Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 07-12-2016 Uruchomiony przez Dominikkoki (14-12-2016 06:46:13) Uruchomiony z D:\pomoc Windows 10 Home Wersja 1607 (X64) (2016-08-12 02:30:58) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2724231249-941711842-670717779-500 - Administrator - Disabled) Dominikkoki (S-1-5-21-2724231249-941711842-670717779-1001 - Administrator - Enabled) => C:\Users\Dominikkoki Gość (S-1-5-21-2724231249-941711842-670717779-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2724231249-941711842-670717779-1003 - Limited - Enabled) Konto domyślne (S-1-5-21-2724231249-941711842-670717779-503 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-2724231249-941711842-670717779-1001\...\uTorrent) (Version: 3.4.9.43057 - BitTorrent Inc.) 7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov) 7-Zip 16.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated) Aktualizacje NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.00.0000 - Ubisoft) Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software) Bandicam (HKLM-x32\...\Bandicam) (Version: 3.2.5.1125 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) ByteFence Anti-Malware (HKLM-x32\...\ByteFence) (Version: 2.1.1.0 - Byte Technologies LLC) <==== UWAGA Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.60 - Conexant) Euro Truck Simulator 2 v1.22.2.4s (29 DLC) (HKLM-x32\...\Euro Truck Simulator 2 v1.22.2.4s (29 DLC)1.22.2.4) (Version: 1.22.2.4 - Friends in War) Garrys Mod version 16.04.30 (HKLM\...\{C8F834F5-46EA-4933-8AA9-F6CD7D29EED0}_is1) (Version: 16.04.30 - Strogino CS Portal) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden GP Vs Superbike (HKU\S-1-5-21-2724231249-941711842-670717779-1001\...\GP Vs Superbike) (Version: 1.0 - ) Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4256 - Intel Corporation) Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.15 - Oracle Corporation) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation) LEGO Marvels Avengers (HKLM-x32\...\LEGO Marvels Avengers_is1) (Version: - ) LEGO® The Hobbit™ DEMO (HKLM-x32\...\{D8434468-F95F-44EC-AE76-F5DB6A5F3511}) (Version: 1.00.0000 - Warner Bros. Interactive Entertainment) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mozilla Firefox 50.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 50.0.1 (x86 pl)) (Version: 50.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.1.6171 - Mozilla) MTA:SA v1.5.2 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.2 - Multi Theft Auto) Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.0.0 - Duodian Technology Co. Ltd.) NVIDIA Sterownik graficzny 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation) paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC) Pakiet sterowników systemu Windows - ASUS (ATP) Mouse (11/11/2015 6.0.0.66) (HKLM\...\82D024CBD181D16D72E5AE45A426919815D5F456) (Version: 11/11/2015 6.0.0.66 - ASUS) Panel sterowania NVIDIA 353.84 (Version: 353.84 - NVIDIA Corporation) Hidden Rayman Legends (HKLM-x32\...\UmF5bWFuTGVnZW5kcw==_is1) (Version: 1 - ) Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.2.6 - Reimage) <==== UWAGA ROBLOX Player for Dominikkoki (HKU\S-1-5-21-2724231249-941711842-670717779-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation) ROBLOX Studio for Dominikkoki (HKU\S-1-5-21-2724231249-941711842-670717779-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation) SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Summer Challenge (HKLM-x32\...\Summer Challenge/PL-Polish_is1) (Version: - City Interactive) Testy Liwona kategoria B wersja 4.0.5 (HKLM-x32\...\ECG43-GFRT4532-GBH56-KJL-4443-LKWBX-342_is1) (Version: 4.0.5 - ) The Escapists (HKLM-x32\...\1423221839_is1) (Version: 2.0.0.1 - GOG.com) The Forest version 0.31b (HKLM-x32\...\{D0CE8BEE-0755-4EEF-A436-0CF4298BF6CF}_is1) (Version: 0.31b - Endnight Games Ltd) UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden Unity (HKLM-x32\...\Unity) (Version: 5.4.2f2 - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-2724231249-941711842-670717779-1001\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft) WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP) WebM Project Directshow Filters (HKU\S-1-5-21-2724231249-941711842-670717779-1001\...\webmdshow) (Version: - ) Windows Driver Package - BigNox Corporation (VBoxUSB) USB (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation) Windows Driver Package - BigNox Corporation VBoxUSBMon System (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation) Windows Driver Package - BigNox Corporation XQHDrv System (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation) World of Tanks (HKU\S-1-5-21-2724231249-941711842-670717779-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) World of Warplanes (HKU\S-1-5-21-2724231249-941711842-670717779-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813eu}_is1) (Version: - Wargaming.net) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2724231249-941711842-670717779-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2724231249-941711842-670717779-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2724231249-941711842-670717779-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2724231249-941711842-670717779-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2724231249-941711842-670717779-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2724231249-941711842-670717779-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2724231249-941711842-670717779-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Dominikkoki\AppData\Local\Roblox\Versions\version-934c86ec4aa148f0\RobloxProxy64.dll (ROBLOX Corporation) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {04F092DC-365C-47D6-9FAA-27EEBD0B5D86} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-10] (AVAST Software) Task: {5C0E8D73-317F-45B0-8515-9B7897FB1AEF} - System32\Tasks\SafeZone scheduled Autoupdate 1465989558 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software) Task: {6ECAB231-9D08-4DCD-88AC-961FF217736A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-02] (Google Inc.) Task: {8250E41B-5D33-450F-8EEE-6374FCB5F3C1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-11-15] (Microsoft Corporation) Task: {9314E3F6-97CF-4A12-B28F-9E560C5A3F3C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-14] (Adobe Systems Incorporated) Task: {A8975AEF-11FC-4546-92CA-5444BEDA01B0} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe [2016-01-22] (Byte Technologies LLC) <==== UWAGA Task: {B6BAC0BD-FB20-4814-BC40-DBC488F20887} - System32\Tasks\{04097D47-790F-0C0C-7811-7D790F7F110D} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcA (dane wartości zawierają 9384 znaków więcej). <==== UWAGA Task: {D5CB0954-BF0B-46FF-9C2E-5E4549C17402} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-02] (Google Inc.) Task: {E26F90AE-273C-4AAC-8F88-2C33B83AB365} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek) Task: {EBCE1AA4-3276-4396-A5FE-B6B1D6AED7CD} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2016-01-22] (Byte Technologies LLC) <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\Public\Desktop\Testy Liwona kategoria B.lnk -> C:\Program Files (x86)\Testy Liwona kategoria B\Start.bat () ==================== Załadowane moduły (filtrowane) ============== 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-09 18:50 - 2016-11-11 11:10 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-08-12 02:50 - 2015-08-07 18:18 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-03-02 14:55 - 2016-08-25 20:28 - 00254280 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe 2016-03-02 14:55 - 2016-08-25 20:28 - 00565064 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe 2016-12-09 18:50 - 2016-11-11 11:10 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-09-01 19:05 - 2016-09-01 19:05 - 01864384 _____ () C:\Users\Dominikkoki\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll 2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\Users\Dominikkoki\AppData\Local\MEGAsync\ShellExtX64.dll 2015-08-14 14:28 - 2015-08-14 14:28 - 00405432 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-09-16 22:30 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-12-09 18:49 - 2016-11-11 10:23 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-11-17 16:29 - 2016-11-17 16:30 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2016-11-17 16:29 - 2016-11-17 16:30 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2016-11-17 16:29 - 2016-11-17 16:30 - 41609728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2016-11-15 15:35 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-11-15 15:36 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-11-15 15:36 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-11-15 15:35 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-11-15 15:36 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-11-23 14:18 - 2016-11-23 14:18 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-11-23 14:18 - 2016-11-23 14:18 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-06-03 12:37 - 2016-06-03 12:38 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2016-11-23 14:18 - 2016-11-23 14:18 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll 2016-11-23 14:18 - 2016-11-23 14:18 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll 2016-09-10 13:46 - 2016-09-10 13:46 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-12-11 13:24 - 2016-12-11 13:24 - 03067904 _____ () C:\Program Files\AVAST Software\Avast\defs\16121100\algo.dll 2016-09-10 13:46 - 2016-09-10 13:46 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-12-13 14:22 - 2016-12-13 14:22 - 03131344 _____ () C:\Program Files\AVAST Software\Avast\defs\16121300\algo.dll 2016-12-13 22:23 - 2016-12-13 22:23 - 03131344 _____ () C:\Program Files\AVAST Software\Avast\defs\16121302\algo.dll 2016-09-01 19:05 - 2016-09-01 19:05 - 01383616 _____ () C:\Users\Dominikkoki\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll 2016-09-01 19:05 - 2016-09-01 19:05 - 00118976 _____ () C:\Users\Dominikkoki\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll 2016-07-05 15:35 - 2016-07-05 15:35 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-11-19 10:16 - 2016-11-08 21:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll 2016-11-19 10:16 - 2016-11-08 21:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2015-12-12 16:06 - 2016-12-12 13:29 - 00002024 ____A C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com 0.0.0.0 cdn.appround.biz 0.0.0.0 cdn.bigspeedpro.com 0.0.0.0 cdn.bispd.com Wykryto więcej niż wyliczono: 4 linii. ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2724231249-941711842-670717779-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dominikkoki\AppData\Roaming\.minecraft\screenshots\2016-11-02_14.30.27.png DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [UDP Query User{6912A159-397E-4A74-80B3-E0CE998F639B}C:\program files\java\jre1.8.0_91\bin\java.exe] => C:\program files\java\jre1.8.0_91\bin\java.exe FirewallRules: [TCP Query User{69666536-51C5-4310-BA24-178FCB05A7BD}C:\program files\java\jre1.8.0_91\bin\java.exe] => C:\program files\java\jre1.8.0_91\bin\java.exe FirewallRules: [UDP Query User{83DEF754-84AB-4BBB-A324-130013A6F925}D:\gry\igg-7daystodie.alpha.14.7.64.bit\7daystodie.exe] => D:\gry\igg-7daystodie.alpha.14.7.64.bit\7daystodie.exe FirewallRules: [TCP Query User{E25B088D-55D7-45BB-A788-0825E185D54B}D:\gry\igg-7daystodie.alpha.14.7.64.bit\7daystodie.exe] => D:\gry\igg-7daystodie.alpha.14.7.64.bit\7daystodie.exe FirewallRules: [UDP Query User{29E3F8FC-5B5E-4EC7-B4D3-28F46600D32A}D:\gry\igg-7daystodie.alpha.14.7.64.bit\7daystodie.exe] => D:\gry\igg-7daystodie.alpha.14.7.64.bit\7daystodie.exe FirewallRules: [TCP Query User{DBAEDBB4-1A79-4229-9F81-A675A35FE93E}D:\gry\igg-7daystodie.alpha.14.7.64.bit\7daystodie.exe] => D:\gry\igg-7daystodie.alpha.14.7.64.bit\7daystodie.exe FirewallRules: [UDP Query User{6FAFD21F-FF57-4978-B7B4-FAEDF51BDF6C}C:\program files\java\jre1.8.0_91\bin\java.exe] => C:\program files\java\jre1.8.0_91\bin\java.exe FirewallRules: [TCP Query User{6CEC3689-8387-4A5C-B892-852E4464CFAC}C:\program files\java\jre1.8.0_91\bin\java.exe] => C:\program files\java\jre1.8.0_91\bin\java.exe FirewallRules: [UDP Query User{61674BF0-1427-46D0-BF93-D217150488E4}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => C:\program files\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [TCP Query User{3EA69964-4D21-4637-AF58-2CF615F29562}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => C:\program files\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [UDP Query User{FCCF3C9C-FF27-4202-91A2-9E64E4386873}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => C:\program files\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [TCP Query User{02E3BC2D-B20A-4793-B3A5-3E84491946A4}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => C:\program files\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [UDP Query User{99A34775-A865-4115-BD4D-7B19A86ECB96}C:\program files (x86)\rayman legends\rayman legends.exe] => C:\program files (x86)\rayman legends\rayman legends.exe FirewallRules: [TCP Query User{9E417DF1-9299-422B-8C71-F6F5DF8D67B3}C:\program files (x86)\rayman legends\rayman legends.exe] => C:\program files (x86)\rayman legends\rayman legends.exe FirewallRules: [UDP Query User{2DB8AE7A-843D-42E3-94E9-3FCB7C0A5AC4}C:\users\dominikkoki\downloads\tjoc-free-roam-open-alpha(1)\tjoc free-roam test\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => C:\users\dominikkoki\downloads\tjoc-free-roam-open-alpha(1)\tjoc free-roam test\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe FirewallRules: [TCP Query User{641777A9-0FEA-4255-A8EA-FCBC66BE7540}C:\users\dominikkoki\downloads\tjoc-free-roam-open-alpha(1)\tjoc free-roam test\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => C:\users\dominikkoki\downloads\tjoc-free-roam-open-alpha(1)\tjoc free-roam test\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe FirewallRules: [UDP Query User{679A42FE-7132-4146-8286-3D526BB6AB80}C:\games\world_of_warplanes\wowplauncher.exe] => C:\games\world_of_warplanes\wowplauncher.exe FirewallRules: [TCP Query User{1494B6B5-BFAF-49E3-AD77-34EC4C24CDD3}C:\games\world_of_warplanes\wowplauncher.exe] => C:\games\world_of_warplanes\wowplauncher.exe FirewallRules: [UDP Query User{05AF0870-73BE-41FB-BCD0-1ACF3FF52B56}D:\games\world_of_tanks\worldoftanks.exe] => D:\games\world_of_tanks\worldoftanks.exe FirewallRules: [TCP Query User{78C04178-CD04-44B6-8B35-7A707E5BC342}D:\games\world_of_tanks\worldoftanks.exe] => D:\games\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{86EADF25-3B29-4D03-BE13-A354E3AD201E}C:\users\dominikkoki\downloads\tjoc-free-roam-open-alpha(1)\tjoc free-roam test\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => C:\users\dominikkoki\downloads\tjoc-free-roam-open-alpha(1)\tjoc free-roam test\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe FirewallRules: [TCP Query User{A2513F85-DFAE-4E88-970E-2B9FED9A361D}C:\users\dominikkoki\downloads\tjoc-free-roam-open-alpha(1)\tjoc free-roam test\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => C:\users\dominikkoki\downloads\tjoc-free-roam-open-alpha(1)\tjoc free-roam test\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe FirewallRules: [UDP Query User{F4D674E7-4A2E-4B5E-BF00-603916EBC5A3}D:\program files (x86)\the forest\theforest.exe] => D:\program files (x86)\the forest\theforest.exe FirewallRules: [TCP Query User{E7376DCA-D9A7-4456-8F1F-6BFFA5FA7EE0}D:\program files (x86)\the forest\theforest.exe] => D:\program files (x86)\the forest\theforest.exe FirewallRules: [UDP Query User{49F55DF0-DA95-4D94-BEC3-E05572A9B8EA}C:\program files\java\jre7\bin\java.exe] => C:\program files\java\jre7\bin\java.exe FirewallRules: [TCP Query User{AFDE5115-2261-4406-8F32-16F1BD9BC0A6}C:\program files\java\jre7\bin\java.exe] => C:\program files\java\jre7\bin\java.exe FirewallRules: [UDP Query User{10924ADB-7586-44E3-BA97-5885C4EFCFC8}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{25D4747D-2676-4175-A8AD-CFD752CFEB85}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{341BAB12-8E00-4431-82B2-16ACDA879819}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{30B520AF-889E-4645-9AE7-8BA4D93AD993}C:\program files\java\jre7\bin\javaw.exe] => C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{9CF86D06-8091-47AD-9E67-326167376918}C:\program files\java\jre7\bin\java.exe] => C:\program files\java\jre7\bin\java.exe FirewallRules: [TCP Query User{F7527B26-200A-4445-8FF6-F1C02D3B2D58}C:\program files\java\jre7\bin\java.exe] => C:\program files\java\jre7\bin\java.exe FirewallRules: [UDP Query User{8F7BB4A8-51F4-4445-9096-9896F1B845AA}D:\games\world_of_tanks\wotlauncher.exe] => D:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{62B64C4F-79FB-4A99-9FE0-BCFF67106C2A}D:\games\world_of_tanks\wotlauncher.exe] => D:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{1D70E306-6DC7-4B44-9817-BC6CBDCC4B01}C:\users\dominikkoki\appdata\roaming\utorrent\utorrent.exe] => C:\users\dominikkoki\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{D33D1CBF-4FF2-4FAA-9D23-354DCC09BF59}C:\users\dominikkoki\appdata\roaming\utorrent\utorrent.exe] => C:\users\dominikkoki\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{EF1CCE05-5020-4B65-AA50-7356F72912C9}D:\program files (x86)\r.g. mechanics\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => D:\program files (x86)\r.g. mechanics\goat simulator\binaries\win32\goatgame-win32-shipping.exe FirewallRules: [TCP Query User{04E6BF0C-DB52-48F9-A2F8-CC7707A86A37}D:\program files (x86)\r.g. mechanics\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => D:\program files (x86)\r.g. mechanics\goat simulator\binaries\win32\goatgame-win32-shipping.exe FirewallRules: [UDP Query User{49904359-7655-41DD-A68A-C8D8496153F7}C:\users\dominikkoki\desktop\the.forest.v0.32.steam-rip\theforest.exe] => C:\users\dominikkoki\desktop\the.forest.v0.32.steam-rip\theforest.exe FirewallRules: [TCP Query User{1BE63F44-1986-49D6-A071-8E8B72A69550}C:\users\dominikkoki\desktop\the.forest.v0.32.steam-rip\theforest.exe] => C:\users\dominikkoki\desktop\the.forest.v0.32.steam-rip\theforest.exe FirewallRules: [UDP Query User{BB85A1F1-CA3C-4E21-A2D4-98F294CA5740}D:\program files (x86)\the forest\theforest.exe] => D:\program files (x86)\the forest\theforest.exe FirewallRules: [TCP Query User{06513930-B02C-4F0B-9359-407AACFAA21A}D:\program files (x86)\the forest\theforest.exe] => D:\program files (x86)\the forest\theforest.exe FirewallRules: [UDP Query User{043635BE-5E1F-4495-9381-63E6584F4AAC}C:\games\world_of_warplanes\wowplauncher.exe] => C:\games\world_of_warplanes\wowplauncher.exe FirewallRules: [TCP Query User{47D88948-9BA0-4445-9CDD-FA84BC6DE89C}C:\games\world_of_warplanes\wowplauncher.exe] => C:\games\world_of_warplanes\wowplauncher.exe FirewallRules: [UDP Query User{386BB082-D346-4895-81F8-79FD4A08466A}C:\program files (x86)\mozilla firefox\plugin-container.exe] => C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [TCP Query User{A39282ED-EB5A-4A8F-AACB-177E5F1CEDE0}C:\program files (x86)\mozilla firefox\plugin-container.exe] => C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [{DB372F27-97E0-4E69-A024-8ECDBE271C2D}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{16DC4230-16D1-4DD2-AABE-C88D16A1EE35}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{339571DE-EF6F-44ED-8322-F2649FB26B91}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{F7F6CC0C-FCF4-49CA-9FC4-69EF8467B37F}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{9818AD97-E11C-4F36-854D-23FFA75AA04D}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{77A209F4-2F76-4756-999E-624DEED43B6B}D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => D:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{C97387FF-07B7-4178-97FA-361242A6FB38}] => C:\Program Files (x86)\Warner Bros. Interactive Entertainment\LEGO® Hobbit Demo\LEGOHobbitDemo1.exe FirewallRules: [{FAD3F510-6102-418B-9C66-B6A5F8125CCD}] => C:\Program Files (x86)\Warner Bros. Interactive Entertainment\LEGO® Hobbit Demo\LEGOHobbitDemo1.exe FirewallRules: [UDP Query User{D6E1AD8A-5554-4C27-BEF3-11597E92FDCC}C:\users\dominikkoki\desktop\3dmgame-the.forest.public.alpha.v0.30b.cracked-3dm\the forest\theforest.exe] => C:\users\dominikkoki\desktop\3dmgame-the.forest.public.alpha.v0.30b.cracked-3dm\the forest\theforest.exe FirewallRules: [TCP Query User{E187BD70-3DE4-4F1A-B529-D14283942598}C:\users\dominikkoki\desktop\3dmgame-the.forest.public.alpha.v0.30b.cracked-3dm\the forest\theforest.exe] => C:\users\dominikkoki\desktop\3dmgame-the.forest.public.alpha.v0.30b.cracked-3dm\the forest\theforest.exe FirewallRules: [{4EFD4046-1FE8-445A-B5ED-A07E334D7C2D}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{913923D3-DEBC-419F-A92B-49A61B8F9103}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{84C45475-0998-4642-BBEE-47FCE5D3B7F0}] => C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{CBFE69CA-07D7-4D08-9239-19610AE71418}] => C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [UDP Query User{21C4EBB4-C4FD-40C4-BD47-2CA6103698F7}C:\program files (x86)\rayman legends\rayman legends.exe] => C:\program files (x86)\rayman legends\rayman legends.exe FirewallRules: [TCP Query User{A8B35BA4-C07F-4F32-9F29-5429FE56FBEC}C:\program files (x86)\rayman legends\rayman legends.exe] => C:\program files (x86)\rayman legends\rayman legends.exe FirewallRules: [UDP Query User{E52FC6DA-763B-4EE0-8076-452D6AA4C4AF}C:\users\dominikkoki\appdata\roaming\utorrent\utorrent.exe] => C:\users\dominikkoki\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{D26DD702-7769-43FC-A96F-1DD17B034B6E}C:\users\dominikkoki\appdata\roaming\utorrent\utorrent.exe] => C:\users\dominikkoki\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{C445C4C7-8402-45B1-BDCE-8E3648FCA439}] => C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [UDP Query User{74DB3D01-397F-43E6-BF79-38046D4B21C9}D:\games\world_of_tanks\worldoftanks.exe] => D:\games\world_of_tanks\worldoftanks.exe FirewallRules: [TCP Query User{1DB03775-877F-434A-9925-83803FAACF6D}D:\games\world_of_tanks\worldoftanks.exe] => D:\games\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{606C9BF6-5F29-4C1E-B627-B5D30C0885F5}D:\program files (x86)\r.g. mechanics\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => D:\program files (x86)\r.g. mechanics\goat simulator\binaries\win32\goatgame-win32-shipping.exe FirewallRules: [TCP Query User{4835C3A3-7DCE-4403-9347-27CB39C36A5F}D:\program files (x86)\r.g. mechanics\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => D:\program files (x86)\r.g. mechanics\goat simulator\binaries\win32\goatgame-win32-shipping.exe FirewallRules: [UDP Query User{D8527809-B50F-4D31-A98B-E373E4B9E8C3}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [TCP Query User{60A9D41A-ECDA-40DC-9990-2A9D4DFE86FE}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [UDP Query User{9CF80786-1824-4833-B6C4-E8F35D685F04}D:\games\world_of_tanks\wotlauncher.exe] => D:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{E61B991B-F028-4CF3-9ACD-3FF0F00087BE}D:\games\world_of_tanks\wotlauncher.exe] => D:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{A877F79A-E319-4F70-AB37-2BB69F472627}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [TCP Query User{1BAEEB05-F763-45A1-B6C5-621F5D3CFC51}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [UDP Query User{452BD557-64C4-4E33-87EB-49914E732CC2}D:\games\the forest\theforest.exe] => D:\games\the forest\theforest.exe FirewallRules: [TCP Query User{8132DC54-3AD9-411E-8DA8-30D88965B22C}D:\games\the forest\theforest.exe] => D:\games\the forest\theforest.exe FirewallRules: [{129F509B-62F4-4916-B95B-0C7CF2A5FC6D}] => C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Anno4.exe FirewallRules: [{24821F13-2548-4A83-B9D3-9A0473FF5229}] => C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\Anno4.exe FirewallRules: [{022890F5-CC8F-4E3A-859F-EDBEEBE8982A}] => C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe FirewallRules: [{CA0C02AB-799A-4A10-9C2C-74DE5336F879}] => C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe FirewallRules: [{0E7EA728-4238-490B-8AD7-11BE9268D135}] => C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Benchmark.exe FirewallRules: [{C93A7485-F1D3-4777-BE6D-41EB91DE7CA0}] => C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404\tools\Benchmark.exe FirewallRules: [{08791225-4B84-4D61-ACEF-FB0D36F363EF}] => C:\Users\Dominikkoki\AppData\Roaming\Nox\bin\Nox.exe FirewallRules: [{1E4FBBA5-A5D5-4197-9BDA-929894111BEE}] => C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe FirewallRules: [TCP Query User{49DEFBA5-9845-483F-9C09-701DD51F4E7A}C:\program files\strogino cs portal\garrys mod\hl2.exe] => C:\program files\strogino cs portal\garrys mod\hl2.exe FirewallRules: [UDP Query User{44D7367B-6E04-4ED6-B3F3-9B0DB4A29A54}C:\program files\strogino cs portal\garrys mod\hl2.exe] => C:\program files\strogino cs portal\garrys mod\hl2.exe FirewallRules: [TCP Query User{7D9E9B0F-2E66-432E-8A9D-C39AA896CFED}C:\program files\strogino cs portal\garrys mod\hl2.exe] => C:\program files\strogino cs portal\garrys mod\hl2.exe FirewallRules: [UDP Query User{DE421876-9D19-4159-86E0-24389E628CA0}C:\program files\strogino cs portal\garrys mod\hl2.exe] => C:\program files\strogino cs portal\garrys mod\hl2.exe FirewallRules: [{E81CF73A-03D4-4D89-A28B-DB397D33F5EE}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{44DA5BBC-0A0B-49C5-9015-9C402305FF6B}C:\users\dominikkoki\appdata\roaming\utorrent\updates\3.4.9_42951.exe] => C:\users\dominikkoki\appdata\roaming\utorrent\updates\3.4.9_42951.exe FirewallRules: [UDP Query User{1499212C-B90A-4999-9A80-514560ACCC2F}C:\users\dominikkoki\appdata\roaming\utorrent\updates\3.4.9_42951.exe] => C:\users\dominikkoki\appdata\roaming\utorrent\updates\3.4.9_42951.exe FirewallRules: [TCP Query User{2E6A9877-5C90-449F-A2CF-722870A37D6A}C:\program files\java\jre1.8.0_111\bin\java.exe] => C:\program files\java\jre1.8.0_111\bin\java.exe FirewallRules: [UDP Query User{776B7748-96B0-4557-9C58-0D4B1DE413EB}C:\program files\java\jre1.8.0_111\bin\java.exe] => C:\program files\java\jre1.8.0_111\bin\java.exe FirewallRules: [TCP Query User{92206D33-EE9A-4BC9-AD43-93F52CB5605E}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => C:\program files\java\jre1.8.0_111\bin\javaw.exe FirewallRules: [UDP Query User{1D472E57-D8BF-480B-ABFA-6F5090EA06B7}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => C:\program files\java\jre1.8.0_111\bin\javaw.exe FirewallRules: [TCP Query User{EF756DB5-F9EA-453D-9EC2-E8E2BF310D5F}C:\program files\java\jre1.8.0_111\bin\java.exe] => C:\program files\java\jre1.8.0_111\bin\java.exe FirewallRules: [UDP Query User{D71C5177-AFBC-48A6-9129-A5277142B029}C:\program files\java\jre1.8.0_111\bin\java.exe] => C:\program files\java\jre1.8.0_111\bin\java.exe FirewallRules: [TCP Query User{193CACC3-D040-41D2-A0B5-7EFFF0FEEE82}C:\games\world_of_tanks\wotlauncher.exe] => C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{78AA724D-DF9D-4C1D-8540-A65C8088802A}C:\games\world_of_tanks\wotlauncher.exe] => C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{D9503570-176B-44C8-B48D-CDBACF7E6923}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => C:\program files\java\jre1.8.0_111\bin\javaw.exe FirewallRules: [UDP Query User{580B98CE-A257-4C2B-9C25-5513798DF807}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => C:\program files\java\jre1.8.0_111\bin\javaw.exe FirewallRules: [TCP Query User{6DF96D5B-5677-4470-9406-7AFE18D508DE}C:\games\world_of_tanks\worldoftanks.exe] => C:\games\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{3B33F940-396A-44BB-A489-3E31049C725B}C:\games\world_of_tanks\worldoftanks.exe] => C:\games\world_of_tanks\worldoftanks.exe FirewallRules: [TCP Query User{36BEE60F-C52B-4799-AB5A-EDB52318043C}C:\games\world_of_tanks\worldoftanks.exe] => C:\games\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{001E1C36-7D32-447F-8604-DA51D7A48772}C:\games\world_of_tanks\worldoftanks.exe] => C:\games\world_of_tanks\worldoftanks.exe FirewallRules: [TCP Query User{24FB6D69-91A7-469E-91F6-EB394CD2AB46}C:\games\world_of_tanks\wotlauncher.exe] => C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{6A2D26D0-B278-4C16-81A6-9B6872B65DA2}C:\games\world_of_tanks\wotlauncher.exe] => C:\games\world_of_tanks\wotlauncher.exe ==================== Punkty Przywracania systemu ========================= 10-12-2016 01:07:27 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/13/2016 02:21:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DOMINIK) Description: Aktywacja aplikacji Microsoft.Windows.Photos_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927142. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/12/2016 01:44:05 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Nie powiodło się wykonanie procedury otwierania dla usługi „BITS” w bibliotece DLL „C:\Windows\System32\bitsperf.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu. Error: (12/12/2016 01:29:18 PM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService GetDisplayBrightnessFromPowerSettings: Could not inform driver of current brightness value. Error: (12/12/2016 01:29:18 PM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService SetBrightnessSettingInDriver: p_handle is NULL. Error: (12/12/2016 01:29:18 PM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService SetDisplayBrightnessViaPowerSettings: Could not obtain brightness value to set from driver. Error: (12/12/2016 01:29:18 PM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService GetBrightnessSettingFromDriver: p_handle is NULL. Error: (12/12/2016 01:29:18 PM) (Source: DptfEvent) (EventID: 2) (User: ) Description: DptfParticipantDisplayService ConnectToDptfDisplayDriver: SetupDiEnumDeviceInterfaces() failed. Last error = [0x00000103] Error: (12/11/2016 08:00:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DOMINIK) Description: Aktywacja aplikacji Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge nie powiodła się. Błąd: -2147023170. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/11/2016 09:38:41 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Nie powiodło się wykonanie procedury otwierania dla usługi „BITS” w bibliotece DLL „C:\Windows\System32\bitsperf.dll”. Dane wydajności dla tej usługi nie będą dostępne. Pierwsze cztery bajty (DWORD) sekcji danych Data zawierają kod błędu. Error: (12/11/2016 09:23:48 AM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService GetDisplayBrightnessFromPowerSettings: Could not inform driver of current brightness value. Dziennik System: ============= Error: (12/13/2016 04:39:18 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (12/13/2016 02:21:58 PM) (Source: DCOM) (EventID: 10010) (User: DOMINIK) Description: Serwer App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (12/12/2016 08:25:56 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (12/12/2016 01:29:53 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (12/12/2016 01:29:53 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (12/12/2016 01:29:52 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} i identyfikatorem aplikacji APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (12/12/2016 01:29:16 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 21:31:18 na ‎11.‎12.‎2016 było nieoczekiwane. Error: (12/11/2016 04:23:00 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (12/11/2016 03:06:45 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi ZARZĄDZANIE NT\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (12/11/2016 09:31:30 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} i identyfikatorem aplikacji APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} użytkownikowi ZARZĄDZANIE NT\USŁUGA LOKALNA o identyfikatorze zabezpieczeń SID (S-1-5-19) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. CodeIntegrity: =================================== Date: 2016-11-25 18:42:43.330 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-11-25 18:42:43.294 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-11-25 18:42:41.220 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-11-25 18:42:41.182 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-11-25 18:42:37.390 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-11-25 18:42:37.360 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-11-25 18:42:32.242 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-11-25 18:42:32.226 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-11-25 18:42:22.273 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-11-25 18:42:22.248 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz Procent pamięci w użyciu: 71% Całkowita pamięć fizyczna: 3979.04 MB Dostępna pamięć fizyczna: 1144.77 MB Całkowita pamięć wirtualna: 7307.04 MB Dostępna pamięć wirtualna: 3621.78 MB ==================== Dyski ================================ Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:195.44 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:263.14 GB) NTFS Drive e: (TestyLiwonaB_4) (CDROM) (Total:1.73 GB) (Free:0 GB) CDFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 95198D10) ==================== Koniec Addition.txt ============================