Reklamy w przeglądarce (crazy score)

**Posty:** 540 · przez **Lijke** 09 Lip 2015, 14:59

Witam prosze o pomoc jesli chodzi o tego adware.
Logi
Frst:

Kod: Zaznacz wszystko: Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015 Ran by admin at 2015-07-09 14:57:41 Running from C:\Users\admin\Downloads\NIC SIE SAMO NIE ROBi Boot Mode: Normal ========================================================== ==================== Accounts: ============================= admin (S-1-5-21-1674356486-2927941450-4013765211-1000 - Administrator - Enabled) => C:\Users\admin Administrator (S-1-5-21-1674356486-2927941450-4013765211-500 - Administrator - Disabled) Gość (S-1-5-21-1674356486-2927941450-4013765211-501 - Limited - Disabled) Konto domyślne (S-1-5-21-1674356486-2927941450-4013765211-503 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Aktualizacje NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden ChomikBox (HKLM-x32\...\{C7B52FAF-58D8-438C-B810-F78C3C927504}) (Version: 2.0.8.0 - Chomikuj.pl) foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.) Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation) NVIDIA Sterownik graficzny 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) Panel sterowania NVIDIA 341.44 (Version: 341.44 - NVIDIA Corporation) Hidden Prototype 2 (HKLM-x32\...\{4EE3D513-A497-4378-B840-654802EF3179}) (Version: 1.00 - Activision) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7520 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games) SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden Star Wars: The Force Unleashed 2 (HKLM-x32\...\Star Wars: The Force Unleashed 2_is1) (Version: 1.0 - LucasArts) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Tibia (HKLM-x32\...\Tibia_is1) (Version: 10.78 - CipSoft GmbH) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1674356486-2927941450-4013765211-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1674356486-2927941450-4013765211-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1674356486-2927941450-4013765211-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1674356486-2927941450-4013765211-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1674356486-2927941450-4013765211-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1674356486-2927941450-4013765211-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1674356486-2927941450-4013765211-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1674356486-2927941450-4013765211-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 22-06-2015 19:12:13 Instalator modułów systemu Windows 26-06-2015 18:49:46 Windows Update 05-07-2015 15:50:12 Zaplanowany punkt kontrolny ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-03-14 10:58 - 2015-03-14 10:57 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {04ED3330-3EB1-43DD-BBC2-93103329A5B8} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager Task: {055E526F-FFD7-49EC-9138-9D211D983109} - System32\Tasks\GoogleUpdateTaskMachineCore1d0918e5ceac400 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-15] (Google Inc.) Task: {06DF162E-0B5D-4764-98B7-9362521C4A6F} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync Task: {0AB1B324-2C7F-4150-A8BE-A48DC12AE42E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-15] (Google Inc.) Task: {0CCF7DDD-9D6A-4E6D-AA15-B4D766629037} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe Task: {10B1C2D6-1CD5-4CCF-A994-35821A91F0EE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-05-23] (Microsoft Corporation) Task: {18D0F2BD-BAF5-47D6-8098-002EBCC783D1} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-05-23] (Microsoft Corporation) Task: {24F2D6F4-3A1E-47CB-A0E6-C147DE2FC236} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_WnfDisplay => C:\windows\system32\MusNotification.exe [2015-05-23] (Microsoft Corporation) Task: {443A83F1-2DF5-4F25-8A22-D5D593E38233} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask Task: {45ACCC6F-2AD4-41A4-B131-9AC501A6DF6E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-05-23] (Microsoft Corporation) Task: {4C164B03-7B8A-421D-94BF-F5D8E513A9F0} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation Task: {4C3E505D-6508-4E6D-9005-51A5D293C66A} - System32\Tasks\Microsoft\Windows\ContextManager\Triggers => C:\Windows\system32\ContextManagerNotificationHandler.exe Task: {4E2A7B43-C69E-47B3-AEA3-41544CFF8853} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-05-23] (Microsoft Corporation) Task: {50AF3B80-DE41-44A3-9A8A-8228DA89A60C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-05-23] (Microsoft Corporation) Task: {55B68377-F2FD-48B4-A4EF-6A0D7C806053} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation Task: {56B3251F-914D-4123-8086-066D6BC3E9C6} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-05-23] (Microsoft Corporation) Task: {5ACAB365-3176-4648-8FAF-B25C3060DDCA} - System32\Tasks\Microsoft\Windows\ContextManager\Logon => C:\Windows\system32\ContextManagerNotificationHandler.exe Task: {5EA31CC1-87D3-4F43-BB1C-0E8629D035D7} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update Task: {6568C3EC-1BAC-43E7-A729-E248F3923993} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_WnfDisplay => C:\windows\system32\MusNotification.exe [2015-05-23] (Microsoft Corporation) Task: {66F21DF6-6B01-4CB4-AB84-BCF23B719C25} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr Task: {74CC6467-EEFD-403B-BE71-CFF34A7C7831} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask Task: {76E7FAF0-0357-4EA0-B2C2-22855D1D959B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_RebootDisplay => C:\windows\system32\MusNotification.exe [2015-05-23] (Microsoft Corporation) Task: {82B68E5D-FE3D-468C-868E-C10A19D8DE0F} - System32\Tasks\SpeechRuntimeTask => C:\Windows\system32\speech_onecore\common\SpeechRuntime.exe [2015-05-23] (Microsoft Corporation) Task: {83D05B5D-B15E-4EFB-BFB5-ED15010DE236} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW Task: {85A59BB9-A59D-4DBC-8B07-0412B43B1779} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-05-23] (Microsoft Corporation) Task: {9097A2AE-394C-4091-82D1-5F5ED4FFAC3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-15] (Google Inc.) Task: {98A3C3F1-A3A8-4A93-B228-0D60C3D1AECD} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\HypervisorFlightingTask Task: {9CEE10BF-8E16-47C6-8250-CD07A35EB854} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-05-23] (Microsoft Corporation) Task: {9E5C6E1E-C4BB-4490-8F16-9493A14ACFB7} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-05-23] (Microsoft Corporation) Task: {A17B22B4-8196-4B9A-8001-899CF8478CF8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Battery Saver Deferred Install => C:\Windows\system32\usoclient.exe [2015-05-23] (Microsoft Corporation) Task: {A244FF79-8619-437F-A180-FB01B8460504} - System32\Tasks\Microsoft\Windows\User Data Service\Unistore Logon => C:\Windows\System32\UnistackSvcWrapper.exe Task: {A9EB41F5-CB86-4FBA-BA8B-E861A38F7DF6} - System32\Tasks\Microsoft\Windows\Service Configuration\ConfigurationClient Task: {AA63ADDA-E139-4DEA-AE20-4755DB620279} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {B84ABE2C-DC48-49F4-B4A2-AD009AD66AF0} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-05-23] (Microsoft Corporation) Task: {BB85C9C3-F02D-494A-861D-8BEB429C1DE2} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask Task: {C8A23626-DD41-41B0-A459-63AF15ABC8AE} - System32\Tasks\Microsoft\Windows\NetworkDriverPlatform\TelemetryGatherer => C:\Windows\system32\NetCfgDiagnostics.exe Task: {D0150D0C-6C10-4B10-AA5A-3A09C2DAF69A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-27] (Microsoft Corporation) Task: {D135AF91-8E42-43B1-B6E5-3A1F018534EA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2015-05-23] (Microsoft Corporation) Task: {E6D38B40-295E-483A-82CA-47E373DBB7F3} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask Task: {F315E8A5-1FE8-4449-9661-86407743913C} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-06-15] (Microsoft Corporation) Task: {F5EC5CF7-D5CA-443E-B85D-141AFE21D8AF} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-05-23] (Microsoft Corporation) Task: {FA5667F0-8F5D-456C-927F-A764E046F469} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-05-23] (Microsoft Corporation) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0918e5ceac400.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-05-23 14:55 - 2015-05-23 14:55 - 00030720 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-06-15 17:35 - 2015-02-04 04:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-05-23 14:53 - 2015-05-23 14:53 - 00433664 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-05-23 14:55 - 2015-05-23 14:55 - 02223160 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-05-23 14:55 - 2015-05-23 14:55 - 02223160 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-05-23 14:52 - 2015-05-23 14:52 - 07246336 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\StartUI.dll 2015-05-23 14:52 - 2015-05-23 14:52 - 02246144 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.ActionCenter.dll 2015-05-23 14:52 - 2015-05-23 14:52 - 00642560 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\BatteryFlyoutExperience.dll 2015-05-23 14:52 - 2015-05-23 14:52 - 00451072 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ClockFlyoutExperience.dll 2015-05-23 14:52 - 2015-05-23 14:52 - 02533376 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\DevicesFlowUI.dll 2015-05-23 14:52 - 2015-05-23 14:52 - 01003520 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\JumpViewUI.dll 2015-05-23 14:52 - 2015-05-23 14:52 - 00627712 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll 2015-05-23 14:52 - 2015-05-23 14:52 - 01271808 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\NetworkUX.dll 2015-05-23 14:52 - 2015-05-23 14:52 - 00331776 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-05-23 14:52 - 2015-05-23 14:52 - 00952320 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickConnectUI.dll 2015-05-23 14:59 - 2015-05-23 20:02 - 07081960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 2015-05-23 14:59 - 2015-05-23 20:02 - 00351744 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-05-23 14:59 - 2015-05-23 20:02 - 05542912 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-07-08 15:16 - 2015-07-07 05:49 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libglesv2.dll 2015-07-08 15:16 - 2015-07-07 05:49 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\libegl.dll 2015-07-08 15:16 - 2015-07-07 05:49 - 16285512 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.132\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1674356486-2927941450-4013765211-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [UDP Query User{1DA79775-8C71-41DB-9968-312D8C20B158}D:\maxpayne3.exe] => (Allow) D:\maxpayne3.exe FirewallRules: [TCP Query User{8C04762D-F464-4180-8E95-66B88BAAC7BA}D:\maxpayne3.exe] => (Allow) D:\maxpayne3.exe FirewallRules: [{4FB9421B-E371-4E1B-AAF8-6B344E5BBE32}] => (Allow) D:\PlayMaxPayne3.exe FirewallRules: [{47B2677C-2363-4220-A108-2A4DF5AA0FE8}] => (Allow) D:\PlayMaxPayne3.exe FirewallRules: [{6BAFCA36-4C01-45DD-9CD7-5A2267AF3E4B}] => (Allow) D:\Star Wars The Force Unleashed 2\SWTFU2.exe FirewallRules: [{2F663E86-7FB4-4765-A37A-B1AE4A15F122}] => (Allow) D:\Star Wars The Force Unleashed 2\SWTFU2.exe FirewallRules: [{9E7072C7-3541-4777-9AB8-7E09BF4E99D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{03A5DA9C-D0E1-4780-8A9A-1C1834AD92B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{5BC1D526-39A7-4BC7-9038-10356A1557A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{0C402F4C-D7D5-4C30-8BCC-D90D14651CFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{734ADEE1-6D11-432A-9332-DD5521DAF8FA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{0A5961AE-E970-4FB0-ACAE-44ED18D8C3AD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{25578DBE-F5B9-4E9F-9716-D52CD1EDF9A2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Serwer proxy usługi Microsoft Streaming Description: Serwer proxy usługi Microsoft Streaming Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: MSKSSRV Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Urządzenie pamięci masowej USB Description: Urządzenie pamięci masowej USB Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Zgodne urządzenie magazynujące USB Service: USBSTOR Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Standardowy monitor PnP Description: Standardowy monitor PnP Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318} Manufacturer: (Standardowe typy monitorów) Service: monitor Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Rodzajowa kopia w tle woluminów Description: Rodzajowa kopia w tle woluminów Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf} Manufacturer: Microsoft Service: Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Wolumin uniwersalny Description: Wolumin uniwersalny Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: volsnap Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Kingston DT 100 G2 USB Device Description: Stacja dysków Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318} Manufacturer: (Standardowe stacje dysków) Service: disk Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Sterownik woluminu systemu plików WPD Description: Sterownik woluminu systemu plików WPD Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Microsoft Service: WUDFWpdFs Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Urządzenie pamięci masowej USB Description: Urządzenie pamięci masowej USB Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Zgodne urządzenie magazynujące USB Service: USBSTOR Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Microsoft Device Association Root Enumerator Description: Ogólne urządzenie programowe Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2} Manufacturer: Microsoft Service: Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming Description: Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: MSTEE Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Wolumin uniwersalny Description: Wolumin uniwersalny Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: volsnap Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Zaufane sterowniki dźwięku firmy Microsoft Description: Zaufane sterowniki dźwięku firmy Microsoft Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: drmkaud Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Nowy Description: SAMSUNG HD503HI Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Microsoft Service: WUDFWpdFs Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: KINGSTON Description: DT 100 G2 Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Kingston Service: WUDFWpdFs Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Serwer proxy menedżera jakości Microsoft Streaming Description: Serwer proxy menedżera jakości Microsoft Streaming Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: MSPQM Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Kingston DT 100 G2 USB Device Description: Stacja dysków Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318} Manufacturer: (Standardowe stacje dysków) Service: disk Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Wolumin uniwersalny Description: Wolumin uniwersalny Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: volsnap Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: NVIDIA HDMI Out (NVIDIA Virtual Audio Device (Wave Extensible) (WDM)) Description: Punkt końcowy audio Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e} Manufacturer: Microsoft Service: Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Serwer proxy zegara Microsoft Streaming Description: Serwer proxy zegara Microsoft Streaming Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: MSPCLOCK Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Wolumin uniwersalny Description: Wolumin uniwersalny Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: volsnap Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Wolumin uniwersalny Description: Wolumin uniwersalny Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: volsnap Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. Name: Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming Description: Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: MSTEE Problem: : Currently, this hardware device is not connected to the computer. (Code 45). Resolution: The device is not present or was previously attached to the computer. To fix this problem, reconnect this hardware device to the computer. If Device Manager is started with the environment variable DEVMGR_SHOW_NONPRESENT_DEVICES set to 1 (which means show these devices), then any previously attached (NONPRESENT) devices are displayed in the device list and assigned this error code. ==================== Event log errors: ========================= Application errors: ================== Error: (07/08/2015 10:46:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: svchost.exe_DiagTrack, wersja: 10.0.10130.0, sygnatura czasowa: 0x556034d6 Nazwa modułu powodującego błąd: diagtrack.dll, wersja: 10.0.10130.0, sygnatura czasowa: 0x5560351d Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000005938c Identyfikator procesu powodującego błąd: 0x610 Godzina uruchomienia aplikacji powodującej błąd: 0xsvchost.exe_DiagTrack0 Ścieżka aplikacji powodującej błąd: svchost.exe_DiagTrack1 Ścieżka modułu powodującego błąd: svchost.exe_DiagTrack2 Identyfikator raportu: svchost.exe_DiagTrack3 Pełna nazwa pakietu powodującego błąd: svchost.exe_DiagTrack4 Identyfikator aplikacji względem pakietu powodującego błąd: svchost.exe_DiagTrack5 Error: (07/08/2015 08:45:53 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (6920) Nie można utworzyć nowego pliku dziennika, ponieważ baza danych nie może dokonać zapisu na dysku dziennika. Dysk może być tylko do odczytu, zapełniony, niewłaściwie skonfigurowany lub uszkodzony. Błąd -1032. Error: (07/08/2015 08:45:53 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (6920) Próba utworzenia pliku „C:\WINDOWS\system32\edbtmp.log” zakończyła się niepomyślnie z błędem systemowym 5 (0x00000005): „Odmowa dostępu. ”. Operacja tworzenia pliku zostanie zakończona z błędem -1032 (0xfffffbf8). Error: (07/08/2015 08:45:43 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (6920) Nie można utworzyć nowego pliku dziennika, ponieważ baza danych nie może dokonać zapisu na dysku dziennika. Dysk może być tylko do odczytu, zapełniony, niewłaściwie skonfigurowany lub uszkodzony. Błąd -1032. Error: (07/08/2015 08:45:43 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (6920) Próba utworzenia pliku „C:\WINDOWS\system32\edbtmp.log” zakończyła się niepomyślnie z błędem systemowym 5 (0x00000005): „Odmowa dostępu. ”. Operacja tworzenia pliku zostanie zakończona z błędem -1032 (0xfffffbf8). Error: (07/08/2015 08:45:33 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (6920) Nie można utworzyć nowego pliku dziennika, ponieważ baza danych nie może dokonać zapisu na dysku dziennika. Dysk może być tylko do odczytu, zapełniony, niewłaściwie skonfigurowany lub uszkodzony. Błąd -1032. Error: (07/08/2015 08:45:33 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (6920) Próba utworzenia pliku „C:\WINDOWS\system32\edbtmp.log” zakończyła się niepomyślnie z błędem systemowym 5 (0x00000005): „Odmowa dostępu. ”. Operacja tworzenia pliku zostanie zakończona z błędem -1032 (0xfffffbf8). Error: (07/08/2015 08:45:22 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (6920) Nie można utworzyć nowego pliku dziennika, ponieważ baza danych nie może dokonać zapisu na dysku dziennika. Dysk może być tylko do odczytu, zapełniony, niewłaściwie skonfigurowany lub uszkodzony. Błąd -1032. Error: (07/08/2015 08:45:22 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (6920) Próba utworzenia pliku „C:\WINDOWS\system32\edbtmp.log” zakończyła się niepomyślnie z błędem systemowym 5 (0x00000005): „Odmowa dostępu. ”. Operacja tworzenia pliku zostanie zakończona z błędem -1032 (0xfffffbf8). Error: (07/08/2015 08:45:12 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (6920) Nie można utworzyć nowego pliku dziennika, ponieważ baza danych nie może dokonać zapisu na dysku dziennika. Dysk może być tylko do odczytu, zapełniony, niewłaściwie skonfigurowany lub uszkodzony. Błąd -1032. System errors: ============= Error: (07/09/2015 02:45:40 PM) (Source: DCOM) (EventID: 10010) (User: WIN-TD3C6NNF95L) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (07/09/2015 02:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Dostęp do danych użytkownika_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (07/09/2015 02:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Magazyn danych użytkownika_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (07/09/2015 02:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Dane kontaktowe_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (07/09/2015 02:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Synchronizuj hosta_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (07/09/2015 02:44:53 PM) (Source: DCOM) (EventID: 10010) (User: WIN-TD3C6NNF95L) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (07/09/2015 02:44:53 PM) (Source: DCOM) (EventID: 10010) (User: WIN-TD3C6NNF95L) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (07/09/2015 02:44:48 PM) (Source: DCOM) (EventID: 10010) (User: WIN-TD3C6NNF95L) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (07/09/2015 02:44:48 PM) (Source: DCOM) (EventID: 10010) (User: WIN-TD3C6NNF95L) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (07/09/2015 02:44:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Dostęp do danych użytkownika_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Microsoft Office: ========================= Error: (07/08/2015 10:46:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: svchost.exe_DiagTrack10.0.10130.0556034d6diagtrack.dll10.0.10130.05560351dc0000005000000000005938c61001d0b7f179f3ee67C:\WINDOWS\System32\svchost.exec:\windows\system32\diagtrack.dll055925e1-aa61-4d08-90f3-92d730c9a90f Error: (07/08/2015 08:45:53 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost6920-1032 Error: (07/08/2015 08:45:53 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost6920C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Odmowa dostępu. Error: (07/08/2015 08:45:43 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost6920-1032 Error: (07/08/2015 08:45:43 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost6920C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Odmowa dostępu. Error: (07/08/2015 08:45:33 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost6920-1032 Error: (07/08/2015 08:45:33 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost6920C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Odmowa dostępu. Error: (07/08/2015 08:45:22 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost6920-1032 Error: (07/08/2015 08:45:22 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost6920C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Odmowa dostępu. Error: (07/08/2015 08:45:12 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost6920-1032 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz Percentage of memory in use: 68% Total physical RAM: 1975.48 MB Available physical RAM: 629.15 MB Total Virtual: 3319.48 MB Available Virtual: 1631.89 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.82 GB) (Free:171.75 GB) NTFS Drive d: (Nowy) (Fixed) (Total:232.16 GB) (Free:193.92 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7B1C65FA) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=232.2 GB) - (Type=07 NTFS) ==================== End of log ============================

Kod: Zaznacz wszystko: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015 Ran by admin (administrator) on WIN-TD3C6NNF95L on 09-07-2015 14:56:23 Running from C:\Users\admin\Downloads\NIC SIE SAMO NIE ROBi Loaded Profiles: admin (Available Profiles: admin) Platform: Windows 10 Pro Insider Preview (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser path: %SystemRoot%\system32\LaunchWinApp.exe "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\taskhostw.exe (Microsoft Corporation) C:\Windows\System32\sihost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe (Microsoft Corporation) C:\Windows\WinStore\WSHost.exe () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10130.0_none_8e7b29197ce55772\TiWorker.exe (Microsoft Corporation) C:\Windows\System32\ApplicationFrameHost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Farbar) C:\Users\admin\Downloads\NIC SIE SAMO NIE ROBi\FRST64 (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-15] (Realtek Semiconductor) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCui.exe [1318400 2015-05-23] (Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-01-16] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7738536 2015-05-23] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7738536 2015-05-23] (Microsoft Corporation) HKU\S-1-5-21-1674356486-2927941450-4013765211-1000\...\Run: [OneDrive] => C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe [382664 2015-06-16] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64\FileSyncShell64.dll [2015-06-16] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64\FileSyncShell64.dll [2015-06-16] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64\FileSyncShell64.dll [2015-06-16] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64\FileSyncShell64.dll [2015-06-16] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64\FileSyncShell64.dll [2015-06-16] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\FileSyncShell.dll [2015-06-16] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\FileSyncShell.dll [2015-06-16] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\FileSyncShell.dll [2015-06-16] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\FileSyncShell.dll [2015-06-16] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\FileSyncShell.dll [2015-06-16] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150510 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-21-1674356486-2927941450-4013765211-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/?src01=dp120150510 HKU\S-1-5-21-1674356486-2927941450-4013765211-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pl-pl/?ocid=iehp BHO-x32: Crazy Score -> {f439aa7e-a2a0-4635-99a2-164180e848ca} -> C:\Program Files (x86)\Crazy Score\Extensions\f439aa7e-a2a0-4635-99a2-164180e848ca.dll No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{1e176e90-3c9d-4c32-a700-638e8f894e8a}: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-15] CHR Extension: (Google Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-15] CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-15] CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-15] CHR Extension: (Google Search) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-15] CHR Extension: (Google Sheets) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-15] CHR Extension: (AdBlock) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-01] CHR Extension: (Google Wallet) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-15] CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-15] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AJRouter; C:\Windows\System32\AJRouter.dll [20480 2015-05-23] (Microsoft Corporation) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-05-23] (Microsoft Corporation) S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-05-23] (Microsoft Corporation) R3 ClipSVC; C:\Windows\System32\ClipSVC.dll [595736 2015-05-23] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [729936 2015-05-23] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [481280 2015-05-23] (Microsoft Corporation) S3 DcpSvc; C:\Windows\system32\dcpsvc.dll [196096 2015-05-23] (Microsoft Corporation) S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [33280 2015-05-23] (Microsoft Corporation) S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27648 2015-05-23] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [270848 2015-05-23] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [195584 2015-05-23] (Microsoft Corporation) S2 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [63488 2015-05-23] (Microsoft Corporation) R2 DoSvc; C:\Windows\system32\svchost.exe [39992 2015-05-23] (Microsoft Corporation) R2 DoSvc; C:\Windows\SysWOW64\svchost.exe [34800 2015-05-23] (Microsoft Corporation) S3 DsSvc; C:\Windows\System32\DsSvc.dll [143872 2015-05-23] (Microsoft Corporation) S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [251904 2015-05-23] (Microsoft Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-01-16] (NVIDIA Corporation) S3 icssvc; C:\Windows\System32\tetheringservice.dll [144896 2015-05-23] (Microsoft Corporation) S3 lfsvc; C:\Windows\System32\lfsvc.dll [32768 2015-05-23] (Microsoft Corporation) S3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [26112 2015-05-23] (Microsoft Corporation) R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [18944 2015-05-23] (Microsoft Corporation) S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-05-23] (Microsoft Corporation) S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [182272 2015-05-23] (Microsoft Corporation) S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [288256 2015-05-23] (Microsoft Corporation) S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [528896 2015-05-23] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-01-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-01-16] (NVIDIA Corporation) S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [670208 2015-05-23] (Microsoft Corporation) S3 RetailDemo; C:\Windows\system32\RDXService.dll [876032 2015-05-23] (Microsoft Corporation) S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1017344 2015-05-23] () S3 SensorService; C:\Windows\system32\SensorService.dll [227328 2015-05-23] (Microsoft Corporation) S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [585728 2015-05-23] (Microsoft Corporation) S3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2715648 2015-05-23] (Microsoft Corporation) S3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2055168 2015-05-23] (Microsoft Corporation) R2 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [496640 2015-05-23] (Microsoft Corporation) R2 UserManager; C:\Windows\System32\usermgr.dll [711680 2015-05-23] (Microsoft Corporation) S3 UsoSvc; C:\Windows\system32\usocore.dll [337408 2015-05-23] (Microsoft Corporation) S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [513024 2015-05-23] (Microsoft Corporation) S3 WalletSvc; C:\Windows\system32\WalletService.dll [485376 2015-05-23] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [353392 2015-05-23] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [17240 2015-05-23] (Microsoft Corporation) S3 WpnService; C:\Windows\system32\WpnService.dll [49152 2015-05-23] (Microsoft Corporation) R3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [803840 2015-05-23] (Microsoft Corporation) S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1158656 2015-05-23] (Microsoft Corporation) S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1016320 2015-05-23] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [32256 2015-05-23] (Microsoft Corporation) S3 CapImg; C:\Windows\System32\drivers\capimg.sys [116736 2015-05-23] (Microsoft Corporation) S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [39400 2015-05-23] (Microsoft Corporation) R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_000af53bbd77d2bf\CompositeBus.sys [39936 2015-05-23] (Microsoft Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3437032 2015-05-23] (QLogic Corporation) S3 fcvsc; C:\Windows\System32\drivers\fcvsc.sys [31232 2015-05-23] (Microsoft Corporation) R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [84480 2015-05-23] (Microsoft Corporation) S3 genericusbfnclass; C:\Windows\System32\drivers\genericusbfnclass.sys [20992 2015-05-23] (Microsoft Corporation) R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-05-23] (Microsoft Corporation) S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50152 2015-05-23] (Microsoft Corporation) S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424936 2015-05-23] (Mellanox) S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [28160 2015-05-23] (Microsoft Corporation) S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [104936 2015-05-23] (LSI Corporation) S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99304 2015-05-23] (Avago Technologies) S0 megasas; C:\Windows\System32\drivers\megasas.sys [59880 2015-05-23] (Avago Technologies) S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705512 2015-05-23] (Mellanox) R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [48128 2015-05-23] (Microsoft Corporation) S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76264 2015-05-23] (Mellanox) U5 NdisWan; C:\Windows\System32\Drivers\NdisWan.sys [188928 2015-05-23] (Microsoft Corporation) S3 netvsc; C:\Windows\System32\drivers\netvsc.sys [94720 2015-05-23] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-01-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) S2 OneSyncSvc; No ImagePath R2 OneSyncSvc_Session1; No ImagePath S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58344 2015-05-23] (LSI Corporation) S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [58856 2015-05-23] (Avago Technologies) S3 PimIndexMaintenanceSvc; No ImagePath R3 PimIndexMaintenanceSvc_Session1; No ImagePath S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [934888 2015-05-23] (Microsoft Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-05-23] (Realtek ) R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-05-23] (Microsoft Corporation) S0 storufs; C:\Windows\System32\drivers\storufs.sys [40424 2015-05-23] (Microsoft Corporation) R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_128fa32ed5edb85d\swenum.sys [17896 2015-05-23] (Microsoft Corporation) S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [53248 2015-05-23] (Microsoft Corporation) S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [44032 2015-05-23] (Microsoft Corporation) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-05-23] () S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [241128 2015-05-23] (Microsoft Corporation) S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [94184 2015-05-23] (Microsoft Corporation) S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [126952 2015-05-23] (Microsoft Corporation) S3 UnistoreSvc; No ImagePath R3 UnistoreSvc_Session1; No ImagePath S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [19968 2015-05-23] (Microsoft Corporation) S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [54760 2015-05-23] (Microsoft Corporation) S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [18944 2015-05-23] (Microsoft Corporation) S3 UserDataSvc; No ImagePath R3 UserDataSvc_Session1; No ImagePath S3 vhf; C:\Windows\System32\drivers\vhf.sys [31744 2015-05-23] (Microsoft Corporation) S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [682496 2015-05-23] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117736 2015-05-23] (Microsoft Corporation) R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106528 2015-05-23] (Microsoft Corporation) R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17952 2015-05-23] (Microsoft Corporation) S3 WinMad; C:\Windows\System32\drivers\winmad.sys [27112 2015-05-23] (Mellanox) S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59368 2015-05-23] (Mellanox) S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [218112 2015-05-23] (Microsoft Corporation) S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [26112 2015-05-23] (Microsoft Corporation) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) NETSVC: dosvc -> No ServiceDLL Path. NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation) NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation) NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation) NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation) NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation) NETSVC: WalletSvc -> C:\Windows\system32\WalletService.dll (Microsoft Corporation) NETSVC: RetailDemo -> C:\Windows\system32\RDXService.dll (Microsoft Corporation) NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation) NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation) NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation) NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation) NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> No File NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> No File ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-09 14:54 - 2015-07-09 14:54 - 02112512 _____ (Farbar) C:\Users\admin\Downloads\FRST64 (1).exe 2015-07-09 14:46 - 2015-07-09 14:46 - 00016148 _____ C:\WINDOWS\system32\WIN-TD3C6NNF95L_admin_HistoryPrediction.bin 2015-07-09 14:43 - 2015-07-09 14:56 - 00000000 ____D C:\Users\admin\Downloads\NIC SIE SAMO NIE ROBi 2015-07-09 14:43 - 2015-07-09 14:56 - 00000000 ____D C:\FRST 2015-07-09 14:42 - 2015-07-09 14:42 - 02112512 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe 2015-07-08 22:45 - 2015-07-08 22:45 - 00000000 ___HD C:\$Windows.~BT 2015-06-26 16:41 - 2015-06-26 16:41 - 00986624 _____ C:\Users\admin\Downloads\prezentacja_polityki_ochrony_srodowiska.ppt 2015-06-23 20:44 - 2015-06-23 20:45 - 32994649 _____ C:\Users\admin\Downloads\80-tka_02 (8).zip 2015-06-23 20:44 - 2015-06-23 20:44 - 00000000 ____D C:\Users\admin\Desktop\80-tka 2015-06-16 14:27 - 2015-06-16 14:27 - 00000020 ___SH C:\Users\admin\ntuser.ini 2015-06-15 18:31 - 2015-07-08 22:46 - 00000000 ___DC C:\WINDOWS\Panther 2015-06-15 18:27 - 2015-06-15 18:27 - 24608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 21983232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 19364864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 19170816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 12552192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 11311616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 04797440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 03600208 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 03591680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-06-15 18:27 - 2015-06-15 18:27 - 03584000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 02859560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2015-06-15 18:27 - 2015-06-15 18:27 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2015-06-15 18:27 - 2015-06-15 18:27 - 02693632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 02114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-06-15 18:27 - 2015-06-15 18:27 - 02037760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-06-15 18:27 - 2015-06-15 18:27 - 01576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 01370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-06-15 18:27 - 2015-06-15 18:27 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2015-06-15 18:27 - 2015-06-15 18:27 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2015-06-15 18:27 - 2015-06-15 18:27 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-06-15 18:27 - 2015-06-15 18:27 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-06-15 18:27 - 2015-06-15 18:27 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll 2015-06-15 18:27 - 2015-06-15 18:27 - 00000000 ____D C:\Windows.old 2015-06-15 18:26 - 2015-06-15 18:26 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 02173952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 01244160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 01061376 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl 2015-06-15 18:26 - 2015-06-15 18:26 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl 2015-06-15 18:26 - 2015-06-15 18:26 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00517264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00498032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00403104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00394368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2015-06-15 18:26 - 2015-06-15 18:26 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00362776 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2015-06-15 18:26 - 2015-06-15 18:26 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvisioningHandlers.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00203160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SurfaceHubHandlers.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00110176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00088528 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2015-06-15 18:26 - 2015-06-15 18:26 - 00073496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2015-06-15 18:25 - 2015-06-15 18:25 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2015-06-15 18:19 - 2015-06-15 18:19 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2015-06-15 18:19 - 2015-06-15 18:19 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-06-15 18:19 - 2015-06-15 18:19 - 00000000 ____D C:\Program Files\MSBuild 2015-06-15 18:19 - 2015-06-15 18:19 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-06-15 18:19 - 2015-06-15 18:19 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-06-15 18:18 - 2015-05-22 23:39 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2015-06-15 18:18 - 2015-05-22 23:39 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-06-15 18:18 - 2015-05-22 23:39 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-06-15 18:18 - 2015-05-22 23:35 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2015-06-15 18:18 - 2015-05-22 23:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2015-06-15 18:18 - 2015-05-22 23:35 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2015-06-15 17:55 - 2015-07-09 14:45 - 00039547 _____ C:\WINDOWS\NgcPopKeySrv.log 2015-06-15 17:54 - 2015-07-09 14:47 - 00435475 _____ C:\WINDOWS\WindowsUpdate_AU_deprecated.log 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default\Ustawienia lokalne 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default\Szablony 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default\Moje dokumenty 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default\Menu Start 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default\Documents\Moje wideo 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default\Documents\Moje obrazy 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default\Documents\Moja muzyka 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default\Dane aplikacji 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Historia 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dane aplikacji 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default User\Documents\Moje wideo 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default User\Documents\Moje obrazy 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default User\Documents\Moja muzyka 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Historia 2015-06-15 17:54 - 2015-06-15 17:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dane aplikacji 2015-06-15 17:49 - 2015-06-15 17:49 - 00002382 _____ C:\WINDOWS\System32\Tasks\SpeechRuntimeTask 2015-06-15 17:45 - 2015-05-23 14:52 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2015-06-15 17:41 - 2015-06-15 17:41 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-06-15 17:38 - 2015-07-06 17:52 - 00000000 ____D C:\Users\admin 2015-06-15 17:38 - 2015-06-16 14:28 - 00000000 ___RD C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-06-15 17:38 - 2015-06-15 17:47 - 00000000 ____D C:\Users\admin\3D Objects 2015-06-15 17:38 - 2015-06-15 17:41 - 00000000 ___RD C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-06-15 17:38 - 2015-06-15 17:39 - 00000000 ___RD C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-06-15 17:38 - 2015-06-15 17:39 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-06-15 17:38 - 2015-06-15 17:38 - 00000000 _SHDL C:\Users\admin\Ustawienia lokalne 2015-06-15 17:38 - 2015-06-15 17:38 - 00000000 _SHDL C:\Users\admin\Szablony 2015-06-15 17:38 - 2015-06-15 17:38 - 00000000 _SHDL C:\Users\admin\Moje dokumenty 2015-06-15 17:38 - 2015-06-15 17:38 - 00000000 _SHDL C:\Users\admin\Menu Start 2015-06-15 17:38 - 2015-06-15 17:38 - 00000000 _SHDL C:\Users\admin\Documents\Moje wideo 2015-06-15 17:38 - 2015-06-15 17:38 - 00000000 _SHDL C:\Users\admin\Documents\Moje obrazy 2015-06-15 17:38 - 2015-06-15 17:38 - 00000000 _SHDL C:\Users\admin\Documents\Moja muzyka 2015-06-15 17:38 - 2015-06-15 17:38 - 00000000 _SHDL C:\Users\admin\Dane aplikacji 2015-06-15 17:38 - 2015-06-15 17:38 - 00000000 _SHDL C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programy 2015-06-15 17:38 - 2015-06-15 17:38 - 00000000 _SHDL C:\Users\admin\AppData\Local\Historia 2015-06-15 17:38 - 2015-06-15 17:38 - 00000000 _SHDL C:\Users\admin\AppData\Local\Dane aplikacji 2015-06-15 17:36 - 2015-07-09 14:46 - 00000000 ____D C:\ProgramData\NVIDIA 2015-06-15 17:36 - 2015-06-15 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2015-06-15 17:36 - 2015-06-15 17:36 - 00000000 ____D C:\Program Files\Realtek 2015-06-15 17:35 - 2015-06-15 17:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-06-15 17:35 - 2015-06-15 17:39 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-06-15 17:35 - 2015-02-04 04:21 - 06782152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2015-06-15 17:35 - 2015-02-04 04:21 - 03522376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2015-06-15 17:35 - 2015-02-04 04:21 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2015-06-15 17:35 - 2015-02-04 04:21 - 00932040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2015-06-15 17:35 - 2015-02-04 04:21 - 00384200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2015-06-15 17:35 - 2015-02-04 04:21 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2015-06-15 17:35 - 2015-02-03 18:18 - 04229086 _____ C:\WINDOWS\system32\nvcoproc.bin 2015-06-15 17:34 - 2015-06-15 17:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2015-06-15 17:33 - 2015-06-15 17:33 - 00019514 _____ C:\WINDOWS\system32\NetSetupMig.log 2015-06-15 17:32 - 2015-06-23 20:17 - 00017914 _____ C:\WINDOWS\PFRO.log 2015-06-15 16:55 - 2015-06-15 16:55 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll 2015-06-15 16:55 - 2015-06-15 16:55 - 00221976 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll 2015-06-15 16:55 - 2015-06-15 16:55 - 00209544 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll 2015-06-15 16:55 - 2015-06-15 16:55 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 04477696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2015-06-15 16:54 - 2015-06-15 16:54 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 03218992 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 02926848 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 02881384 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 02710784 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2015-06-15 16:54 - 2015-06-15 16:54 - 02072039 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2015-06-15 16:54 - 2015-06-15 16:54 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 01754880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 01336528 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00914024 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBAPO64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00768824 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO32.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00645464 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00574248 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00410040 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBWrp64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00176976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00122328 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00074608 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBppld64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00069928 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\MBPPCn64.dll 2015-06-15 16:54 - 2015-06-15 16:54 - 00023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-09 14:47 - 2015-04-15 14:10 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-09 14:46 - 2015-05-23 15:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-07-09 14:46 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\system32\sru 2015-07-09 14:46 - 2015-05-03 18:04 - 00000008 __RSH C:\ProgramData\ntuser.pol 2015-07-09 14:46 - 2015-05-01 16:23 - 00000000 ____D C:\Users\admin\AppData\Local\ActiveSync 2015-07-09 14:46 - 2015-04-15 11:46 - 00000191 _____ C:\WINDOWS\WindowsUpdate.log 2015-07-09 14:45 - 2015-05-23 13:52 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-07-09 14:44 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-07-09 14:44 - 2015-03-14 10:58 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy 2015-07-09 14:39 - 2015-05-10 16:53 - 00000000 ____D C:\Users\admin\.gstreamer-0.10 2015-07-09 14:39 - 2015-05-10 16:52 - 00000000 ____D C:\Users\admin\AppData\Local\ChomikBox 2015-07-09 14:35 - 2015-05-23 15:41 - 00000000 ____D C:\ProgramData\USOShared 2015-07-09 14:34 - 2015-05-02 13:45 - 00000001 _____ C:\WINDOWS\SysWOW64\SetupComponents.exe 2015-07-08 22:15 - 2015-04-15 14:10 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-08 21:07 - 2015-04-15 14:08 - 00004226 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4436E0DF-66D3-46B1-A6CF-4916EC368440} 2015-07-08 15:16 - 2015-04-15 14:10 - 00002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-07-05 12:08 - 2015-04-15 15:04 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2015-07-03 17:13 - 2015-05-23 19:59 - 00812520 _____ C:\WINDOWS\system32\perfh015.dat 2015-07-03 17:13 - 2015-05-23 19:59 - 00156054 _____ C:\WINDOWS\system32\perfc015.dat 2015-07-03 17:13 - 2015-05-01 16:24 - 01836100 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-07-03 17:10 - 2015-05-23 15:39 - 00021774 _____ C:\WINDOWS\setupact.log 2015-06-26 18:57 - 2015-05-23 14:33 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-06-26 18:42 - 2015-06-02 14:53 - 00000000 ____D C:\Users\admin\Desktop\Studia 2015-06-23 20:17 - 2015-05-23 15:38 - 00193760 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-06-22 18:48 - 2015-05-23 15:08 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-06-22 18:48 - 2015-05-23 15:08 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-06-19 15:33 - 2015-04-15 11:49 - 00000000 ____D C:\Users\admin\AppData\Local\Packages 2015-06-16 14:31 - 2015-04-15 11:49 - 00002382 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-06-16 14:31 - 2015-04-15 11:49 - 00000000 ___RD C:\Users\admin\OneDrive 2015-06-16 14:30 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\WinStore 2015-06-16 14:29 - 2015-05-23 15:06 - 00000000 ___RD C:\WINDOWS\PrintDialog 2015-06-16 14:29 - 2015-05-23 15:06 - 00000000 ___RD C:\WINDOWS\MiracastView 2015-06-16 14:29 - 2015-05-23 15:06 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2015-06-16 14:12 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2015-06-16 13:59 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\appcompat 2015-06-15 18:31 - 2015-05-23 15:06 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template 2015-06-15 18:19 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2015-06-15 18:19 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\system32\MUI 2015-06-15 18:11 - 2015-04-22 13:43 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER 2015-06-15 17:59 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\system32\restore 2015-06-15 17:57 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\rescache 2015-06-15 17:54 - 2015-05-23 15:06 - 00000000 ____D C:\Program Files\Windows NT 2015-06-15 17:54 - 2015-05-23 13:52 - 00000000 __RHD C:\Users\Default 2015-06-15 17:53 - 2015-05-01 16:13 - 00038103 _____ C:\WINDOWS\diagwrn.xml 2015-06-15 17:53 - 2015-05-01 16:13 - 00038103 _____ C:\WINDOWS\diagerr.xml 2015-06-15 17:52 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\Registration 2015-06-15 17:52 - 2015-04-22 12:36 - 00020987 _____ C:\WINDOWS\comsetup.log 2015-06-15 17:49 - 2015-05-23 15:06 - 00000000 __RHD C:\Users\Public\Libraries 2015-06-15 17:49 - 2015-05-18 19:16 - 00003842 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d0918e5ceac400 2015-06-15 17:49 - 2015-04-22 13:21 - 00023140 _____ C:\WINDOWS\system32\emptyregdb.dat 2015-06-15 17:49 - 2015-04-15 14:10 - 00004034 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-06-15 17:49 - 2015-04-15 14:10 - 00003812 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-06-15 17:41 - 2015-05-23 15:08 - 00004362 _____ C:\WINDOWS\DtcInstall.log 2015-06-15 17:41 - 2015-05-23 15:06 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-06-15 17:41 - 2015-05-23 15:06 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-06-15 17:41 - 2015-05-23 13:52 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2015-06-15 17:41 - 2015-05-10 16:53 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-06-15 17:41 - 2015-05-10 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-06-15 17:41 - 2015-05-10 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chomikuj.pl 2015-06-15 17:41 - 2015-04-25 04:39 - 00000000 ____D C:\Users\Default.migrated 2015-06-15 17:41 - 2015-04-17 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prototype 2 2015-06-15 17:41 - 2015-04-15 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-06-15 17:41 - 2015-04-15 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-06-15 17:40 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\SysWOW64\WindowsPowerShell 2015-06-15 17:40 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\system32\WindowsPowerShell 2015-06-15 17:40 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-06-15 17:40 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-06-15 17:40 - 2015-01-20 14:09 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2015-06-15 17:40 - 2015-01-20 14:09 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2015-06-15 17:39 - 2015-05-23 15:06 - 00000000 ___RD C:\WINDOWS\PrintDialog3D 2015-06-15 17:39 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\system32\Recovery 2015-06-15 17:39 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-06-15 17:39 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\IME 2015-06-15 17:39 - 2015-05-23 15:06 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-06-15 17:39 - 2015-05-11 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2015-06-15 17:39 - 2015-03-14 10:58 - 00000000 ____D C:\WINDOWS\ADFS 2015-06-15 17:37 - 2015-05-23 13:52 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2015-06-15 17:35 - 2015-05-23 15:06 - 00000000 ____D C:\WINDOWS\Help 2015-06-15 15:55 - 2015-05-01 16:24 - 00029603 _____ C:\Users\admin\certenroll.log 2015-06-15 15:54 - 2015-05-01 16:23 - 00026364 _____ C:\WINDOWS\certenroll.log 2015-06-12 11:17 - 2015-04-16 15:27 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-06-12 11:00 - 2015-04-15 15:31 - 273068635 _____ C:\WINDOWS\MEMORY.DMP ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-01 15:49 ==================== End of log ============================

**Posty:** 4765 · przez **ordynat** 09 Lip 2015, 15:03

Hmm, niewiele jest tu do usuwania.
Otwórz Notatnik i wklej w nim:

BHO-x32: Crazy Score -> {f439aa7e-a2a0-4635-99a2-164180e848ca} -> C:\Program Files (x86)\Crazy Score\Extensions\f439aa7e-a2a0-4635-99a2-164180e848ca.dll No File
C:\Program Files (x86)\Crazy Score
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST.exe
Uruchom FRST i kliknij przycisk Fix.

----------------------
Jeśli będzie OK, to będziemy kończyć:
Otwórz Notatnik i wklej w nim:

DeleteQuarantine:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST. Uruchom FRST i kliknij w Fix.
przez SHIFT+DEL usuń pozostały folder C:\FRST.

Jeśli natomiast problem nie zniknie, to przeinstalujesz przeglądarkę, na której to jeszcze będzie.
.
.