Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 20.06.2018 Uruchomiony przez Kamil (21-06-2018 00:14:47) Uruchomiony z C:\Users\Kamil\Desktop Windows 10 Pro Wersja 1803 17134.112 (X64) (2018-05-24 13:52:46) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3858537117-581858840-872993733-500 - Administrator - Disabled) Gość (S-1-5-21-3858537117-581858840-872993733-501 - Limited - Disabled) Kamil (S-1-5-21-3858537117-581858840-872993733-1001 - Administrator - Enabled) => C:\Users\Kamil Konto domyślne (S-1-5-21-3858537117-581858840-872993733-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3858537117-581858840-872993733-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: mks_vir (Enabled - Up to date) {88B2F6DD-00FA-A027-E993-0DC5840AD5F1} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: mks_vir (Enabled - Up to date) {33D31739-26C0-AFA9-D323-36B7FF8D9F4C} FW: mks_vir Firewall (Enabled) {B08977F8-4A95-A17F-C2CC-A4F07AD9928A} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov) 911 Operator version 1.0 (HKLM-x32\...\911 Operator_is1) (Version: 1.0 - PlayWay SA) ALLPlayer (wersja 8.1) (HKLM\...\{68972948-F221-4267-9EB6-2EB5D913C4CF}_is1) (Version: 8.1 - ALLPlayer Ltd.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.5.1 - Advanced Micro Devices, Inc.) AnyBurn (HKLM-x32\...\AnyBurn) (Version: 4.1 - Power Software Ltd) Build Tools - x86 (HKLM-x32\...\{235CCCE6-3CB9-4E09-9D8E-0F212644C668}) (Version: 12.0.31010 - Microsoft Corporation) Hidden Build Tools Language Resources - x86 (HKLM-x32\...\{772590BC-E61B-4080-B9D5-A71497612F36}) (Version: 12.0.31010 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden HashCheck Shell Extension (HKLM\...\HashCheck Shell Extension) (Version: 2.4.0.55 - ) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1067 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden Microsoft Office 365 ProPlus - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.8431.2270 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3858537117-581858840-872993733-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0006 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation) Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual F# 3.1.2 (HKLM-x32\...\{d705b4dc-2aa8-4215-9b13-4fad5dcda72b}) (Version: 12.0.30815.0 - Microsoft Corporation) Microsoft Visual F# 4.0 (HKLM-x32\...\{ab9c007e-6675-4ab5-81f8-7001b49707cf}) (Version: 14.0.23020.0 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60825 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.16.1247.518 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{ab213ab7-4792-4c6f-a3fa-8485d06c3475}) (Version: 14.0.23829 - Microsoft Corporation) Microsoft XNA Framework Redistributable 1.0 Refresh (HKLM-x32\...\{311F799A-FCE9-4D9E-B5D2-CBB8859B40BB}) (Version: 1.1.10405.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 2.0 (HKLM-x32\...\{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}) (Version: 2.0.11128.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) mks_vir (HKLM\...\mks_vir) (Version: - Arcabit/mks_vir) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2270 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2270 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden Old Calculator for Windows 10 (HKLM-x32\...\OldCalcForWin10) (Version: 1.1 - hxxp://winaero.com) Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{33d722f3-efb1-4136-a274-b033ad7f5335}) (Version: 10.1.17570.8068 - Intel(R) Corporation) Hidden Oracle VM VirtualBox 5.2.12 (HKLM\...\{128AD467-F107-4FED-A283-F355E74DE103}) (Version: 5.2.12 - Oracle Corporation) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.60825 - Microsoft Corporation) qBittorrent 4.1.1 (HKLM-x32\...\qBittorrent) (Version: 4.1.1 - The qBittorrent project) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.1 - VS Revo Group, Ltd.) Spotify (HKU\S-1-5-21-3858537117-581858840-872993733-1001\...\Spotify) (Version: 1.0.83.316.ge96b6e67 - Spotify AB) StartIsBack++ (HKLM-x32\...\StartIsBack) (Version: 2.6.4 - startisback.com) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk) Visual F# 4.1 SDK (HKLM-x32\...\{5ADB9708-9ADA-3786-8D8E-C93E5E9F2594}) (Version: 14.0.23801 - Microsoft Corporation) Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll -> Brak pliku ContextMenuHandlers3: [HashCheck Shell Extension] -> {705977C7-86CB-4743-BFAF-6908BD19B7B0} => C:\Windows\system32\ShellExt\HashCheck.dll [2016-09-07] () ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll -> Brak pliku ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-05-16] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {266627A5-9196-4D29-BDAE-A100188A916B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-06-13] (Microsoft Corporation) Task: {377650DA-FD8B-4353-AB6C-8E21C7CE6680} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {6617BB4F-B600-47AD-BEA6-DA5DABB663E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-08] (Microsoft Corporation) Task: {6775DABE-5CFB-4715-974D-8D00DF605204} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-08] (Microsoft Corporation) Task: {7388F866-C341-45AE-9D15-A2B9224C5B56} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-13] () Task: {7C6352A9-C725-462C-9B25-36E4FB5B9CFD} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [2017-11-16] (Intel(R) Corporation) Task: {A2CF5F50-F3DD-4290-980E-4AED7F6B3CCD} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2018-05-16] (Advanced Micro Devices, Inc.) Task: {A6DBBD3E-7EEF-4840-9B4A-F9662F72BB1D} - System32\Tasks\StartIsBack health check => C:\Program Files (x86)\StartIsBack\startscreen.exe [2018-06-08] (www.startisback.com) Task: {AC07BED7-7013-4640-AC9D-F72B2E2AE89C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-06-13] (Microsoft Corporation) Task: {BA91BCE2-5D46-47EC-A6FA-A58103A1F13E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-04] (Google Inc.) Task: {C93F52E6-0889-4A13-93A7-B755C2790A4B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-13] () Task: {CD57F6A4-AF18-41B9-8D19-02BA5E703331} - System32\Tasks\S-1-5-21-3858537117-581858840-872993733-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation) Task: {D299807C-9B29-4269-8E05-2F5973D40759} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-06-13] (Microsoft Corporation) Task: {E7B9CF14-5D8F-4C3D-A7E0-9FEE0F94C15E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2018-05-16] (Advanced Micro Devices, Inc.) Task: {E9A3B8C9-E76D-46A4-98B2-68A01A734D5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-04] (Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2018-05-24 16:10 - 2013-07-03 20:32 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 2018-06-18 11:33 - 2018-06-18 11:33 - 000197688 _____ () C:\Program Files\mks_vir\bin\nfapi.dll 2018-06-18 11:33 - 2018-06-18 11:33 - 000174448 _____ () C:\Program Files\mks_vir\bin\scanenginedll.dll 2018-06-18 11:33 - 2018-06-18 11:33 - 000675112 _____ () C:\Program Files\mks_vir\bin\ScanEngineCon.exe 2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-05-30 09:52 - 2016-09-07 22:41 - 000566920 _____ () C:\Windows\system32\ShellExt\HashCheck.dll 2018-04-24 22:12 - 2018-04-24 22:12 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL 2018-04-24 22:12 - 2018-04-24 22:12 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2018-06-12 19:43 - 2018-06-08 10:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-05-24 17:52 - 2018-06-13 12:53 - 002210480 _____ () C:\Program Files\Microsoft Office\Root\Office16\tmpod.dll 2018-05-24 17:52 - 2018-06-13 12:52 - 001395888 _____ () C:\Program Files\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll 2018-06-13 11:55 - 2018-06-12 07:36 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libglesv2.dll 2018-06-13 11:55 - 2018-06-12 07:36 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libegl.dll 2018-05-24 16:10 - 2018-06-20 23:41 - 000025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2018-05-24 16:10 - 2013-07-03 20:32 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll 2017-12-03 12:18 - 2017-12-03 12:18 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2018-04-12 01:38 - 2018-06-18 11:59 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3858537117-581858840-872993733-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 192.168.42.129 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKU\S-1-5-21-3858537117-581858840-872993733-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3858537117-581858840-872993733-1001\...\StartupApproved\Run: => "ALLUpdate" HKU\S-1-5-21-3858537117-581858840-872993733-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-3858537117-581858840-872993733-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-3858537117-581858840-872993733-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3858537117-581858840-872993733-1001\...\StartupApproved\Run: => "Napisy24Update" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{3C8D81A0-E24C-4E3B-92F5-C98D5E2E9267}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{77900569-3F45-440F-84B8-A06DD19C8E27}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{DFCB2A86-EE10-4860-8A75-E84DD1D53AEC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{EF054E80-61F5-42F3-AD3C-239B735C1E6B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{CC5531B7-2473-4619-8001-6D2715621673}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{424496A4-8269-4655-812F-341CE97FC7B4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{DA3EC35A-C30B-4339-9144-4A85635C2E1E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{6C72393F-19B4-43AA-AFDF-5ACC3B54068B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{07599C42-92A9-448C-B280-B01D52D128E7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{DC8A62D7-7F82-41F7-9641-4EA2E427D367}] => (Allow) D:\Steam\steamapps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe FirewallRules: [{E9CBB609-D67A-4044-8452-729B5B6C9093}] => (Allow) D:\Steam\steamapps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe FirewallRules: [{06C0A648-BBF1-456D-9609-1EAAF8425066}] => (Allow) D:\Steam\steamapps\common\PC Building Simulator\PCBS.exe FirewallRules: [{E6925F86-70F9-45A4-AD24-52B8BA73CC04}] => (Allow) D:\Steam\steamapps\common\PC Building Simulator\PCBS.exe FirewallRules: [TCP Query User{3D121726-56EA-4C71-AE3B-22FFAFFE9C14}C:\users\kamil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kamil\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{0CC37D10-4507-4B29-934F-4615271575CF}C:\users\kamil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kamil\appdata\roaming\spotify\spotify.exe FirewallRules: [{5D38FBED-9CF1-45E5-B93F-C25D941F5EA2}] => (Allow) D:\Steam\steamapps\common\Welcome to the Game II\WTTG2.exe FirewallRules: [{3E0B004A-047B-46DA-9BA2-A6670CDC6CB7}] => (Allow) D:\Steam\steamapps\common\Welcome to the Game II\WTTG2.exe FirewallRules: [{F5394D3D-B81F-4A5B-984C-4A53CD6F06AD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe FirewallRules: [{5417A7A7-27C4-4566-94BE-2BDA6B9F74A9}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe FirewallRules: [{AA935963-FE9F-40DF-9D70-1B99E6AA83CC}] => (Allow) D:\Steam\steamapps\common\Welcome to the Game\WTTG.exe FirewallRules: [{6C3E86F5-C4F8-46C6-8EF6-822CC4CCB527}] => (Allow) D:\Steam\steamapps\common\Welcome to the Game\WTTG.exe FirewallRules: [{66110648-1ED1-45D9-8C7B-AE52FF47C0BA}] => (Allow) D:\Steam\steamapps\common\ELEX\system\ELEX.exe FirewallRules: [{6F48F27D-5082-4D69-95FA-C473499CDC6F}] => (Allow) D:\Steam\steamapps\common\ELEX\system\ELEX.exe FirewallRules: [{11506C13-D181-4E77-8856-7D797BE57007}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (06/15/2018 06:56:22 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program hvaui.exe w wersji 1.0.4.67 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w oknie Zabezpieczenia i konserwacja w Panelu sterowania. Identyfikator procesu: 225c Godzina rozpoczęcia: 01d404c43da30b3c Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files\Bitdefender Home Scanner\hvaui.exe Identyfikator raportu: 07b83d8b-d5be-497c-87f0-06fecdc30810 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (06/13/2018 12:00:39 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (06/13/2018 12:00:39 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {B9106837-2ACC-493D-9D6D-7CFC2F55387C} Error: (06/13/2018 12:00:39 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: ) Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {B9106837-2ACC-493D-9D6D-7CFC2F55387C} Dziennik System: ============= Error: (06/20/2018 11:42:26 PM) (Source: DCOM) (EventID: 10016) (User: KAMIL-KOMPUTER) Description: Zgodnie z ustawieniami uprawnienia właściwe dla aplikacji nie jest udzielane uprawnienie Lokalny Aktywacja do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi KAMIL-KOMPUTER\Kamil o identyfikatorze zabezpieczeń SID (S-1-5-21-3858537117-581858840-872993733-1001) z adresu LocalHost (użycie LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Niedostępny (Niedostępny). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (06/20/2018 11:41:48 PM) (Source: VBoxNetLwf) (EventID: 12) (User: ) Description: Sterownik wykrył błąd wewnętrzny sterownika na \Device\VBoxNetLwf. Error: (06/20/2018 11:41:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa NcaSvc zależy od usługi iphlpsvc, której nie można uruchomić z powodu następującego błędu: Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia. Error: (06/20/2018 11:41:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi luafv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika Error: (06/20/2018 11:41:30 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 19:35:52 na ‎20.‎06.‎2018 było nieoczekiwane. Error: (06/20/2018 11:41:23 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: ZARZĄDZANIE NT) Description: 3221225684Wystąpił błąd krytyczny podczas przetwarzania danych przywracania. Error: (06/20/2018 07:35:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa NcaSvc zależy od usługi iphlpsvc, której nie można uruchomić z powodu następującego błędu: Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia. Error: (06/20/2018 07:35:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi luafv z powodu następującego błędu: Nastąpiło zablokowanie ładowania sterownika CodeIntegrity: =================================== Date: 2018-06-17 14:08:38.774 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2018-06-16 13:31:19.338 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz Procent pamięci w użyciu: 33% Całkowita pamięć fizyczna: 8088.11 MB Dostępna pamięć fizyczna: 5382.82 MB Całkowita pamięć wirtualna: 10008.11 MB Dostępna pamięć wirtualna: 6459.48 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:111.19 GB) (Free:86.98 GB) NTFS Drive d: (Gry) (Fixed) (Total:440.3 GB) (Free:384.24 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive f: (Multimedia i Dane) (Fixed) (Total:360.21 GB) (Free:211.48 GB) NTFS Drive g: (Kopia Zapasowa) (Fixed) (Total:131 GB) (Free:34.31 GB) NTFS \\?\Volume{04e45409-4c9c-48b4-8540-c6eabeab2a5c}\ (Odzyskiwanie) (Fixed) (Total:0.49 GB) (Free:0.12 GB) NTFS \\?\Volume{3bb0b8dc-afa7-4a6c-a13e-8d5c175556df}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 111.8 GB) (Disk ID: 6C4AB031) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: FF18B807) Partition 1: (Active) - (Size=440.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=360.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=131 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================