The Document Foundation) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.519 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.519 - LogMeIn, Inc.) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft Auto wersja 1.0 (HKLM-x32\...\{65356EEA-6ABF-437B-A7C7-5AAA0C6086F2}_is1) (Version: 1.0 - hajducek) MKLOL (HKU\S-1-5-21-1603572158-3032660878-2733051914-1001\...\MKLOL) (Version: - ) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts) Nero 7 Essentials (HKLM-x32\...\{66B6D13A-9CC1-417D-B6F2-58AA539D1045}) (Version: 7.03.1303 - Nero AG) NOT A HERO (HKLM\...\Steam App 274270) (Version: - Roll7) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team) NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation) NVIDIA Sterownik graficzny 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation) NVIDIA Wirtualny dźwięk Miracast 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.09 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice.org 3.4.1 (HKLM-x32\...\{18192D3F-5537-4560-AD89-D695F72AF91D}) (Version: 3.41.9593 - Apache Software Foundation) Opera Stable 40.0.2308.81 (HKLM-x32\...\Opera 40.0.2308.81) (Version: 40.0.2308.81 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 9.11.5.17432 - Electronic Arts, Inc.) osu! (HKLM-x32\...\{b8812c28-ce64-45b0-a800-46339485c11e}) (Version: latest - ppy Pty Ltd) Outlast (HKLM\...\Steam App 238320) (Version: - Red Barrels) Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios) Panel sterowania NVIDIA 347.09 (Version: 347.09 - NVIDIA Corporation) Hidden PLAY ONLINE (HKLM-x32\...\PLAY ONLINE) (Version: 21.005.11.14.264 - Huawei Technologies Co.,Ltd) Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) RISE OF METIN version 0.6.25629 (HKLM-x32\...\{CC617346-C8D8-4068-B3E9-64AE456BFBF6}_is1) (Version: 0.6.25629 - Time Voyager Online) RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.) Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung) Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version: - Croteam) SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.) SMITE (HKLM\...\Steam App 386360) (Version: - Hi-Rez Studios) Splash PRO EX (HKLM-x32\...\Mirillis Splash PRO EX) (Version: 1.13.2 - Mirillis) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Super Time Force Ultra (HKLM\...\Steam App 250700) (Version: - Capybara Games) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19.1 - TeamSpeak Systems GmbH) The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.) The Expendabros (HKLM-x32\...\Steam App 312990) (Version: - Free Lives) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) Unity Web Player (HKU\S-1-5-21-1603572158-3032660878-2733051914-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc) Windows 7 Games for Windows 8 and 10 (HKLM-x32\...\MicrosoftGamesForWin8) (Version: 1.1.0.10 - ) WolfTeam-PL (HKLM-x32\...\WolfTeam-PL) (Version: - ) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1603572158-3032660878-2733051914-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Users\User\AppData\Local\Bandizip\bdzshl64.dll (Bandisoft.com) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {314FAC88-34D6-42B2-A53C-000531BFE04D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated) Task: {6DAE65BA-E4C7-4C34-9DF9-6B60CABEE4DF} - System32\Tasks\Opera scheduled Autoupdate 1372986467 => C:\Program Files (x86)\Opera\launcher.exe [2016-10-03] (Opera Software) Task: {A73F4F4F-8ED2-478A-93EB-2DD04EDC75AF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe [2016-09-13] (Adobe Systems Incorporated) Task: {C559B2B4-8E34-46D6-8FA7-4E3841E529C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {CC481D54-E312-4529-B910-985B182070E1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {CDE6ADE6-E479-4BA4-9F7F-F816ECE76CCF} - System32\Tasks\{5F1BD377-F049-4F49-908D-65E73183D12C} => c:\program files (x86)\opera\launcher.exe [2016-10-03] (Opera Software) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2014-01-29 05:46 - 2014-12-13 10:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2013-08-10 14:14 - 2015-03-17 23:55 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 17.0.0\kpcengine.2.3.dll 2016-10-03 21:22 - 2016-09-25 05:47 - 01805416 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libglesv2.dll 2016-10-03 21:22 - 2016-09-25 05:47 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libegl.dll 2016-09-17 08:36 - 2016-09-12 17:48 - 17754304 _____ () C:\Users\User\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.166\pepflashplayer.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-1603572158-3032660878-2733051914-1001\...\aeriagames.com -> hxxps://aeriagames.com IE trusted site: HKU\S-1-5-21-1603572158-3032660878-2733051914-1001\...\aeriagames.com -> hxxp://aeriagames.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1603572158-3032660878-2733051914-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta z Przeglądarki fotografii systemu Windows.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKLM\...\StartupApproved\Run32: => "Aeria Ignite" HKU\S-1-5-21-1603572158-3032660878-2733051914-1001\...\StartupApproved\Run: => "KiesPreload" HKU\S-1-5-21-1603572158-3032660878-2733051914-1001\...\StartupApproved\Run: => "" HKU\S-1-5-21-1603572158-3032660878-2733051914-1001\...\StartupApproved\Run: => "MKLOL" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Punkty Przywracania systemu ========================= 01-10-2016 22:35:34 Installed Hi-Rez Studios Games 01-10-2016 22:38:24 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 01-10-2016 22:39:45 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 01-10-2016 22:40:38 Zainstalowany program DirectX 07-10-2016 17:38:10 Removed Java 7 Update 45 07-10-2016 17:42:08 Restore Point Created by FRST ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (10/07/2016 05:38:44 PM) (Source: VSS) (EventID: 12305) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: wolumin/dysk jest niepodłączony lub nie został odnaleziony. Kontekst błędu: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 0000000000000184,0x00530190,0000000000000000,0,00000086631330B0,4096,[0]). Operacja: Badaj kopie w tle Error: (10/07/2016 09:37:59 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: opera.exe, wersja: 40.0.2308.81, sygnatura czasowa: 0x57eebf44 Nazwa modułu powodującego błąd: apphelp.dll, wersja: 6.3.9600.17415, sygnatura czasowa: 0x54504a2b Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00013d68 Identyfikator procesu powodującego błąd: 0x17b4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2206c48f728ba Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Opera\40.0.2308.81\opera.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\system32\apphelp.dll Identyfikator raportu: f7a321cc-8c60-11e6-8302-7824af32dc47 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (10/03/2016 11:04:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 13 105.1.168.192.in-addr.arpa. PTR Admin.local. Error: (10/03/2016 11:04:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 89.161.27.204:5353 11 105.1.168.192.in-addr.arpa. PTR Ula.local. Error: (10/03/2016 11:03:25 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 13 105.1.168.192.in-addr.arpa. PTR Admin.local. Error: (10/03/2016 11:03:25 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 89.161.27.204:5353 11 105.1.168.192.in-addr.arpa. PTR Ula.local. Error: (10/03/2016 09:38:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: NvBackend.exe, wersja: 16.13.42.0, sygnatura czasowa: 0x5418ec0a Nazwa modułu powodującego błąd: NvBackend.exe, wersja: 16.13.42.0, sygnatura czasowa: 0x5418ec0a Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00001636 Identyfikator procesu powodującego błąd: 0x143c Godzina uruchomienia aplikacji powodującej błąd: 0x01d21da418b6d850 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe Identyfikator raportu: ff76a9cb-89a0-11e6-82fb-7824af32dc47 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (10/03/2016 09:08:04 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 13 105.1.168.192.in-addr.arpa. PTR Admin.local. Error: (10/03/2016 09:08:04 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 89.161.27.204:5353 11 105.1.168.192.in-addr.arpa. PTR Ula.local. Error: (10/02/2016 08:16:22 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 13 105.1.168.192.in-addr.arpa. PTR Admin.local. Dziennik System: ============= Error: (10/07/2016 05:46:09 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (10/07/2016 05:45:52 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (10/07/2016 05:44:03 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (10/07/2016 05:42:38 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: Jedno wystąpienie usługi już działa. . Error: (10/07/2016 05:42:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Instalator Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/07/2016 05:42:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/07/2016 05:42:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Kaspersky Secure Connection Service 1.0.0 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/07/2016 05:42:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (10/07/2016 05:42:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa LogMeIn Hamachi Tunneling Engine niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (10/07/2016 05:42:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa PnkBstrA niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. CodeIntegrity: =================================== Date: 2016-09-17 08:16:55.934 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-17 08:16:55.547 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-17 08:16:53.780 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-17 08:16:53.383 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-17 08:16:52.995 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-17 08:16:52.582 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-17 08:16:52.175 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-17 08:16:51.795 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-17 08:16:51.419 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-17 08:16:51.049 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: AMD FX(tm)-6100 Six-Core Processor Procent pamięci w użyciu: 20% Całkowita pamięć fizyczna: 8174.11 MB Dostępna pamięć fizyczna: 6505.76 MB Całkowita pamięć wirtualna: 9454.11 MB Dostępna pamięć wirtualna: 7550.78 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:146.14 GB) (Free:9.37 GB) NTFS Drive d: () (Fixed) (Total:392.09 GB) (Free:69.58 GB) NTFS Drive e: () (Fixed) (Total:392.94 GB) (Free:37.46 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 61A8E1A5) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=146.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=392.1 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=392.9 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================