Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:13-04-2016 Uruchomiony przez Admin (2016-04-15 15:25:20) Uruchomiony z C:\Users\patry_000\Desktop\frst Windows 10 Home Wersja 1511 (X64) (2016-04-12 17:24:25) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Admin (S-1-5-21-1593122494-3413122874-2295387288-1001 - Administrator - Enabled) => C:\Users\patry_000 Administrator (S-1-5-21-1593122494-3413122874-2295387288-500 - Administrator - Disabled) Gość (S-1-5-21-1593122494-3413122874-2295387288-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1593122494-3413122874-2295387288-1003 - Limited - Enabled) Konto domyślne (S-1-5-21-1593122494-3413122874-2295387288-503 - Limited - Disabled) mibfsotnvaj (S-1-5-21-1593122494-3413122874-2295387288-1004 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET Smart Security 9.0.374.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Smart Security 9.0.374.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} FW: Zapora osobista ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS) Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 3.3.90 - Dll-Files.com) ESET Smart Security (HKLM\...\{98AECDB2-04BA-48FA-9D75-AF09DE5791E1}) (Version: 9.0.374.1 - ESET, spol. s r.o.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Panel sterowania NVIDIA 353.84 (Version: 353.84 - NVIDIA Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7224 - Realtek Semiconductor Corp.) RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1593122494-3413122874-2295387288-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\patry_000\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {29CFE5B2-B61B-488C-B5C6-19CB919F6952} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-13] (Google Inc.) Task: {97562B1C-0E40-4120-A8ED-4688D442B2C5} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-08-23] (AsusTek) Task: {A983B15B-6C10-49B4-BC65-0C68EE1BD73B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-13] (Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-12 19:14 - 2015-08-07 19:18 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-04-12 20:16 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-12 20:16 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-04-13 17:23 - 2016-04-13 17:24 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-02-05 21:37 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-04-12 20:15 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-04-12 20:16 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-04-12 20:16 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-04-12 20:16 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-04-12 20:16 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-08-14 15:28 - 2015-08-14 15:28 - 00405432 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-04-13 17:17 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files\RocketDock\RocketDock.exe 2014-01-21 17:54 - 2016-02-05 18:24 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe 2016-04-06 15:50 - 2016-04-06 15:50 - 02322432 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.14\deploy\LoLLauncher.exe 2016-04-06 15:50 - 2016-04-06 15:50 - 04527104 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.54\deploy\LoLPatcher.exe 2016-02-05 19:51 - 2016-02-05 18:07 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.196\deploy\LolClient.exe 2016-04-13 17:23 - 2016-04-13 17:24 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-13 17:23 - 2016-04-13 17:24 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-04-13 17:17 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files\RocketDock\RocketDock.dll 2016-04-06 15:50 - 2016-04-06 15:50 - 01417216 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.54\deploy\RiotLauncher.dll 2016-02-05 19:37 - 2015-09-30 17:19 - 04885152 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.196\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll 2016-02-05 19:37 - 2015-09-30 17:19 - 17414304 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.196\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\68277868.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\68277868.sys => ""="Driver" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2016-04-12 19:53 - 2016-04-12 19:50 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1593122494-3413122874-2295387288-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\patry_000\Desktop\350033.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1593122494-3413122874-2295387288-1001\...\StartupApproved\Run: => "OneDrive" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{7DE05B61-D935-41D2-8FA2-D919BCF951BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= 12-04-2016 20:18:03 Windows Update 14-04-2016 19:23:28 JRT Pre-Junkware Removal 14-04-2016 19:27:53 JRT Pre-Junkware Removal ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (04/15/2016 03:11:31 PM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService GetDisplayBrightnessFromPowerSettings: Could not inform driver of current brightness value. Error: (04/15/2016 03:11:31 PM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService SetBrightnessSettingInDriver: p_handle is NULL. Error: (04/15/2016 03:11:31 PM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService SetDisplayBrightnessViaPowerSettings: Could not obtain brightness value to set from driver. Error: (04/15/2016 03:11:31 PM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService GetBrightnessSettingFromDriver: p_handle is NULL. Error: (04/15/2016 03:11:31 PM) (Source: DptfEvent) (EventID: 2) (User: ) Description: DptfParticipantDisplayService ConnectToDptfDisplayDriver: SetupDiEnumDeviceInterfaces() failed. Last error = [0x00000103] Error: (04/14/2016 08:29:08 PM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService GetDisplayBrightnessFromPowerSettings: Could not inform driver of current brightness value. Error: (04/14/2016 08:29:08 PM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService SetBrightnessSettingInDriver: p_handle is NULL. Error: (04/14/2016 08:29:08 PM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService SetDisplayBrightnessViaPowerSettings: Could not obtain brightness value to set from driver. Error: (04/14/2016 08:29:08 PM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService GetBrightnessSettingFromDriver: p_handle is NULL. Error: (04/14/2016 08:29:08 PM) (Source: DptfEvent) (EventID: 2) (User: ) Description: DptfParticipantDisplayService ConnectToDptfDisplayDriver: SetupDiEnumDeviceInterfaces() failed. Last error = [0x00000103] Dziennik System: ============= Error: (04/15/2016 03:11:16 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 14:38:07 na ‎2016-‎04-‎15 było nieoczekiwane. Error: (04/14/2016 09:31:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_34b5a niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (04/14/2016 09:31:51 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (04/14/2016 08:28:03 PM) (Source: DCOM) (EventID: 10010) (User: patryk) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (04/14/2016 08:28:01 PM) (Source: DCOM) (EventID: 10010) (User: patryk) Description: Windows.Media.Capture.Internal.AppCaptureShell Error: (04/14/2016 08:28:01 PM) (Source: DCOM) (EventID: 10010) (User: patryk) Description: {0002DF02-0000-0000-C000-000000000046} Error: (04/14/2016 08:28:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Synchronizuj hosta_1367cbf niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (04/14/2016 08:28:00 PM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (04/14/2016 07:39:08 PM) (Source: DCOM) (EventID: 10010) (User: patryk) Description: App Error: (04/14/2016 07:24:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. CodeIntegrity: =================================== Date: 2016-04-15 15:12:56.810 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\Drivers\ehdrv\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-15 15:12:56.782 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\Drivers\ehdrv\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-15 15:12:13.437 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-15 15:12:13.423 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-15 15:12:13.363 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-15 15:12:13.296 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-14 20:30:22.119 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\Drivers\ehdrv\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-14 20:30:22.088 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Smart Security\Drivers\ehdrv\ehdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-14 20:30:11.246 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-14 20:30:11.231 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz Procent pamięci w użyciu: 71% Całkowita pamięć fizyczna: 3979.16 MB Dostępna pamięć fizyczna: 1151.41 MB Całkowita pamięć wirtualna: 5387.16 MB Dostępna pamięć wirtualna: 2377.45 MB ==================== Dyski ================================ Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:291.27 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive d: () (Fixed) (Total:537.8 GB) (Free:490.24 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 4A2C3198) Partition: GPT. ==================== Koniec Addition.txt ============================