Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 03-07-2017 01 Uruchomiony przez r.bogusz (04-07-2017 20:25:06) Uruchomiony z C:\Users\Toshiba\Desktop Windows 7 Professional Service Pack 1 (X64) (2016-12-01 11:02:36) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2875892956-4008951052-2491475130-500 - Administrator - Enabled) => C:\Users\Administrator Gość (S-1-5-21-2875892956-4008951052-2491475130-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2875892956-4008951052-2491475130-1003 - Limited - Enabled) mmcsmv (S-1-5-21-2875892956-4008951052-2491475130-1005 - Limited - Enabled) r.bogusz (S-1-5-21-2875892956-4008951052-2491475130-1000 - Administrator - Enabled) => C:\Users\Toshiba test (S-1-5-21-2875892956-4008951052-2491475130-1006 - Administrator - Enabled) => C:\Users\test ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET Endpoint Security 6.4.2014.2 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Endpoint Security 6.4.2014.2 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} FW: Zapora osobista ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.13.1895, 07.05.2017 - AIMP DevTeam) AIMP2: Audio Tools (HKLM-x32\...\AIMP2at) (Version: - AIMP DevTeam) ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.100.303.215 - ALPS ELECTRIC CO., LTD.) Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG) Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team) Bluetooth Monitor 4 (HKLM-x32\...\{61539202-097E-487E-9237-B291AB56D54C}) (Version: 4.08.000 - TOSHIBA) Bullzip PDF Printer 10.25.0.2552 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.25.0.2552 - Bullzip) Chrome Remote Desktop Host (HKLM-x32\...\{BAF2702F-FB88-48E4-A305-588DB8FDD834}) (Version: 59.0.3071.47 - Google Inc.) CMEDIA USB2.0 Audio Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392016500}) (Version: 1.0.0.3 - C-Media Electronics, Inc.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0222 - Disc Soft Ltd) DTS Studio Sound (HKLM-x32\...\{E7C66352-1D0C-406F-B5B2-FE2B23973356}) (Version: 1.02.5600 - DTS, Inc.) DVD Audio Extractor 7.3.0 (HKLM-x32\...\DVD Audio Extractor_is1) (Version: - Computer Application Studio) ESET Endpoint Security (HKLM\...\{9885FF14-3250-4D83-911E-8D82E37575C8}) (Version: 6.4.2014.2 - ESET, spol. s r.o.) Flash Loader Demonstrator V2.6.0 (HKLM-x32\...\{232BE5F9-6BFA-4915-AB15-A872B64FD507}) (Version: 2.6.0 - STMicroelectronics) Hidden Flash Loader Demonstrator V2.6.0 (HKU\S-1-5-21-2875892956-4008951052-2491475130-1000\...\InstallShield_{232BE5F9-6BFA-4915-AB15-A872B64FD507}) (Version: 2.6.0 - STMicroelectronics) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - ) Intel(R) Chipset Device Software (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1175 - Intel Corporation) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 20.4 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4360 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.4.51 - Intel Corporation) Intel(R) WiDi (HKLM\...\{5DD8D7E4-87F1-4134-AD28-4228FB1A03BA}) (Version: 6.0.44.0 - Intel Corporation) Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{86905E62-645F-482E-A417-82C812ABD787}) (Version: 1.1.383 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{4DA9DC19-4E1D-4B10-A726-A5F2A1BC7265}) (Version: 18.1.1546.2762 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office Professional 2016 - pl-pl (HKLM\...\ProfessionalRetail - pl-pl) (Version: 16.0.8201.2102 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2875892956-4008951052-2491475130-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) MiniTool Partition Wizard Free 10.2.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) MOXA UPort 2000 Series Windows Driver Ver1.3 (HKLM\...\MOXA UPort 2000 Series Windows Driver Ver1.3_is1) (Version: 1.3 - Moxa Inc.) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.6.0 - Mozilla) Mozilla Thunderbird 45.6.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 45.6.0 (x86 pl)) (Version: 45.6.0 - Mozilla) Mp3tag v2.81 (HKLM-x32\...\Mp3tag) (Version: 2.81 - Florian Heidenreich) MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NAPS2 5.3.3 (HKLM-x32\...\NAPS2 (Not Another PDF Scanner 2)_is1) (Version: - Ben Olden-Cooligan) NVIDIA Graphics Driver 354.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 354.35 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) O2Micro OZ776 SCR Driver (HKLM\...\{11868102-FAE6-436D-B794-B4B69E2A88DC}) (Version: 2.1.4.241GS - O2Micro) Hidden O2Micro OZ776 SCR Driver (HKLM-x32\...\InstallShield_{11868102-FAE6-436D-B794-B4B69E2A88DC}) (Version: 2.1.4.241GS - O2Micro) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2102 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden PComm Lite Ver1.6 (HKLM\...\PComm Lite Ver1.6_is1) (Version: - Moxa Inc.) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Radeon RAMDisk (HKLM-x32\...\{BBC956B0-3DD9-4A48-ACAC-DC6AC0FE10D5}) (Version: 4.4.0.36 - Dataram, Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7687 - Realtek Semiconductor Corp.) testXpert II - V3.2 (HKLM-x32\...\testXpert II - V3.2_is1) (Version: V3.2 - Zwick GmbH & Co.) testXpert II - V3.71 (HKLM-x32\...\testXpert II - V3.71_is1) (Version: V3.71 - Zwick GmbH & Co.) testXpert II (HKLM\...\{9fa013a1-fd90-4fa7-8508-e98c7f29fb54}.sdb) (Version: - ) testXpert III - V1.1 (HKLM-x32\...\testXpert III - V1.1_is1) (Version: V1.1 - Zwick GmbH & Co.) testXpert III (HKLM\...\{8a62eaa7-7cb0-4370-823a-bf43cb1327eb}.sdb) (Version: - ) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH) VicatDB 8.05 (HKLM-x32\...\{99A0799B-3483-4D72-99B7-053F19AA600C}_is1) (Version: 8.05 - Toni Technik) VirtualDub Plugin Pack 1.0.0.6 US (HKLM-x32\...\{D6E6B04E-0498-4794-B272-2EDE12E02837}_is1) (Version: 1.0.0.6 - Trad-Fr) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 7.05 - NCH Software) WinHTTrack Website Copier 3.48-22 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack) XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2875892956-4008951052-2491475130-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Toshiba\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileCoAuthLib64.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Toshiba\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Toshiba\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Toshiba\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Toshiba\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-07] () ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Toshiba\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-07] () ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Toshiba\AppData\Local\MEGAsync\ShellExtX32.dll [2017-06-07] () ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers01: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2016-05-24] (ESET) ContextMenuHandlers01: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Toshiba\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ContextMenuHandlers02: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2016-05-24] (ESET) ContextMenuHandlers02: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Toshiba\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ContextMenuHandlers03: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Toshiba\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ContextMenuHandlers04: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers04: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Toshiba\AppData\Local\MEGAsync\ShellExtX64.dll [2017-06-07] () ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Brak pliku ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-12-30] (Intel Corporation) ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-10-15] (NVIDIA Corporation) ContextMenuHandlers06: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers06: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2016-05-24] (ESET) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {115DDE75-60ED-413C-93B0-121224759287} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation) Task: {115E28AF-F0CA-4CF8-9571-011153E96AA9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {195FE75D-0DEC-4C4B-AFDB-D73595932C8F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-30] () Task: {29CB3BD9-3AD7-4027-B4CE-4C0909072FF0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-25] (Adobe Systems Incorporated) Task: {4A9B7D41-2427-43AF-A70C-0BA9E95EB938} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-23] (Intel Corporation) Task: {7B1C6AF5-CB40-4B84-BB27-4331D6C7E1F3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-10] (Microsoft Corporation) Task: {7C880AC5-21F9-4F87-965D-88BD27E0A8E8} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_task.exe [2015-11-19] () Task: {7F7A5709-2374-4953-B1D8-6C6E739CD83B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-02] (Google Inc.) Task: {86E10C61-5C5A-46A4-B6C0-61ECA6472FE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-02] (Google Inc.) Task: {BFAAD3A7-CFAD-4C5A-92AE-A8F27F2E714E} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-23] (Intel Corporation) Task: {C46082B9-3BB4-4853-8A0F-580B3DFCCA66} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-06-30] () Task: {C52CB742-DD32-4A45-A75B-512647934552} - System32\Tasks\ZWICK - Kopiowanie harmonogramu => C:\Users\Toshiba\Desktop\harmcopy.bat [2017-05-19] () <==== UWAGA Task: {E60DAA6E-70C6-4A00-B6B5-A3E348392C30} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\Toshiba\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm ShortcutWithArgument: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Pulpit zdalny Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp ==================== Załadowane moduły (filtrowane) ============== 2016-06-08 06:53 - 2015-10-15 13:47 - 00011896 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2016-06-08 06:54 - 2015-10-15 05:59 - 00126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-06-07 22:09 - 2017-06-07 22:09 - 00598528 _____ () C:\Users\Toshiba\AppData\Local\MEGAsync\ShellExtX64.dll 2015-12-30 17:38 - 2015-12-30 17:38 - 00384104 _____ () C:\Windows\system32\igfxTray.exe 2015-11-19 15:10 - 2015-11-19 15:10 - 00020928 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe 2016-06-08 06:53 - 2015-10-15 13:47 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2016-04-13 10:38 - 2016-04-13 10:38 - 00482304 _____ () C:\Users\Toshiba\AppData\Local\MEGAsync\libsodium.dll 2015-12-03 21:13 - 2015-12-03 21:13 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2875892956-4008951052-2491475130-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 208.67.222.222 - 208.67.220.220 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{E6F45A90-6959-47F5-A82A-48C0251D24EE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{3BEEA67C-D842-4955-85FD-0E3877DB744D}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{CD0F81EA-14C3-40F9-BCF8-D5761A91EA9B}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe FirewallRules: [{9A029CE7-DF2C-41F8-90C7-42A32739BFD8}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe FirewallRules: [{417B97CF-6BE4-47EA-A806-1A6B7C64C042}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe FirewallRules: [{8AB7C774-FFFF-4450-AE2A-A0B6AD8814C8}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe FirewallRules: [{CA668E55-D471-40B8-A0CC-F6D794D8D510}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{DD45A3E2-8FF9-4483-A278-7546A8CF3430}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{C0884F5D-380B-41D5-B870-FA3559E952B5}] => (Allow) C:\Program Files (x86)\Zwick\testXpert_II_3.71\testXpertII.exe FirewallRules: [{EE9CA832-418B-47C4-B245-649776B08F8E}] => (Allow) C:\Program Files (x86)\Zwick\testXpert_II_3.71\testXpertII.exe FirewallRules: [{564046E5-65A1-4811-B375-C36A7E1E49E9}] => (Allow) C:\Users\Toshiba\AppData\Roaming\uTorrent\utorrent.exe FirewallRules: [{C34FE16F-5814-451D-9E9A-C2669914FC5E}] => (Allow) C:\Users\Toshiba\AppData\Roaming\uTorrent\utorrent.exe FirewallRules: [{6EBEDE4B-77B6-4AA2-B8FA-DB322C76317E}] => (Allow) C:\Program Files (x86)\Zwick\testXpert_III_1.1\testXpertIII.exe FirewallRules: [{BCA884C2-36C0-44F9-9D31-B83AC53DA71C}] => (Allow) C:\Program Files (x86)\Zwick\testXpert_III_1.1\testXpertIII.exe FirewallRules: [{181F042F-476E-4409-B58C-03C6BBA0DA81}] => (Allow) C:\Program Files (x86)\Zwick\testXpert_III_1.1\testXpertIII.exe FirewallRules: [{839451E0-855D-4DF3-8189-588486FF9337}] => (Allow) C:\Program Files (x86)\Zwick\testXpert_III_1.1\testXpertIII.exe FirewallRules: [{1C8728D1-65CE-4D08-9A11-5A407C66FAA5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{7F3C1ED0-680A-40D0-BEB7-9FD7B9F0BE21}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe FirewallRules: [{787F8721-A523-47C6-B2DF-E79AE3459E49}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4F0CB03E-8695-4B5A-A3D3-B862752C8960}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{72D0C5D5-D6CD-44C4-A079-6302DFDA824C}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe ==================== Punkty Przywracania systemu ========================= ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Karta wirtualnego miniportu WiFi firmy Microsoft Description: Karta wirtualnego miniportu WiFi firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Microsoft Virtual WiFi Miniport Adapter #2 Description: Karta wirtualnego miniportu WiFi firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: TOSHIBA Web Camera - FHD Description: Urządzenie wideo USB Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: usbvideo Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (07/04/2017 08:20:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/04/2017 05:56:43 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/04/2017 03:04:01 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Program Files (x86)\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/03/2017 05:52:03 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Program Files (x86)\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/03/2017 05:48:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/02/2017 11:31:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/02/2017 10:27:36 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla „C:\Program Files (x86)\Audacity\audacity.exe”. Błąd w pliku manifestu lub w pliku zasad „” w wierszu . Wersja składnika wymagana przez aplikację powoduje konflikt z inną wersją składnika, która jest już aktywna. Składniki powodujące konflikt: Składnik 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Składnik 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/02/2017 10:18:26 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/01/2017 03:20:22 PM) (Source: System Restore) (EventID: 8211) (User: ) Description: Nie można utworzyć zaplanowanego punktu przywracania. Informacje dodatkowe: (0x8004231f). Error: (07/01/2017 03:20:22 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Opis = Zaplanowany punkt kontrolny; Błąd = 0x8004231f). Dziennik System: ============= Error: (07/04/2017 08:21:18 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (07/04/2017 08:19:48 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\System32\IWMSSvc.dll Error: (07/04/2017 08:19:48 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\System32\IWMSSvc.dll Error: (07/04/2017 08:19:43 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\System32\IWMSSvc.dll Error: (07/04/2017 08:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (07/04/2017 08:19:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/04/2017 08:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa DTS APO Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (07/04/2017 08:19:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/04/2017 08:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Disc Soft Lite Bus Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (07/04/2017 08:19:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. CodeIntegrity: =================================== Date: 2017-02-17 12:04:20.733 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-6600U CPU @ 2.60GHz Procent pamięci w użyciu: 18% Całkowita pamięć fizyczna: 16299.82 MB Dostępna pamięć fizyczna: 13307.59 MB Całkowita pamięć wirtualna: 31859.57 MB Dostępna pamięć wirtualna: 29141.45 MB ==================== Dyski ================================ Drive c: (TOSHIBA) (Fixed) (Total:225.11 GB) (Free:0.86 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt ============================