Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:17-12-2015 Uruchomiony przez Marcin (2015-12-17 21:58:38) Uruchomiony z C:\Users\Marcin\Downloads Windows 10 Home (X64) (2015-11-01 07:10:18) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3148115178-2301685078-862424154-500 - Administrator - Disabled) Gość (S-1-5-21-3148115178-2301685078-862424154-501 - Limited - Disabled) Konto domyślne (S-1-5-21-3148115178-2301685078-862424154-503 - Limited - Disabled) Marcin (S-1-5-21-3148115178-2301685078-862424154-1001 - Administrator - Enabled) => C:\Users\Marcin ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.228 - Adobe Systems Incorporated) Aktualizacje NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden BitTorrent (HKU\S-1-5-21-3148115178-2301685078-862424154-1001\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform) CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.) Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.) Dell Data Vault (Version: 4.3.5.1 - Dell Inc.) Hidden Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP) Dell Foundation Services (HKLM\...\{243E6515-D9FC-4A52-80A8-64E286CCDDCD}) (Version: 3.0.900.0 - Dell Inc.) Dell Power Manager Lite (HKLM-x32\...\InstallShield_{BF1F9D57-57A1-4E87-A8E8-41F2B2AD6F53}) (Version: 1.0.0.1 - Compal Inc.) Dell Power Manager Lite (x32 Version: 1.0.0.1 - Compal Inc.) Hidden Dell Product Registration (HKLM-x32\...\{17FFE63C-6734-4950-B488-134B5A2505F7}) (Version: 2.04.0280 - Aviata Inc.) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.93 - Dell) Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.1.14 - Dell) Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.) Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.) GG (HKU\S-1-5-21-3148115178-2301685078-862424154-1001\...\GG) (Version: 12 - GG Network S.A.) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4281 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation) Intel(R) WiDi (HKLM\...\{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}) (Version: 5.1.20.0 - Intel Corporation) Intel(R) Wireless Bluetooth(R)(patch version 17.1.1449.356) (HKLM\...\{302600C1-6BDF-4FD1-1411-148929CC1385}) (Version: 17.1.1411.0506 - Intel Corporation) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics) Maxx Audio Installer (x64) (Version: 1.6.5073.103 - Waves Audio Ltd.) Hidden Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.21.00.03 - Huawei Technologies Co.,Ltd) NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation) NVIDIA Sterownik graficzny 347.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.26 - NVIDIA Corporation) Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software) Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{313c06de-4aa7-4a1f-930a-f10f80380426}) (Version: 17.14.0 - Intel Corporation) Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden Panel sterowania NVIDIA 353.62 (Version: 353.62 - NVIDIA Corporation) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39060 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden True Color (HKLM-x32\...\{992885f0-c469-4089-9719-24e16f896fc1}) (Version: 6.0.0.10 - Entertainment Experience) True Color (Version: 6.0.0.10 - Entertainment Experience LLC) Hidden ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3148115178-2301685078-862424154-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Marcin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3148115178-2301685078-862424154-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Marcin\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Punkty Przywracania systemu ========================= 15-12-2015 15:58:36 Zaplanowany punkt kontrolny 16-12-2015 22:36:31 Dr.Web Security Space installation ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {04DF777C-77EF-4C7E-A608-2C019F33BD79} - System32\Tasks\WordFly Auto Updater 1.10.0.28 Pending Update => C:\Program Files (x86)\WordFly_1.10.0.28\Update\WordflyAutoUpdateClient.exe <==== UWAGA Task: {1A808AC7-B50E-4333-BE5B-4862B42BE615} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.) Task: {1AD9D468-7A76-4C7A-A054-A38EC281E1BA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {254566EB-A686-4089-B33A-ED7668BE67A7} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-08-04] (Realtek Semiconductor) Task: {3B64FC05-BDB8-45C3-9B40-1D7FDB74F910} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-09-30] (Dell Inc.) Task: {431ABDF9-5779-4C37-A90B-02E1BB09DA8B} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-01] (Aviata Inc) Task: {43E6EC14-A2F4-4BA2-AE40-9232788C9BC4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {4E3F070D-5E2F-4740-B666-777AAF9AB8EE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {53C2CB2C-B62C-4AF5-B5A5-B7FECCA29373} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\WINDOWS\TEMP\DeleteFolderTask.exe [2015-12-14] () Task: {6D710748-DC32-4E4A-AAA7-0A57F598A975} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-04-01] (Aviata Inc) Task: {72C68704-A8EF-4238-A223-4ACC85CB8023} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink) Task: {8563FE0A-89C1-4559-AE11-4546B65E89FF} - System32\Tasks\WordFly Auto Updater 1.10.0.28 Core => C:\Program Files (x86)\WordFly_1.10.0.28\Update\WordflyAutoUpdateClient.exe <==== UWAGA Task: {91BFCCE3-86B1-454B-9B92-A8413B0DCB74} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {944368B6-B849-4746-B94F-8B40FBAABCFF} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-10-30] (PC-Doctor, Inc.) Task: {9B6FCB86-6BDA-4268-B430-318B919DB949} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd) Task: {9BE1788C-821C-4140-A334-2AA4308E9184} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {9ED8E6E1-B371-49F9-93C1-7A5546F9961C} - System32\Tasks\Opera scheduled Autoupdate 1446244429 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-04] (Opera Software) Task: {A225C590-680B-4E1D-B453-D549D1E05150} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {AC92F9FB-DCC7-4371-9599-E852F16F43C2} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-10-30] (PC-Doctor, Inc.) Task: {BEE73AE1-9228-43CD-B7B9-4A73156E7377} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {E182ECA2-0647-4405-9A29-78827244E167} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {E853D805-7DB2-415C-B3FD-23F48C4DF3C1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe [2015-12-14] (Adobe Systems Incorporated) Task: {EDE475D1-651B-4AAA-B91F-B50D9C69C8E9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450082137&z=988513a45eadc00e82a2b66g7z0wde8e0b8o1g4o1z&from=wpm07173&uid=ADATAXSP920SS_8E302000294120002941 ShortcutWithArgument: C:\Users\Marcin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450082137&z=988513a45eadc00e82a2b66g7z0wde8e0b8o1g4o1z&from=wpm07173&uid=ADATAXSP920SS_8E302000294120002941 ShortcutWithArgument: C:\Users\Marcin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1450082137&z=988513a45eadc00e82a2b66g7z0wde8e0b8o1g4o1z&from=wpm07173&uid=ADATAXSP920SS_8E302000294120002941 ShortcutWithArgument: C:\Users\Marcin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yoursites123.com/?type=sc&ts=1450082137&z=988513a45eadc00e82a2b66g7z0wde8e0b8o1g4o1z&from=wpm07173&uid=ADATAXSP920SS_8E302000294120002941 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.yoursites123.com/?type=sc&ts=1450082137&z=988513a45eadc00e82a2b66g7z0wde8e0b8o1g4o1z&from=wpm07173&uid=ADATAXSP920SS_8E302000294120002941 ==================== Załadowane moduły (filtrowane) ============== 2015-09-10 06:11 - 2015-09-10 06:11 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-09-10 06:12 - 2015-09-10 06:12 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-11-08 20:23 - 2013-07-23 04:47 - 00239696 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe 2015-01-08 05:12 - 2015-01-08 05:12 - 00094160 _____ () C:\Program Files\TrueColor\TrueColorALS.exe 2014-11-13 13:52 - 2014-11-13 13:52 - 00466432 _____ () C:\WINDOWS\system32\DPPPlugin.dll 2015-11-01 08:02 - 2015-07-23 02:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-11-01 07:57 - 2015-11-01 07:57 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-11-01 07:57 - 2015-11-01 07:57 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2015-07-18 00:35 - 2015-07-18 00:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe 2015-11-01 07:57 - 2015-11-01 07:57 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-07-10 04:13 - 2015-07-10 04:13 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll 2015-11-01 07:57 - 2015-11-01 07:57 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-11-01 07:57 - 2015-11-01 07:57 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-11-01 07:57 - 2015-11-01 07:57 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-11-01 07:57 - 2015-11-01 07:57 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 04:13 - 2015-09-10 06:11 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll 2014-10-10 15:37 - 2014-10-10 15:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-11-03 10:13 - 2015-11-03 10:13 - 03715648 _____ () C:\Users\Marcin\AppData\Local\GG\Application\xulrunner\mozjs.dll 2015-11-03 10:13 - 2015-11-17 23:22 - 00122432 _____ () C:\Users\Marcin\AppData\Local\GG\Application\ggdrive\ZLIB1.dll 2015-12-10 21:20 - 2015-12-10 21:20 - 61547128 _____ () C:\Program Files (x86)\Opera\34.0.2036.25\opera.dll 2015-12-10 21:20 - 2015-12-10 21:20 - 01983096 _____ () C:\Program Files (x86)\Opera\34.0.2036.25\libglesv2.dll 2015-12-10 21:20 - 2015-12-10 21:20 - 00081528 _____ () C:\Program Files (x86)\Opera\34.0.2036.25\libegl.dll 2015-05-06 02:30 - 2013-03-05 04:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2013-03-05 17:41 - 2013-03-05 17:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2015-02-26 18:07 - 2015-02-09 17:14 - 01905904 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll 2015-05-06 02:46 - 2012-11-26 05:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll 2015-02-26 18:07 - 2014-02-18 20:12 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll 2015-09-25 23:48 - 2015-09-25 23:48 - 00043656 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32api.pyd 2015-09-25 23:47 - 2015-09-25 23:47 - 00061576 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pywintypes27.dll 2015-09-25 23:47 - 2015-09-25 23:47 - 00127624 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pythoncom27.dll 2015-09-25 23:48 - 2015-09-25 23:48 - 00024200 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_multiprocessing.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00046728 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_ctypes.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00027784 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32service.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00024712 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\servicemanager.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00031368 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_socket.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00445064 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_ssl.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00288904 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_hashlib.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00019080 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\select.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00022152 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32pipe.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00046728 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32file.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00019592 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32event.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00372360 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_bsddb.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00026248 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32process.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00022152 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32ts.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00020616 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32profile.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00044680 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32security.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00026760 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32inet.pyd 2015-09-25 23:48 - 2015-09-25 23:48 - 00191624 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\unicodedata.pyd 2015-09-25 23:47 - 2015-09-25 23:47 - 00024200 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\EnvironmentID.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3148115178-2301685078-862424154-1001\Control Panel\Desktop\\Wallpaper -> E:\zdjENcia\_Góry\Chocholowska 29-30.12.2014\P1090233.JPG DNS Servers: 79.139.16.1 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\...\StartupApproved\Run32: => "DropboxOEM" HKU\S-1-5-21-3148115178-2301685078-862424154-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-3148115178-2301685078-862424154-1001\...\StartupApproved\Run: => "OneDrive" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{6334449D-BF33-4C58-8226-9CBE9CADD5B3}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe FirewallRules: [{66E5FC32-A32C-44CC-84C0-2850A7BF56C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{83C1C622-2A2A-45F0-8E04-75EE2A02AB82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{845FE8CA-D3BE-41C8-9877-152BE964CDA5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{C28B4F27-6562-403D-B12B-E767041F3B78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{37A53F4E-3A04-49E2-806D-1A0D5A826D7F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{F9C29662-E8BC-4C0D-BD3A-137FAB4BD635}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{E2D2BFF2-7CF5-4B33-B4DD-DF02805AAADA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe FirewallRules: [{F075C612-9A43-4A61-BAA7-8C28BBAFF326}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{B4E2EEE4-B589-4134-AC1B-F83A8340F2E5}] => (Allow) C:\Users\Marcin\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{E5AC10E1-09D2-46A8-8FA5-BDA454D9538F}] => (Allow) C:\Users\Marcin\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{86890E18-1535-47F9-A7B8-0D2FA2A9E816}] => (Allow) C:\Users\Marcin\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{07052A47-5EE9-4B17-9B39-2663714981EB}] => (Allow) C:\Users\Marcin\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{0D241A62-7979-44B7-A6BF-424A6B332C50}] => (Allow) C:\Users\Marcin\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{04FE3CA5-2F7D-4F56-93A5-146AC2516475}] => (Allow) C:\Users\Marcin\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{D29EF2B9-38BC-4AED-A1DC-9E42506151E7}] => (Allow) C:\Program Files\DrWeb\dwservice.exe FirewallRules: [{B0F66812-9436-4581-A497-FB5E9F12455C}] => (Allow) C:\Program Files\DrWeb\spideragent.exe FirewallRules: [{0F8D907C-8B0A-400B-B3B9-DDF1763A626A}] => (Allow) C:\Program Files\DrWeb\dwnetfilter.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/17/2015 08:20:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: laptop) Description: Aktywacja aplikacji Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI nie powiodła się. Błąd: -2144927141. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (12/16/2015 10:46:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: ZARZĄDZANIE NT) Description: Installing the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code. Error: (12/16/2015 10:46:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3003) (User: ZARZĄDZANIE NT) Description: Unable to install counter strings because the SYSTEM\CurrentControlSet\Services\WmiApRpl\Performance key could not be opened or accessed. The first DWORD in the Data section contains the Win32 error code. Error: (12/16/2015 10:46:36 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: usbhubC:\WINDOWS\system32\usbperf.dll Error: (12/16/2015 10:46:36 PM) (Source: usbperf) (EventID: 2000) (User: ) Description: Nie można otworzyć klucza „Performance” sterownika usbperf w rejestrze. Kod stanu został zwrócony w danych. Error: (12/16/2015 10:46:36 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: TermService Error: (12/16/2015 10:46:36 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: RemoteAccessC:\Windows\System32\rasctrs.dll Error: (12/16/2015 10:46:36 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: rdyboostC:\WINDOWS\system32\sysmain.dll Error: (12/16/2015 10:46:36 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL Error: (12/16/2015 10:46:36 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: ESENTC:\WINDOWS\system32\esentprf.dll Dziennik System: ============= Error: (12/17/2015 06:39:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_Session3 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/17/2015 06:03:06 PM) (Source: DCOM) (EventID: 10016) (User: laptop) Description: domyślne ustawienia komputeraLokalnyAktywacja{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}laptopMarcinS-1-5-21-3148115178-2301685078-862424154-1001LocalHost (użycie LRPC)Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157 Error: (12/17/2015 08:20:22 AM) (Source: DCOM) (EventID: 10010) (User: laptop) Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca Error: (12/17/2015 08:20:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_Session2 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/16/2015 11:18:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_Session1 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/16/2015 11:10:15 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 22:41:18 na ‎16.‎12.‎2015 było nieoczekiwane. Error: (12/16/2015 11:09:29 PM) (Source: NetBT) (EventID: 4300) (User: ) Description: Nie można utworzyć sterownika. Error: (12/16/2015 11:09:29 PM) (Source: NetBT) (EventID: 4300) (User: ) Description: Nie można utworzyć sterownika. Error: (12/16/2015 11:09:29 PM) (Source: NetBT) (EventID: 4300) (User: ) Description: Nie można utworzyć sterownika. Error: (12/16/2015 11:09:29 PM) (Source: NetBT) (EventID: 4300) (User: ) Description: Nie można utworzyć sterownika. CodeIntegrity: =================================== Date: 2015-12-17 17:58:39.381 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-17 17:58:39.357 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-03 21:06:28.232 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\SensorsApi.dll because the set of per-page image hashes could not be found on the system. Date: 2015-11-03 21:06:27.837 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\SensorsApi.dll because the set of per-page image hashes could not be found on the system. Date: 2015-11-03 20:54:01.307 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\SensorsApi.dll because the set of per-page image hashes could not be found on the system. Date: 2015-11-03 20:54:00.904 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\SensorsApi.dll because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz Procent pamięci w użyciu: 30% Całkowita pamięć fizyczna: 8102.52 MB Dostępna pamięć fizyczna: 5668.52 MB Całkowita pamięć wirtualna: 9382.52 MB Dostępna pamięć wirtualna: 6470.89 MB ==================== Dyski ================================ Drive c: (OS) (Fixed) (Total:108.54 GB) (Free:66.4 GB) NTFS Drive e: (DATA) (Fixed) (Total:234.31 GB) (Free:114.3 GB) NTFS Drive f: (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32 Drive i: (Nowy) (Fixed) (Total:117.19 GB) (Free:117.08 GB) NTFS Drive j: (OLD) (Fixed) (Total:114.26 GB) (Free:107.79 GB) NTFS Drive x: (PBR Image) (Fixed) (Total:9.32 GB) (Free:1.49 GB) NTFS Drive y: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.45 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: 491B6F0E) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E9334269) Partition 1: (Not Active) - (Size=234.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=117.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=114.3 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================