Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 14.03.2018 Uruchomiony przez Jakub (19-03-2018 09:45:22) Uruchomiony z E:\pobrane Windows 7 Ultimate Service Pack 1 (X64) (2017-02-15 12:49:23) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2732520356-73097215-1946196653-500 - Administrator - Disabled) Gość (S-1-5-21-2732520356-73097215-1946196653-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2732520356-73097215-1946196653-1004 - Limited - Enabled) Jakub (S-1-5-21-2732520356-73097215-1946196653-1000 - Administrator - Enabled) => C:\Users\Jakub ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-2732520356-73097215-1946196653-1000\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.) ActivePython 3.5.3 Build 3505 (64-bit) (HKLM\...\{FC0D874A-836C-44FC-983B-05FB2BB5C907}) (Version: 3.5.3505 - ActiveState Software Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated) Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.113 - Adobe Systems Incorporated) Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated) Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros) Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.1.0805 - Atheros) Atom (HKU\S-1-5-21-2732520356-73097215-1946196653-1000\...\atom) (Version: 1.24.0 - GitHub Inc.) BitTorrent (HKLM-x32\...\BitTorrent) (Version: 6.4.0 - ) BitTorrent (HKU\S-1-5-21-2732520356-73097215-1946196653-1000\...\BitTorrent) (Version: 7.9.1.31141 - BitTorrent Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform) CodeBlocks (HKU\S-1-5-21-2732520356-73097215-1946196653-1000\...\CodeBlocks) (Version: 17.12 - The Code::Blocks Team) COMODO Antivirus (HKLM\...\{DAC390BA-1387-4DF8-A9BC-683E81E77E86}) (Version: 10.1.0.6476 - COMODO Security Solutions Inc.) Hidden Dark Souls Prepare to Die Edition (HKLM-x32\...\{4E4D0FA1-6B85-4824-88FC-051000038201}) (Version: 1.0.0003.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden Dark Souls Prepare to Die Edition (HKLM-x32\...\{4E4D0FA1-6B85-4824-88FC-051000038202}) (Version: 1.0.0003.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden Debugging Tools for Windows (x86) (HKLM-x32\...\{83DD27C9-CDC2-489A-87FA-8622C1F8F8EC}) (Version: 6.11.1.402 - Microsoft Corporation) EaseUS Partition Master 12.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) FocalFilter (HKLM-x32\...\{78156F61-016D-402A-9EF9-C2AA253DB22A}) (Version: 0.9.00 - FocalFilter) Git version 2.15.1.2 (HKLM\...\Git_is1) (Version: 2.15.1.2 - The Git Development Community) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.) Google Drive (HKLM-x32\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.292 - SurfRight B.V.) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org) IntelliJ IDEA Community Edition 2017.1.2 (HKLM-x32\...\IntelliJ IDEA Community Edition 2017.1.2) (Version: 171.4249.39 - JetBrains s.r.o.) Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.2.424651.94 - Comodo) Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) Java SE Development Kit 8 Update 121 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180121}) (Version: 8.0.1210.13 - Oracle Corporation) Java SE Development Kit 8 Update 131 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180131}) (Version: 8.0.1310.11 - Oracle Corporation) Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.00081 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft Visual C# 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C# 2010 Express - ENU) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation) MiniTool Partition Wizard Free 10.2.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) Mozilla Firefox 59.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.1 (x64 en-US)) (Version: 59.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.1.6648 - Mozilla) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.4.2 - Notepad++ Team) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation) Oprogramowanie mikroukładu Intel® (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden Panel sterowania NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden PhotoFiltre (HKU\S-1-5-21-2732520356-73097215-1946196653-1000\...\PhotoFiltre) (Version: - ) PowerISO (HKLM-x32\...\PowerISO) (Version: 6.9 - Power Software Ltd) Produkt Microsoft Office Enterprise 2007 w wersji próbnej (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) PyScripter 3.2.2 (HKLM-x32\...\PyScripter_is1) (Version: 3.2.2 - PyScripter) Python 3.4 pygame-1.9.2a0 (64-bit) (HKLM\...\pygame-py3.4) (Version: - ) Python 3.4.4 (64-bit) (HKLM\...\{56ebf7cf-f2b2-30ed-9de5-307fc2ce3449}) (Version: 3.4.4150 - Python Software Foundation) Python 3.6.3 (Anaconda3 5.0.1 64-bit) (HKLM\...\Python 3.6.3 (Anaconda3 5.0.1 64-bit)) (Version: 5.0.1 - Anaconda, Inc.) Python Launcher (HKLM-x32\...\{C093353B-F9EE-4A06-923D-C1B340B82886}) (Version: 3.6.6119.0 - Python Software Foundation) Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7464 - Realtek Semiconductor Corp.) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.125 - NVIDIA Corporation) Hidden Smart-X7 7.80 (HKLM\...\WheelMouse) (Version: - ) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated) Ultimate Mortal Kombat 3 (HKLM-x32\...\Ultimate Mortal Kombat 3_is1) (Version: - GameFabrique) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation) vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden WebCam SCB-0350M (HKLM-x32\...\{897D8A5A-19CD-429D-9EA6-4FE5DB94C594}) (Version: 6.2.6.2.100715 - MCNEX) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google) ShellIconOverlayIdentifiers-x32-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => E:\MO\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32-x32-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => E:\MO\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32-x32-x32-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => E:\MO\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32-x32-x32-x32-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => E:\MO\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32-x32-x32-x32-x32-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => E:\MO\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => E:\Notepad++\NppShell_06.dll [2017-06-18] () ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => -> Brak pliku ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google) ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-07-05] (Power Software Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\WINRAR\rarext64.dll [2009-06-02] () ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\WINRAR\rarext.dll [2009-08-16] () ContextMenuHandlers1-x32-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => E:\MO\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => -> Brak pliku ContextMenuHandlers3-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => E:\MO\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-07-05] (Power Software Ltd) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\WINRAR\rarext64.dll [2009-06-02] () ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\WINRAR\rarext.dll [2009-08-16] () ContextMenuHandlers4-x32-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => E:\MO\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation) ContextMenuHandlers5-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => E:\MO\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => -> Brak pliku ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-07-05] (Power Software Ltd) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\WINRAR\rarext64.dll [2009-06-02] () ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\WINRAR\rarext.dll [2009-08-16] () ContextMenuHandlers6-x32-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => E:\MO\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {29C547F3-154D-4D31-8784-770E61B9B555} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd) Task: {36307155-2E23-4BF4-A0AE-2029C989CC90} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_Plugin.exe [2018-03-13] (Adobe Systems Incorporated) Task: {37E843A0-8286-4F06-BD47-7C856F398FE2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-25] (Google Inc.) Task: {8334E82D-A10A-4F4D-BB5D-4F4ABF94FE80} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated) Task: {99B9CAA8-EC1F-44A9-B74A-08A751FA78DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-25] (Google Inc.) Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe Task: {A36B5276-56B3-4847-A45B-3AD2C46007CD} - System32\Tasks\{F4C7BB8F-8532-4E02-9318-E5397280DAA0} => C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe Task: {A6F35063-B7F8-425D-B314-28A0A1425554} - System32\Tasks\{DFC47419-401D-4C54-8C5B-44DB427930E6} => C:\Users\Jakub\Downloads\vs_community__1050793505.1521409194.exe [2018-03-18] (Microsoft Corporation) Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe Task: {D8C3989C-64C7-41DA-A4DF-9D30FBA3B3E6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-14] (Adobe Systems Incorporated) Task: {E30A499C-1BE4-4B14-A5FC-1D1CE340E300} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_pepper.exe [2018-03-14] (Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\Public\Desktop\nasm.lnk -> E:\GROMACS\NASM\nasmpath.bat () ShortcutWithArgument: C:\Users\Jakub\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData ==================== Załadowane moduły (filtrowane) ============== 2017-02-15 12:31 - 2016-11-14 12:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-01-28 20:53 - 2016-11-14 13:30 - 000367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2017-01-28 20:53 - 2016-11-14 13:30 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2017-01-28 20:53 - 2016-11-14 13:30 - 003611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2017-01-28 20:53 - 2016-11-14 13:30 - 000288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2017-02-17 22:10 - 2017-02-17 22:10 - 000075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2017-01-28 20:53 - 2016-11-14 13:30 - 002665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2017-01-28 20:53 - 2016-11-14 13:30 - 001988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2017-01-28 20:53 - 2016-11-14 13:30 - 001840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2017-01-28 20:53 - 2016-11-14 13:30 - 000207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2017-01-28 20:53 - 2016-11-14 13:30 - 000034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2017-01-28 20:53 - 2016-11-14 13:30 - 000920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2017-01-28 20:55 - 2000-01-01 01:00 - 000196608 _____ () C:\Program Files\Mouse\Amoumain.exe 2015-10-19 21:00 - 2015-10-19 21:00 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2017-01-28 20:53 - 2016-11-14 13:30 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\autoexec.bat:$CmdTcID [64] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\40641849.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\40641849.sys => ""="Driver" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2018-03-18 22:08 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2732520356-73097215-1946196653-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 149.156.67.233 - 149.156.89.30 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\Services: ChromodoUpdater => 2 MSCONFIG\Services: TrueKey => 2 MSCONFIG\Services: TrueKeyScheduler => 2 MSCONFIG\Services: wuauserv => 2 MSCONFIG\startupreg: Avira System Speedup User Starter => "C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe" MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: DAEMON Tools Lite => "E:\Nowy folder (4)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: Steam => "E:\Steam\steam.exe" -silent ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{AADF4C29-2C66-454E-9EE9-61F13DB7A560}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F847A3C2-C2FB-443B-A689-B8F7E53049E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{6E4497D8-F68B-4E67-8686-359974064C1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{7A75555B-06E7-47F3-A3BD-49C136087F18}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{200DFB0D-E024-4A89-8E0D-D8E6804836CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [UDP Query User{3222F141-4988-4F0E-ADFE-C9AFE96DCDC7}C:\users\jakub\desktop\imagej\imagej.exe] => (Allow) C:\users\jakub\desktop\imagej\imagej.exe FirewallRules: [TCP Query User{9E63065D-6917-414C-9800-FF71539FD7DE}C:\users\jakub\desktop\imagej\imagej.exe] => (Allow) C:\users\jakub\desktop\imagej\imagej.exe FirewallRules: [{F8E300BD-1ECB-4208-8F23-6D976B6F7663}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{48B4D3E7-250F-4E08-BEEA-0B7D4DE2048C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{155DF7F2-0084-40A4-BDB6-AD9B166A3476}] => (Allow) C:\Users\Jakub\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{30446CE2-9489-4E9E-8044-96EB9FE97132}] => (Allow) C:\Users\Jakub\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E0D39105-D202-493C-9A1F-E98C679795B4}] => (Allow) C:\Users\Jakub\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E6CFE1F5-77E5-4F3D-8702-C8CC55A221A4}] => (Allow) C:\Users\Jakub\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0AC43D89-1C33-4AC5-91DD-FFEA81E691F8}] => (Allow) C:\Users\Jakub\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2016B344-C7F4-4990-9B53-338A089FF7C0}] => (Allow) C:\Users\Jakub\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B03D5ED4-C316-4A55-82D0-E7A0899C773F}] => (Allow) C:\Windows\system32\rundll32.exe FirewallRules: [{E42904A2-11AB-4F90-8860-7754002FD0D9}] => (Allow) C:\Windows\explorer.exe FirewallRules: [UDP Query User{D2395D1B-EF61-442B-B5D9-F544AF9B75C1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{5A5CA1FC-C158-4F7B-9394-2C43F8F72039}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{DE59F89C-6783-4F00-BBD9-22F7F3FD8816}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E6D59EE1-5CE2-413D-AEFD-A0AC5625558A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B599622E-9BCE-41C7-8A8E-2FECF9C11FE3}] => (Allow) E:\MO\Office12\ONENOTE.EXE FirewallRules: [{285011C9-2EB0-4D68-915B-5781EC2CD5B3}] => (Allow) E:\MO\Office12\ONENOTE.EXE FirewallRules: [{AABF888F-FCB3-4383-8905-C028C0820114}] => (Allow) E:\MO\Office12\GROOVE.EXE FirewallRules: [{D2A8F4A0-D1E9-430E-AB64-227A60CAA90F}] => (Allow) E:\MO\Office12\GROOVE.EXE FirewallRules: [{E449D1CA-87EE-4C54-97EF-6318135D51DF}] => (Allow) E:\MO\Office12\outlook.exe FirewallRules: [{9CDD2B39-6C8E-413F-BE18-CF4DD884576E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{336CB6B2-0B01-47DB-860D-992D8D3B9D39}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{903D219D-1940-4B4F-9E90-B2B10840C803}] => (Allow) E:\Bit torrent\BitTorrent.exe FirewallRules: [{9035ADB7-794D-4982-9F91-853389FBC2BE}] => (Allow) E:\Bit torrent\BitTorrent.exe FirewallRules: [{0BD411DA-464C-4C5E-B16A-57FD5B564281}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{5E6C931F-E20A-4366-9D6C-ED660ED0FD78}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{AC112D78-A406-48FB-AB42-B6D7CE27E5B2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{50064ECD-6CD3-4307-A1DC-FD9130E6E917}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{A002474F-B85A-493F-B7DB-E6815BA80769}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{AF915C5C-5614-46C6-9428-DC67E2279402}] => (Allow) C:\Windows\rss\csrss.exe FirewallRules: [{393A477A-56D1-458B-B27E-A64AAE56D9E8}] => (Allow) C:\Users\Jakub\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe FirewallRules: [{12290FE5-7DE9-46C1-818C-70A7C4F98D78}] => (Allow) C:\Windows\rss\csrss.exe FirewallRules: [{612A8EB6-A49C-44A4-B991-E21AA0457C6B}] => (Allow) C:\Users\Jakub\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe ==================== Punkty Przywracania systemu ========================= 17-03-2018 16:02:40 Restore Point Created by FRST 17-03-2018 16:35:08 Restore Point Created by FRST 18-03-2018 22:50:29 Removing COMODO Client - Security 19-03-2018 09:30:12 Punkt przywracania utworzony przez HitmanPro 19-03-2018 09:31:30 Punkt przywracania utworzony przez HitmanPro ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: WinmonProcessMonitor Description: WinmonProcessMonitor Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: WinmonProcessMonitor Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (03/19/2018 09:35:35 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (03/19/2018 09:31:47 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x0000017c,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,00000000005EF050.72). hr = 0x80070005, Odmowa dostępu. . Error: (03/19/2018 09:31:47 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x00000a4c,(null),0,REG_BINARY,0000000005A5E160.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {cd3f2362-8bef-46c7-9181-d62844cdc0b2} Nazwa modułu zapisującego: MSSearch Service Writer Identyfikator wystąpienia modułu zapisującego: {886ffd92-db7f-4511-bca1-3edd88bc389c} Error: (03/19/2018 09:31:47 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x00000a4c,(null),0,REG_BINARY,0000000005A5E160.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {cd3f2362-8bef-46c7-9181-d62844cdc0b2} Nazwa modułu zapisującego: MSSearch Service Writer Identyfikator wystąpienia modułu zapisującego: {886ffd92-db7f-4511-bca1-3edd88bc389c} Error: (03/19/2018 09:31:47 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x000001b4,(null),0,REG_BINARY,0000000001BDF2F0.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {542da469-d3e1-473c-9f4f-7847f01fc64f} Nazwa modułu zapisującego: COM+ REGDB Writer Identyfikator wystąpienia modułu zapisującego: {a8355786-8221-4b00-9b50-ea5d76c16a6c} Error: (03/19/2018 09:31:47 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x00000990,(null),0,REG_BINARY,0000000000E1E320.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} Nazwa modułu zapisującego: WMI Writer Identyfikator wystąpienia modułu zapisującego: {b4137a3e-2acf-4ff6-bf8e-93da574256d8} Error: (03/19/2018 09:31:47 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x000001f0,(null),0,REG_BINARY,000000000206E940.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Nazwa modułu zapisującego: Shadow Copy Optimization Writer Identyfikator wystąpienia modułu zapisującego: {223a248e-ddb5-44f2-8d03-d11d5c44efbd} Error: (03/19/2018 09:31:47 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury RegSetValueExW(0x0000019c,(null),0,REG_BINARY,00000000012FEEC0.72). hr = 0x80070005, Odmowa dostępu. . Operacja: Zdarzenie BackupShutdown Kontekst: Kontekst wykonywania: Writer Identyfikator klasy modułu zapisującego: {afbab4a2-367d-4d15-a586-71dbb18f8485} Nazwa modułu zapisującego: Registry Writer Identyfikator wystąpienia modułu zapisującego: {3994ad9a-cf94-4a95-9c8f-02cffa33b7e9} Dziennik System: ============= Error: (03/19/2018 09:34:48 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa HitmanPro 3.8 Crusader (Boot) zakończyła działanie; wystąpił specyficzny dla niej błąd Operacja ukończona pomyślnie. . Error: (03/19/2018 09:31:58 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla DeleteFlag nie powiodło się i wystąpił następujący błąd: Odmowa dostępu. . Error: (03/19/2018 09:31:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Windows Defender Helper Service (Windows 1703 Creators Update) niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (03/18/2018 10:06:05 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (03/18/2018 10:05:54 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (03/18/2018 10:04:54 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (03/18/2018 10:00:33 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (03/18/2018 09:51:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa COMODO Dragon Update Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. CodeIntegrity: =================================== Date: 2017-11-14 11:21:24.900 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-11-14 11:21:24.860 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-11-14 11:08:58.314 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-11-14 11:08:58.283 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-11-13 20:50:42.385 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-11-13 20:50:42.345 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-11-13 20:42:23.071 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. Date: 2017-11-13 20:42:23.040 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz Procent pamięci w użyciu: 67% Całkowita pamięć fizyczna: 3956.55 MB Dostępna pamięć fizyczna: 1305.4 MB Całkowita pamięć wirtualna: 7911.31 MB Dostępna pamięć wirtualna: 4594.3 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:75.04 GB) (Free:26.48 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: () (Fixed) (Total:7.57 GB) (Free:3.86 GB) NTFS Drive e: () (Fixed) (Total:162.26 GB) (Free:114.77 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: CC5F9E61) Partition 1: (Not Active) - (Size=15 GB) - (Type=0F Extended) Partition 2: (Active) - (Size=75 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=162.3 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=45.8 GB) - (Type=83) ==================== Koniec Addition.txt ============================