Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:12-12-2015 01 Uruchomiony przez Przemek (2015-12-13 09:45:10) Uruchomiony z C:\Users\Przemek\Desktop\czyszczenie Windows 10 Home (X64) (2015-12-13 05:23:41) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1980786313-716170311-3172534565-500 - Administrator - Disabled) => C:\Users\Administrator Gość (S-1-5-21-1980786313-716170311-3172534565-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1980786313-716170311-3172534565-1003 - Limited - Enabled) Konto domyślne (S-1-5-21-1980786313-716170311-3172534565-503 - Limited - Disabled) Przemek (S-1-5-21-1980786313-716170311-3172534565-1001 - Administrator - Enabled) => C:\Users\Przemek ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee — ochrona antywirusowa i przed oprogramowaniem szpiegującym (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee — ochrona antywirusowa i przed oprogramowaniem szpiegującym (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.228 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{91F3C30F-BC39-AD82-0AF7-F2013AB529A5}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform) CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.0 - Dell Inc.) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.0 - Dell Inc.) Dell Digital Delivery (HKLM-x32\...\{03A9F528-A754-460F-B2C1-AC125A147114}) (Version: 2.8.5000.0 - Dell Products, LP) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.13.0 - Synaptics Incorporated) DSC/AA Factory Installer (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden Farming Simulator 15 v1.1.0.0 (HKLM-x32\...\Farming Simulator 15 v1.1.0.01.1.0.0) (Version: 1.1.0.0 - Friends in War) Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - ) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1342.1) (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0.6120 - McAfee, Inc.) Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: - Microsoft Corporation) Microsoft Office Excel 2010 XLL Software Development Kit (HKLM-x32\...\{90140000-004F-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0415-0000-0000000FF1CE}) (Version: 12.0.6334.5000 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 43.0 (x64 pl) (HKLM\...\Mozilla Firefox 43.0 (x64 pl)) (Version: 43.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0 - Mozilla) My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6299.48 - PC-Doctor, Inc.) OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{6882ac6d-e97d-4e25-b3ea-5f3f21055dfe}) (Version: 16.6.0 - Intel Corporation) Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.) SafeFinder (HKLM-x32\...\{95961693-4B77-4840-AF17-6D7F2EB5C103}) (Version: 1.0.0.0 - Linkury) <==== UWAGA Solid Edge Machinery Library (HKLM-x32\...\{50D55123-09CD-4066-B8CE-1AA57B08D604}) (Version: 102.00.00116 - Siemens) Solid Edge Mold Tooling ST2 (HKLM-x32\...\{2A8A5B28-6F11-4219-89AF-D7FDA746DB52}) (Version: 102.00.00116 - Siemens) Solid Edge ST2 (HKLM-x32\...\{CC185D10-5C0E-40C3-91F2-63314BB365AF}) (Version: 102.00.0804 - Siemens) Solid Edge Standard Parts Administrator (HKLM-x32\...\{14B99D9B-3E7C-4EBA-9174-E4D11044F2CD}) (Version: 102.00.00116 - Siemens) Solid Edge Standard Parts Piping Library (HKLM-x32\...\{2245604E-237E-4F84-817B-186EE4F54332}) (Version: 102.00.00116 - Siemens) SpyHunter (HKLM-x32\...\{03CE1BCB-03F5-4C6A-B37E-69799AA3C544}) (Version: 3.12 - Enigma Software Group USA, LLC) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WinRAR 5.21 beta 1 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.1 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1980786313-716170311-3172534565-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Przemek\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\FileCoAuth.exe (Microsoft Corporation) ==================== Punkty Przywracania systemu ========================= 13-12-2015 09:34:09 Windows Update ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 14:25 - 2015-12-13 07:10 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {02490F64-2959-4565-B960-8E6D0648955C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation) Task: {18B6F418-7635-4D89-B044-433AC306A810} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {23F0D79D-84C0-4564-B325-62EA73FC18EF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {2A5D01D5-2D85-468B-93C7-DCE68B8317EF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {2ACF11D9-3C0E-4F88-97B1-CF1D66B69311} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {334EE192-75E8-4CD9-ABFA-AFB6940C7481} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd) Task: {40B8F41E-6834-4A3A-B7E7-E04DB840D77E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated) Task: {4624EA59-7114-4A57-889E-599311949B9F} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-12-11] (McAfee, Inc.) Task: {4E04D3CF-230C-47A6-B386-A26D4C3C0ACE} - System32\Tasks\{49720866-9BFB-406A-8E56-D00C70BDEA56} => pcalua.exe -a "C:\Program Files (x86)\Common Files\VillaSaotech\uninstall.exe" -c -f "C:\Program Files (x86)\Common Files\VillaSaotech\uninstall.dat" -a uninstallme 95961693-4B77-4840-AF17-6D7F2EB5C103 DeviceId=97e2cf90-80c7-e724-e482-601e24451464 BarcodeId=50028003 ChannelId=3 DistributerName=APSFIsc Task: {6A0D5A7C-CB4A-4E97-AE17-107A84C9432F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA Task: {6E1D43F6-FE4B-4BA0-BF4F-39799455000F} - System32\Tasks\Rush Image => Rundll32.exe "C:\Users\Przemek\AppData\Local\Rush Image\Bin\RushImage.dll",#3 <==== UWAGA Task: {73A75CAF-D682-4E77-B96E-303084F9D4B3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {768B4EA4-5B76-439D-8D73-CC5BAF33F774} - \PCDoctorBackgroundMonitorTask -> Brak pliku <==== UWAGA Task: {8470B711-DE82-4403-AC79-1D8F793860C3} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-09-06] (Synaptics Incorporated) Task: {8712ADB4-7155-4737-B2C4-F7F8B2CA3A1D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {89D7DF49-6CFE-4C29-AB85-35696E4518F5} - System32\Tasks\aeUB8660hRr => C:\Users\Przemek\AppData\Roaming\aeUB8660hRr.exe <==== UWAGA Task: {8A780407-C5A0-40E2-960A-DA8823A0DAA9} - System32\Tasks\{EFBB6034-8087-47CD-8272-93DD24C25BCF} => pcalua.exe -a "C:\Program Files (x86)\360\Total Security\Uninstall.exe" Task: {8CABE4A8-A30B-438D-BF8E-355521F75C93} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {8D52CF0B-97E1-474B-9026-64B3AD0CCB51} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-13] (Microsoft Corporation) Task: {A36AB3D4-0C76-447F-84E1-94B3138E19EC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {A72D0198-725B-43CC-8A9B-2EB6C39FBDFF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe [2015-12-09] (Adobe Systems Incorporated) Task: {BBECFAA3-9FFF-4662-B2B7-EA834F71BA82} - System32\Tasks\6CEEEvaNHqz3OyRv => C:\Users\Przemek\AppData\Roaming\6CEEEvaNHqz3OyRv.exe <==== UWAGA Task: {BE2AE13A-8166-4285-9ADA-FB21E85653B4} - \SystemToolsDailyTest -> Brak pliku <==== UWAGA Task: {CB7E6734-3229-481E-84B6-1160F7A5896D} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {D0887662-2314-48FF-98A2-35FF654231B3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA Task: {E4658B49-71CC-4757-A40E-0475ED41C017} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation) Task: {EE6E006B-FD3F-4C39-99D1-81F90327C4B8} - \PCDEventLauncherTask -> Brak pliku <==== UWAGA Task: {EF98FEE3-E118-4CA7-AA7A-0926C9127FED} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {F1B74ADC-D34E-4C36-946A-E36E5B5DD858} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation) Task: {F216AAD1-B817-4CF5-B2B6-BBD46E758724} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {FA1B5348-E269-4C1F-ACFA-1E0792A42C6B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {FBEA54EC-F34D-4090-9BE5-E623CC794566} - System32\Tasks\SpyHunter3 => C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter3.exe [2009-12-09] (Enigma Software Group USA, LLC.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\6CEEEvaNHqz3OyRv.job => C:\Users\Przemek\AppData\Roaming\6CEEEvaNHqz3OyRv.exe <==== UWAGA Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\aeUB8660hRr.job => C:\Users\Przemek\AppData\Roaming\aeUB8660hRr.exe <==== UWAGA Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Przemek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449866903&z=8030ce62766807e07efd8b6g5zfz3t7baqcq3taeeo&from=ient07021&uid=ST1000LM024XHN-M101MBB_S314J90F135569135569 <==== UWAGA ==================== Załadowane moduły (filtrowane) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-02-26 19:14 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2015-12-12 22:45 - 2015-12-12 22:45 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-12 22:45 - 2015-12-12 22:45 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-10-30 08:17 - 2015-10-30 08:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-10-30 08:17 - 2015-10-30 08:17 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-12-12 22:45 - 2015-12-12 22:45 - 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-12-12 22:45 - 2015-12-12 22:45 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-12-12 22:45 - 2015-12-12 22:45 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-12-12 22:45 - 2015-12-12 22:45 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-11-16 17:55 - 2015-11-16 17:55 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2015-12-13 07:15 - 2015-12-13 07:16 - 09074176 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2015-12-13 07:15 - 2015-12-13 07:16 - 02416640 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll 2015-12-13 07:19 - 2015-12-13 07:19 - 00012288 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1511.18010.0_x64__8wekyb3d8bbwe\CompanionApp.exe 2015-12-13 07:19 - 2015-12-13 07:19 - 05732864 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1511.18010.0_x64__8wekyb3d8bbwe\CompanionApp.dll 2015-12-13 07:19 - 2015-12-13 07:19 - 00628736 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1511.18010.0_x64__8wekyb3d8bbwe\CompanionAppDeviceManager.dll 2014-03-14 21:13 - 2013-08-28 11:02 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1980786313-716170311-3172534565-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Przemek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 31.11.202.254 - 37.8.214.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\...\StartupApproved\Run: => "BTMTrayAgent" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run32: => "FromDocToPDF EPM Support" HKLM\...\StartupApproved\Run32: => "FromDocToPDF AppIntegrator 64-bit" HKLM\...\StartupApproved\Run32: => "FromDocToPDF AppIntegrator 32-bit" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{11710CF6-E21D-421F-B118-F2B1BDC8604C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [UDP Query User{861F2567-CE2E-4BAA-847B-EC3FAFFC55D2}C:\2-click run\farming simulator 15 v1.1.0.0\x64\farmingsimulator2015game.exe] => (Block) C:\2-click run\farming simulator 15 v1.1.0.0\x64\farmingsimulator2015game.exe FirewallRules: [TCP Query User{8DF75D53-B02C-4660-AD5C-A79B5C1965BF}C:\2-click run\farming simulator 15 v1.1.0.0\x64\farmingsimulator2015game.exe] => (Block) C:\2-click run\farming simulator 15 v1.1.0.0\x64\farmingsimulator2015game.exe FirewallRules: [UDP Query User{92DD6F3F-064E-46D7-8339-C2676CCFF9F7}C:\2-click run\farming simulator 15 v1.1.0.0\dedicatedserver.exe] => (Allow) C:\2-click run\farming simulator 15 v1.1.0.0\dedicatedserver.exe FirewallRules: [TCP Query User{7D1FF22D-B772-4AB9-8EB1-93F9E8F7FB4B}C:\2-click run\farming simulator 15 v1.1.0.0\dedicatedserver.exe] => (Allow) C:\2-click run\farming simulator 15 v1.1.0.0\dedicatedserver.exe FirewallRules: [{C8F0B4AA-E026-4B14-B708-4626960EA83F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{75A1CBEC-4F4B-484D-A9BE-79DEC7C0A9EA}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{04181FBC-B89B-487D-A6DF-6BB4586D2930}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{53BD88E8-4437-4F0B-9301-D39B293BCF76}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{01F58A39-0ECC-4B01-A7DD-BFF4254B6E8D}] => (Allow) LPort=1900 FirewallRules: [{66D47A6A-E061-479A-AA3F-433D14EA5232}] => (Allow) LPort=2869 FirewallRules: [{C5552EF8-CBEB-4AAA-B123-BCBDD43F35C2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{2E51C917-3AE9-4F54-A604-AD415E95F139}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe FirewallRules: [{586865ED-A6C0-4F2D-A08E-E87E7CA946A7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{388B845D-14B7-41C1-89AF-45BB3DC325A5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/13/2015 09:34:17 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Protokół LLDP (Link-Layer Discovery Protocol) firmy Microsoft. System Error: Odmowa dostępu. . Error: (12/13/2015 08:53:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PRZEMEK_DELL) Description: Aktywacja aplikacji Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App nie powiodła się. Błąd: -2147024770. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/13/2015 08:28:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PRZEMEK_DELL) Description: Aktywacja aplikacji Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App nie powiodła się. Błąd: -2147024770. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/13/2015 08:08:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PRZEMEK_DELL) Description: Aktywacja aplikacji Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App nie powiodła się. Błąd: -2147024770. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Dziennik System: ============= Error: (12/13/2015 08:28:06 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny CodeIntegrity: =================================== Date: 2015-12-13 09:35:55.496 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-12 23:24:07.099 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-12 23:24:06.595 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-12 22:54:30.025 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz Procent pamięci w użyciu: 34% Całkowita pamięć fizyczna: 8072.96 MB Dostępna pamięć fizyczna: 5314.83 MB Całkowita pamięć wirtualna: 9992.96 MB Dostępna pamięć wirtualna: 7266.25 MB ==================== Dyski ================================ Drive c: (OS) (Fixed) (Total:922.03 GB) (Free:839.61 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 6C71E612) Partition: GPT. ==================== Koniec Addition.txt ============================