Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 21-12-2016 Uruchomiony przez Kuchta (27-12-2016 21:51:09) Uruchomiony z C:\Users\Kuchta\Desktop Windows 10 Pro Wersja 1607 (X64) (2016-12-18 18:40:34) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= defaultuser0 (S-1-5-21-3193611003-341622343-3118953118-1000 - Limited - Disabled) Gość (S-1-5-21-3193611003-341622343-3118953118-501 - Limited - Disabled) Konto domyślne (S-1-5-21-3193611003-341622343-3118953118-503 - Limited - Disabled) Kuchta (S-1-5-21-3193611003-341622343-3118953118-1001 - Administrator - Enabled) => C:\Users\Kuchta Super Administrator (S-1-5-21-3193611003-341622343-3118953118-500 - Administrator - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent Ad-Free (HKU\S-1-5-21-3193611003-341622343-3118953118-1001\...\uTorrent) (Version: 3.4.9.43057 - BitTorrent Inc.) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated) Adobe Flash Player NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.189 - Adobe Systems Incorporated) Adobe Flash Player PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.189 - Adobe Systems Incorporated) Adobe Shockwave Player (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.) ALLPlayer (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Application Profiles (HKLM-x32\...\{406D29A2-EFF6-8601-7327-4554F06FB884}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Ashampoo MyAutoplay Menu (HKLM-x32\...\Ashampoo MyAutoplay Menu_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG) Bandicam (HKLM-x32\...\Bandicam) (Version: 3.3.0.1175 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Build Tools - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden Build Tools Language Resources - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.02 - Canon Inc.) Catalyst Control Center Next Localization BR (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.1219.1506.27144 - Advanced Micro Devices, Inc.) Hidden CCleaner Pro x64 (HKLM\...\CCleaner) (Version: 5.25 - Piriform) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) Crysis 3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts) Default Programs Editor (HKLM\...\Default Programs Editor) (Version: 2.7.2675.2253 - factormystic.net) Defraggler Pro x64 (HKLM\...\Defraggler) (Version: 2.21 - Piriform) Driver Booster Pro (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit) EMET 5.51 (HKLM-x32\...\{A8608E0F-56B8-465C-A762-86D68FF4FC72}) (Version: 5.51 - Microsoft Corporation) Fraps (HKLM-x32\...\Fraps) (Version: - ) Google Earth Pro (HKLM-x32\...\{6D5E5B27-D872-4A5F-A1D9-CE681DB7B96A}) (Version: 7.1.7.2606 - Google) Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) IrfanView x64 (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan) Java 9 (64-bit) (HKLM\...\{DA69628A-2608-5BA9-8749-1EE90CB29D95}) (Version: 9.0.0.0 - Oracle Corporation) Java 9 (HKLM-x32\...\{27F77A89-05E5-515A-B827-3267967CEC02}) (Version: 9.0.0.0 - Oracle Corporation) Kalkulator (HKLM-x32\...\OldCalcForWin10) (Version: 1.1 - hxxp://winaero.com) Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{2C74A102-DC39-4158-A831-02BDE2EC7D5D}) (Version: 8.0.5.485 - Kaspersky Lab) Kaspersky Password Manager (x32 Version: 8.0.5.485 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Total Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Total Security 2017 (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Office Mondo 2016 x64 (HKLM\...\MondoRetail - pl-pl) (Version: 16.0.7712.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24516 (HKLM\...\{6B66663C-055F-3A2E-A09D-168840A82362}) (Version: 14.0.24516 - Microsoft Corporation) Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24516 (HKLM\...\{EE6E34BF-D825-384C-AFF5-305DF5CFAF5A}) (Version: 14.0.24516 - Microsoft Corporation) Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24516 (HKLM-x32\...\{B4EB15A2-6582-346E-8501-B6E907F23B80}) (Version: 14.0.24516 - Microsoft Corporation) Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24516 (HKLM-x32\...\{7B82F823-A226-3463-B438-AF4DDDE2B810}) (Version: 14.0.24516 - Microsoft Corporation) Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual F# 3.1.2 (HKLM-x32\...\{d705b4dc-2aa8-4215-9b13-4fad5dcda72b}) (Version: 12.0.30815.0 - Microsoft Corporation) Microsoft Visual F# 4.0 (HKLM-x32\...\{ab9c007e-6675-4ab5-81f8-7001b49707cf}) (Version: 14.0.23020.0 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{FD9D64F4-CAF5-3D23-845A-B843C78CC1A5}) (Version: 10.0.60830 - Microsoft Corporation) MPC-HC (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10.276 - MPC-HC Team) Music Recorder (x32 Version: 18.009.0 - Nero AG) Hidden Nero 2017 (HKLM-x32\...\{6B81BDC4-3368-4898-8F16-48962F789221}) (Version: 18.0.06100 - Nero AG) Nero 2017 Content Pack (HKLM-x32\...\{4E6D3A36-4558-466D-83CC-AE2DCAC06C53}) (Version: 18.0.00600 - Nero AG) Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 18.0.0011 - Nero AG) Office 16 Click-to-Run Extensibility Component (Version: 16.0.7712.1000 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7712.1000 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (Version: 16.0.7712.1000 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.) Prerequisite installer (x32 Version: 18.0.0003 - Nero AG) Hidden PrimoCache (HKLM\...\{7A37EA43-BF6F-4DB7-83DB-97AA19BF9408}_is1) (Version: 2.7.0 - Romex Software) Razer Cortex Free (HKLM-x32\...\Razer Cortex_is1) (Version: 8.0.50.266 - Razer Inc.) Realtek High Definition Audio Driver x64 (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8018 - Realtek Semiconductor Corp.) Revo Uninstaller Pro (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games) SSD Fresh 2017 (HKLM-x32\...\{71149886-0AA3-4F31-81F9-CC90EA0D55EF}_is1) (Version: 6.1 - Abelssoft) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Tracer Gaming Mouse (HKLM-x32\...\{4F2CBB98-A9AB-4A7A-9DDC-00E340E42B9F}) (Version: 1.00 - Tracer Gaming Mouse) Unlocker (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Visual F# 4.1 SDK (HKLM-x32\...\{5ADB9708-9ADA-3786-8D8E-C93E5E9F2594}) (Version: 14.0.23801 - Microsoft Corporation) Vivaldi x64 (HKU\S-1-5-21-3193611003-341622343-3118953118-1001\...\Vivaldi) (Version: 1.7.705.3 - Vivaldi) Vulkan Run Time Libraries (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Winamp Pro (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Winamp-Rozszerzone Spolszczenie (HKLM-x32\...\Winamp PL) (Version: 5.666 - Paweł Porwisz) Winamp-Schematy Kolorów (HKLM-x32\...\Winamp Color Themes Pack) (Version: 2.3 - Paweł Porwisz) WinRAR (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {033D0858-576A-4932-BA02-B75986AB435C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-14] (Microsoft Corporation) Task: {053262AE-7BDB-4360-A787-EA55A60D5042} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK Task: {12566E25-89B3-44BC-BD04-48F1AFAF9008} - System32\Tasks\Driver Booster SkipUAC (Kuchta) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-12-02] (IObit) Task: {211024A2-BC17-4196-AE25-FAEC4075CB13} - System32\Tasks\Defraggler Volume D Task => C:\Program Files\Defraggler\df64.exe [2016-03-08] (Piriform Ltd) Task: {63981430-588E-437F-B6ED-4ADFE278B059} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-12-21] (Microsoft Corporation) Task: {939FE1C5-539C-452E-96E9-BB3ADD95DD71} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-14] (Microsoft Corporation) Task: {A537BCBA-86DE-4B10-AF49-B4B0650E21F8} - System32\Tasks\R@1n-KMS\Office16Mondo => wmic [Argument = path SoftwareLicensingProduct where (ID="9caabccb-61b1-4b4b-8bec-d10a3c3ac2ce") call Activate] Task: {A9975C29-53AB-4459-AF3A-793DC7599AFF} - System32\Tasks\Defraggler Volume F Task => C:\Program Files\Defraggler\df64.exe [2016-03-08] (Piriform Ltd) Task: {AD997FF5-48D0-47F9-9082-40D6FB4A2655} - System32\Tasks\PrimoCacheTrialReset-System => F:\Programy\Dyski\PrimoCache\Crack\FancyCtR.nolock.exe [2016-04-22] () Task: {BF95D84F-B29D-4DF1-9EA6-03A444E3171E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd) Task: {C2031C51-D535-44D4-9753-70E013DF3A5C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-12-21] (Microsoft Corporation) Task: {CA8736E5-B1F4-43E1-A6E0-783E061B10F4} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe Task: {E1FBC96F-61D8-4779-9A2E-EF8D5947F5B6} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-09-26] (Nero AG) Task: {EA87D553-C423-4C6F-967C-44BCB9962C0E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2016-12-19] (Advanced Micro Devices, Inc.) Task: {FAD93041-173C-4237-9F7E-D5605EFF8DBF} - System32\Tasks\Defraggler Volume E Task => C:\Program Files\Defraggler\df64.exe [2016-03-08] (Piriform Ltd) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Defraggler Volume D Task.job => Task: C:\Windows\Tasks\Defraggler Volume E Task.job => Task: C:\Windows\Tasks\Defraggler Volume F Task.job => Task: C:\Windows\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\Kuchta\Desktop\Gry\GTA V-Ustaw Priorytet.lnk -> D:\Rockstar Games\Grand Theft Auto V\GTAVHigh.bat () ==================== Załadowane moduły (filtrowane) ============== 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll 2016-12-13 22:54 - 2016-12-13 22:54 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll 2016-12-18 23:38 - 2016-12-18 23:38 - 00026112 _____ () C:\Windows\KMS-R@1n.exe 2016-12-13 22:54 - 2016-12-13 22:54 - 02681200 _____ () C:\Windows\System32\CoreUIComponents.dll 2016-09-15 03:34 - 2016-09-15 03:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2016-09-15 03:34 - 2016-09-15 03:34 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2016-09-15 03:34 - 2016-09-15 03:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2016-09-15 03:34 - 2016-09-15 03:34 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2016-09-15 03:34 - 2016-09-15 03:34 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll 2016-09-15 03:34 - 2016-09-15 03:34 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2016-12-13 22:54 - 2016-12-13 22:54 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll 2016-10-31 20:45 - 2016-10-31 20:45 - 00592384 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll 2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2016-12-13 22:54 - 2016-12-13 22:54 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-12-13 22:55 - 2016-12-13 22:55 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-12-13 22:55 - 2016-12-13 22:55 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-12-13 22:55 - 2016-12-13 22:55 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-12-13 22:55 - 2016-12-13 22:55 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-12-13 22:55 - 2016-12-13 22:55 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-12-13 22:55 - 2016-12-13 22:55 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-12-18 20:50 - 2010-07-15 12:54 - 00159744 _____ () C:\Program Files (x86)\Tracer Gaming Mouse\mousehid.exe 2016-12-18 20:50 - 2012-03-05 17:43 - 00135168 _____ () C:\Program Files (x86)\Tracer Gaming Mouse\trayicon.exe 2016-12-23 18:34 - 2016-12-23 05:11 - 02524792 _____ () C:\Program Files\Vivaldi\Application\1.7.705.3\libglesv2.dll 2016-12-23 18:34 - 2016-12-23 05:11 - 00100472 _____ () C:\Program Files\Vivaldi\Application\1.7.705.3\libegl.dll 2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\kpcengine.2.3.dll 2016-12-18 20:50 - 2009-10-28 09:28 - 00249856 _____ () C:\Program Files (x86)\Tracer Gaming Mouse\language.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) HKU\S-1-5-21-3193611003-341622343-3118953118-1001\Software\Classes\batfile: <===== UWAGA HKU\S-1-5-21-3193611003-341622343-3118953118-1001\Software\Classes\.bat: batfile => <===== UWAGA HKU\S-1-5-21-3193611003-341622343-3118953118-1001\Software\Classes\cmdfile: <===== UWAGA HKU\S-1-5-21-3193611003-341622343-3118953118-1001\Software\Classes\.cmd: cmdfile => <===== UWAGA ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2016-12-22 18:27 - 2016-12-23 12:46 - 00009020 ____A C:\Windows\system32\Drivers\etc\hosts 0.0.0.0 storeedgefd.dsx.mp.microsoft.com0.0.0.0 settings-ssl.xboxlive.com.nsatc.net 0.0.0.0 tiles.xbox.com.nsatc.net 0.0.0.0 musicmatch-ssl.xboxlive.com.nsatc.net 0.0.0.0 epix.xbox.com.nsatc.net 0.0.0.0 vdlimages.xboxlive.com.nsatc.net 0.0.0.0 download-ssl.xbox.com.nsatc.net0.0.0.0 a-msedge.net 0.0.0.0 a-0001.a-msedge.net 0.0.0.0 a-0002.a-msedge.net 0.0.0.0 a-0003.a-msedge.net 0.0.0.0 a-0004.a-msedge.net 0.0.0.0 a-0005.a-msedge.net 0.0.0.0 a-0006.a-msedge.net 0.0.0.0 a-0007.a-msedge.net 0.0.0.0 a-0008.a-msedge.net 0.0.0.0 a-0009.a-msedge.net 0.0.0.0 ads.msn.com 0.0.0.0 ads1.msads.net 0.0.0.0 a.ads1.msn.com 0.0.0.0 a.ads2.msn.com 0.0.0.0 a.rad.msn.com 0.0.0.0 aidps.atdmt.com 0.0.0.0 apps.skype.com 0.0.0.0 az361816.vo.msecnd.net 0.0.0.0 az512334.vo.msecnd.net 0.0.0.0 b.ads1.msn.com 0.0.0.0 b.rad.msn.com 0.0.0.0 bs.serving-sys.com 0.0.0.0 c.atdmt.com 0.0.0.0 c.msn.com 0.0.0.0 ca.telemetry.microsoft.com Wykryto więcej niż wyliczono: 175 linii. ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3193611003-341622343-3118953118-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kuchta\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 85.11.66.36 - 85.11.66.45 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKLM\...\StartupApproved\Run: => "WindowsDefender" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [{65D3986E-68C0-49C3-BD71-4099F6CDCBD2}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe FirewallRules: [{C6AFFC87-9606-42BC-800E-5C8FB7778CCB}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe FirewallRules: [{0645F039-6B54-4F44-BDDF-DC19D7FB833C}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe FirewallRules: [{30D1AD26-9201-425A-AB99-690AA282A159}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe FirewallRules: [{1EF83019-DF0B-4F0C-A014-2E301ADE1B48}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe FirewallRules: [{EEFEA114-BB60-4E38-9596-44506C1ECF4F}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe FirewallRules: [{2C797513-B7B7-478E-BD4A-E0B0577D4D4D}] => C:\Users\Kuchta\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BAE45D6C-A02D-4085-90B1-D0C7800C7968}] => C:\Users\Kuchta\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4FC0A720-FC7C-4A87-A0C3-9CBC030B286A}] => C:\Users\Kuchta\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{77D242B4-5DB4-44F3-A3E2-2D5BE8945EB0}] => C:\Users\Kuchta\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{37F66C73-F680-4CB7-9A47-0CE4D7978C76}] => C:\Users\Kuchta\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{1EFFC2EA-028F-469A-BBBE-A2C829A32EC3}] => C:\Users\Kuchta\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8286848F-3A3C-47B1-9633-708A0B517708}] => C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{167A855A-EE83-4746-9595-34A92DE97619}] => C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{C7F7B291-2285-4456-8389-D8CDF989409A}] => C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\StartNBR.exe FirewallRules: [{BCC0DD9A-8A92-4D40-8F22-3B640F339309}] => C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\NMDllHost.exe FirewallRules: [{74EDE789-6279-449B-84EA-8AFC329931A4}] => C:\Program Files (x86)\Nero\Nero 2017\Nero MediaHome\MediaHome.exe FirewallRules: [{18120FA1-1252-4B50-AB61-CC6A26923F4B}] => C:\Program Files (x86)\Nero\Nero 2017\Nero Burning ROM\nero.exe FirewallRules: [{EBE0F243-61A6-4596-BBA4-85BFD807E9FE}] => D:\Origin Games\Crysis 3\Bin32\Crysis3.exe FirewallRules: [{6718AF99-F960-483F-A800-C34BED1F9FCB}] => D:\Origin Games\Crysis 3\Bin32\Crysis3.exe FirewallRules: [{072FE5E0-8368-4912-89E9-A53295C7C2CB}] => C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{9B678986-7BED-4D9E-83CC-E087C3D63C1A}] => C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{BD694DB9-E413-4349-B7F6-C5ADC889BCF4}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{25893641-3CED-4535-A0A2-1CDFC8428339}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{229484DD-CFAF-426C-880B-425819B914CE}] => D:\Steam Games\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{ADA5B78B-FC53-41C9-8AC9-3FF80BD17625}] => D:\Steam Games\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{4699A11F-A594-4211-B46F-33A8369D4A75}] => C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{75BE650B-DE0C-4602-99EA-B6177434DE0B}] => C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{005A54A9-8881-4622-A3DA-F22B6C519344}] => C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{E32DDCA3-EE98-4B23-9592-8AE8F9A902E9}] => C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{DC2AB616-AD87-4E7E-B895-017499BF837B}] => C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{DA7FE70F-AA22-463C-8A8A-A1E28DCE0C0F}] => C:\Windows\KMS-R@1n.exe FirewallRules: [{FE89DF41-62FF-4C34-B28B-6E4EE7B10A61}] => C:\Windows\KMS-R@1n.exe FirewallRules: [{8CBDEEE7-AC7D-43BF-B09C-2B936B71EB07}] => D:\Steam Games\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe FirewallRules: [{B4F9AE68-6E5F-40BE-8996-4AE346B2AD8E}] => D:\Steam Games\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe FirewallRules: [{CE7C6967-D0E7-4F0A-975B-17048D5CFDFA}] => D:\Rockstar Games\Grand Theft Auto V\GTA5.exe FirewallRules: [{910F9618-7958-4F64-A85B-CECE9D9EEA40}] => D:\Rockstar Games\Grand Theft Auto V\GTA5.exe FirewallRules: [{C192B86F-D321-41DB-B060-CEF822D48AA8}] => C:\Program Files\Vivaldi\Application\vivaldi.exe ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/27/2016 09:48:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KUCHTAPC) Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927149. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/27/2016 09:48:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KUCHTAPC) Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927149. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/27/2016 09:48:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KUCHTAPC) Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927149. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/27/2016 09:48:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KUCHTAPC) Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927149. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/27/2016 09:48:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KUCHTAPC) Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927149. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/27/2016 09:48:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KUCHTAPC) Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927149. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/27/2016 09:47:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KUCHTAPC) Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927149. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/27/2016 09:47:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KUCHTAPC) Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927149. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/27/2016 09:47:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KUCHTAPC) Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927149. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/27/2016 09:47:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KUCHTAPC) Description: Aktywacja aplikacji Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App nie powiodła się. Błąd: -2144927149. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Dziennik System: ============= CodeIntegrity: =================================== Date: 2016-12-22 13:08:40.976 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2016-12-22 13:08:40.975 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2016-12-21 22:44:23.956 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2016-12-21 22:44:23.951 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. ==================== Statystyki pamięci =========================== Procesor: AMD FX(tm)-8350 Eight-Core Processor Procent pamięci w użyciu: 45% Całkowita pamięć fizyczna: 16355.04 MB Dostępna pamięć fizyczna: 8944.82 MB Całkowita pamięć wirtualna: 19295.04 MB Dostępna pamięć wirtualna: 10766.61 MB ==================== Dyski ================================ Drive c: (Windows 10 i Programy) (Fixed) (Total:223.02 GB) (Free:201.18 GB) NTFS Drive d: (Gry) (Fixed) (Total:499.98 GB) (Free:363.07 GB) NTFS Drive e: (Multimedia i Dane) (Fixed) (Total:300 GB) (Free:298.83 GB) NTFS Drive f: (Kopia Zapasowa) (Fixed) (Total:131.51 GB) (Free:110.87 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 223.6 GB) (Disk ID: 57AB2FB1) Partition: GPT. ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 451AA471) Partition: GPT. ==================== Koniec Addition.txt ============================