Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:17-12-2015 Uruchomiony przez Grzegorz (2015-12-17 01:22:11) Uruchomiony z C:\Users\Grzegorz\Desktop Windows 8.1 (X64) (2015-05-16 15:39:10) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1613788600-3209457753-647740577-500 - Administrator - Disabled) Gość (S-1-5-21-1613788600-3209457753-647740577-501 - Limited - Disabled) Grzegorz (S-1-5-21-1613788600-3209457753-647740577-1001 - Administrator - Enabled) => C:\Users\Grzegorz HomeGroupUser$ (S-1-5-21-1613788600-3209457753-647740577-1003 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee — ochrona antywirusowa i przed oprogramowaniem szpiegującym (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee — ochrona antywirusowa i przed oprogramowaniem szpiegującym (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB} FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1613788600-3209457753-647740577-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.228 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.7.4.10 (Version: 2.7.4.10 - NVIDIA Corporation) Hidden ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS) ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.8 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0035 - ASUS) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.41.50 - Conexant) CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.) Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) HP Deskjet Ink Adv 2060 K110 — podstawowe oprogramowanie urządzenia (HKLM\...\{75A263B6-BDAC-4EB8-B2F5-D20009231CAB}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet Ink Adv 2060 K110 Pomoc (HKLM-x32\...\{261A4762-744B-4C71-81D2-57FA5038DC7B}) (Version: 140.0.2.2 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{CF153513-D2C7-4652-8464-31FDAD2891E9}) (Version: 12.0.30.219 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.6120 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.207 - McAfee, Inc.) Microsoft Office 365 - pl-pl (HKLM\...\O365HomePremRetail - pl-pl) (Version: 15.0.4779.1002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1613788600-3209457753-647740577-1001\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik graficzny 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4779.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden Office Trial Extender (HKLM-x32\...\{F18ADBD4-320F-4A67-9709-0FE9412BB0FA}_is1) (Version: 1.0.0.7 - pXc-coding.com) Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software) Panel sterowania NVIDIA 359.06 (Version: 359.06 - NVIDIA Corporation) Hidden REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.833.833.101614 - REALTEK Semiconductor Corp.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.20.243 - REALTEK Semiconductor Corp.) SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden Skype™ 7.9 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.9.103 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent) Windows Driver Package - ASUS (ATP) Mouse (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1613788600-3209457753-647740577-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Punkty Przywracania systemu ========================= 20-11-2015 00:22:56 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 01-12-2015 20:27:50 Usunięto: AVG PC TuneUp 2015 01-12-2015 20:29:11 Usunięto: AVG PC TuneUp 2015 (pl-PL) 08-12-2015 00:55:13 McAfee Vulnerability Scanner 17-12-2015 01:12:31 Restore Point Created by FRST ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0A1F2CF0-2498-4C36-9056-79F06124861F} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-12-15] (McAfee, Inc.) Task: {0AB02588-7B34-4807-BE81-5BC9FA1A7E1E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2015-07-11] (Hewlett-Packard Company) Task: {16DF2B4F-0B86-4C83-8D38-C17AE5C40A8D} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1613788600-3209457753-647740577-1001 => C:\Users\Grzegorz\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-11] (Microsoft Corporation) Task: {186AF853-9B00-4B74-AF7B-3F1BEE7BC03E} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-09-19] (AsusTek) Task: {1B74340A-8F3C-4C96-ADD9-C787BEE29242} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-02-11] (ASUS) Task: {2EAC5316-96DB-4FB6-BF65-B1BE198087AF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-12-15] (Microsoft Corporation) Task: {3C81C245-3FCD-4E48-B887-3D8F4AB869D0} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] () Task: {41B858B6-9FA7-4028-8657-A47F3A9955C8} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {4421EC0F-2B05-4AE2-91D7-40F122BBE98E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd) Task: {476560CD-EF14-4453-9F25-BE67C405AB5F} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-02-11] () Task: {4E837B1C-6F44-4A93-BC84-3ED1774893B7} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.) Task: {57CE4027-BD4C-4E43-9123-238F9EE950B1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-12-09] (Microsoft Corporation) Task: {60794D2F-C6C2-4F08-8B12-9C70D7F826E2} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.) Task: {6DA30928-130F-473E-8776-AD799C09F6DD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.) Task: {739B620D-6054-4A73-80F9-AF082EC824A8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-08] (Adobe Systems Incorporated) Task: {818D1E31-72A4-4020-A5DF-07927A22A0A8} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-12-15] (McAfee, Inc.) Task: {8260DECE-1554-41CF-9837-A5C272C6C1E4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation) Task: {90240CE8-6C85-4BC6-B0FE-9BD15E6356BC} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS) Task: {95541515-E67A-464F-9F1F-0964409BEAAF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe [2015-12-08] (Adobe Systems Incorporated) Task: {99046B16-89FF-4F91-8AD6-ECF1454A4E01} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company) Task: {A386642C-3B95-437A-9797-8A3979C6E6F4} - System32\Tasks\Opera scheduled Autoupdate 1431791955 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-04] (Opera Software) Task: {B8937AA7-F9AB-4F38-91F9-754436D87975} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.) Task: {BBEA96FF-1677-4297-B6EF-CA5747D5152B} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.) Task: {BD8437DD-8289-42D3-95A8-723D68F15B1B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation) Task: {CBFA4E22-CB6A-47A8-B665-D052ADCB3E7B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company) Task: {CFA8784F-19DF-4D18-A20E-4039D6ABD189} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {FEED6238-BF22-4B01-B341-57064B84DD09} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2014-11-30 00:42 - 2015-11-24 19:40 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-11-30 00:53 - 2014-04-29 16:03 - 00094720 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe 2015-09-15 18:01 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-02-11 18:08 - 2014-02-11 18:08 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2014-02-11 18:08 - 2014-02-11 18:08 - 00028672 _____ () C:\Program Files\ASUS\P4G\plctrl.dll 2014-10-20 09:05 - 2014-03-18 04:10 - 00080312 _____ () C:\Windows\system32\igfxexps.dll 2014-11-30 00:53 - 2014-07-03 10:22 - 00277720 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\SkypePlugin.exe 2015-11-16 17:55 - 2015-11-16 17:55 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll 2015-05-17 16:54 - 2015-11-12 19:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-09-16 17:20 - 2015-09-16 17:20 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll 2015-09-16 17:14 - 2015-09-16 17:14 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll 2014-11-30 00:36 - 2013-12-09 16:26 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-12-09 20:14 - 2015-12-09 20:14 - 61547128 _____ () C:\Program Files (x86)\Opera\34.0.2036.25\opera.dll 2015-12-09 20:14 - 2015-12-09 20:14 - 01983096 _____ () C:\Program Files (x86)\Opera\34.0.2036.25\libglesv2.dll 2015-12-09 20:14 - 2015-12-09 20:14 - 00081528 _____ () C:\Program Files (x86)\Opera\34.0.2036.25\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1613788600-3209457753-647740577-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\...\StartupApproved\Run: => "cAudioFilterAgent" HKLM\...\StartupApproved\Run: => "NvBackend" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run: => "SmartAudio" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKU\S-1-5-21-1613788600-3209457753-647740577-1001\...\StartupApproved\StartupFolder: => "Powiadomienia monitorowania tuszu - HP Deskjet Ink Adv 2060 K110.lnk" HKU\S-1-5-21-1613788600-3209457753-647740577-1001\...\StartupApproved\Run: => "Steam" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{9FF28AA5-8828-48D9-A89B-9DEDF7C73A7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{EEB2EB5C-3F56-4850-9214-F9F2A3515076}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{212537DB-CC87-4910-8477-6BFF1A5E044D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{92B39546-6750-4066-99DB-2B3C030E2869}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{40DFA5BC-ADCE-4871-B1BD-FB31C6E6C24D}] => (Allow) D:\GRY\Battle.net\Battle.net.exe FirewallRules: [{D0F227A9-D70D-4471-9407-9DFB91ADEF5B}] => (Allow) D:\GRY\Battle.net\Battle.net.exe FirewallRules: [{279C8DF0-8828-402A-A614-5CC5237C9E09}] => (Allow) D:\GRY\Steam\Steam.exe FirewallRules: [{083E5F31-D2C2-4EE4-B27A-91EEDB208ACB}] => (Allow) D:\GRY\Steam\Steam.exe FirewallRules: [{6D99B027-CB67-43C6-A6ED-E5EEAF0B0A75}] => (Allow) D:\GRY\Steam\bin\steamwebhelper.exe FirewallRules: [{FE3D484D-71CB-4534-937F-70754EA1A655}] => (Allow) D:\GRY\Steam\bin\steamwebhelper.exe FirewallRules: [{E9A8EA95-2DA2-4196-B796-8F9A19CCD4E3}] => (Allow) D:\GRY\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe FirewallRules: [{1058E70B-CD7E-4846-8261-C3C045DCF9D5}] => (Allow) D:\GRY\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe FirewallRules: [TCP Query User{84778E7B-54C9-4849-9C65-5E52417E8E6B}D:\gry\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Block) D:\gry\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe FirewallRules: [UDP Query User{52A73396-6E02-458A-826B-A5C64BF85966}D:\gry\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Block) D:\gry\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe FirewallRules: [{F74A7012-3863-449F-9F34-1566B7E52EA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{0C12BC84-8B9B-461A-A3CE-E21539ADA6F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{CB8E5242-C889-4EC4-A60D-420DA4C9EB79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{237D2FD3-1208-411A-B712-64225F0DA4BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{ECB0FA21-4ADE-449F-BC91-9B03DF902CA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{ABD446B6-F0E3-42EA-9BB8-B679FB63B0DC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{6B12D1B1-BEBE-403B-A0E6-AE51EBFA1C33}] => (Allow) C:\Program Files\HP\HP Deskjet Ink Adv 2060 K110\Bin\USBSetup.exe FirewallRules: [{53D95DFA-3839-4E1D-9F76-939BE711F651}] => (Allow) C:\Users\Grzegorz\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E274B221-19C3-4CE7-9361-12702D8FAA7B}] => (Allow) C:\Users\Grzegorz\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7DC2C31D-528E-4C92-9D72-DBDF39D05E05}] => (Allow) C:\Users\Grzegorz\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0887D1D1-9B0F-480D-BD66-6ACA9D30CD91}] => (Allow) C:\Users\Grzegorz\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F1D661D2-B013-4F91-9432-4ED9AB44D82F}] => (Allow) C:\Users\Grzegorz\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{39D5B92E-7E79-4D1C-8C1F-20F41E87D758}] => (Allow) C:\Users\Grzegorz\AppData\Roaming\uTorrent\uTorrent.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/17/2015 01:12:30 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {621af8bf-b1ee-445b-9ea6-e3e21c14ff53} Error: (12/17/2015 01:05:26 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418231 Error: (12/16/2015 12:03:29 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418231 Error: (12/15/2015 08:50:08 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (12/15/2015 08:14:44 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: ASUSGT) Description: Nie można zamknąć aplikacji lub usługi Microsoft Office Document Cache Sync Client Interface. Error: (12/14/2015 11:20:24 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418231 Error: (12/14/2015 10:45:11 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (12/13/2015 11:20:23 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418231 Error: (12/13/2015 12:40:09 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418231 Error: (12/12/2015 03:07:28 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Dziennik System: ============= Error: (12/17/2015 01:15:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa Windows Defender z powodu następującego błędu: %%577 Error: (12/17/2015 01:13:56 AM) (Source: Ntfs) (EventID: 137) (User: ) Description: Domyślny menedżer zasobów transakcji w woluminie OS napotkał błąd niepowtarzający operacji i nie można go uruchomić. Dane zawierają kod błędu. Error: (12/17/2015 01:13:34 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Error: (12/17/2015 01:13:34 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Error: (12/17/2015 01:13:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Error: (12/17/2015 01:13:01 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Error: (12/17/2015 01:12:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa Szybka instalacja pakietu Microsoft Office niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/17/2015 01:12:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/17/2015 01:12:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa McAfee SiteAdvisor Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/17/2015 01:12:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa GamesAppIntegrationService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. CodeIntegrity: =================================== Date: 2015-12-17 01:15:15.629 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-12-15 01:28:45.604 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-12-09 22:00:41.639 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-12-09 20:07:36.967 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-12-03 23:39:07.437 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-12-02 18:12:37.363 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-12-01 00:54:55.358 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-12-01 00:39:01.665 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-11-29 19:31:48.557 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-11-27 22:45:10.905 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz Procent pamięci w użyciu: 19% Całkowita pamięć fizyczna: 12171.01 MB Dostępna pamięć fizyczna: 9847.79 MB Całkowita pamięć wirtualna: 14027.01 MB Dostępna pamięć wirtualna: 11491.25 MB ==================== Dyski ================================ Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:303.57 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:494.84 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: A86350CE) Partition: GPT. ==================== Koniec Addition.txt ============================