Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:25-05-2016 01 Uruchomiony przez Sebastian (2016-05-26 11:22:42) Uruchomiony z C:\Users\Sebastian\Downloads Windows 10 Home Wersja 1511 (X64) (2015-12-05 16:41:22) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-71419581-4181100480-2560518972-500 - Administrator - Disabled) Gość (S-1-5-21-71419581-4181100480-2560518972-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-71419581-4181100480-2560518972-1003 - Limited - Enabled) Konto domyślne (S-1-5-21-71419581-4181100480-2560518972-503 - Limited - Disabled) Sebastian (S-1-5-21-71419581-4181100480-2560518972-1001 - Administrator - Enabled) => C:\Users\Sebastian ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-71419581-4181100480-2560518972-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated) Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Asystent Rejestr Świń 2014 (v14.12.10) (HKLM-x32\...\Asystent Rejestr Świń 2014_is1) (Version: 14.12.10 - Meteoryt.pl) Audials (HKLM-x32\...\{49309144-ADE0-4243-812F-1CC7F400C25F}) (Version: 14.0.56000.0 - Audials AG) AudibleManager (HKLM-x32\...\AudibleManager) (Version: 40.939524409.939524409.36120096 - Audible, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) calibre (HKLM-x32\...\{49FA2A5C-8FC3-4BD0-A244-CA01A9250E55}) (Version: 2.50.1 - Kovid Goyal) calibre 64bit (HKLM\...\{B74D8371-98D2-42AD-9D94-3531FF4EA328}) (Version: 2.31.0 - Kovid Goyal) Chess 2012 (HKU\S-1-5-21-71419581-4181100480-2560518972-1001\...\Chess2012) (Version: 2012.8 - Filip Hofer) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant) Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc) Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo) Energy Manager (x32 Version: 1.0.0.24 - Lenovo) Hidden f.lux (HKU\S-1-5-21-71419581-4181100480-2560518972-1001\...\Flux) (Version: - ) Football Manager 2015 version v.15.1.3 (HKLM-x32\...\{A91E817B-E800-43BD-B88F-FFADBD30AC0C}_is1) (Version: v.15.1.3 - Sports Interactive) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.) Google Drive (HKLM-x32\...\{D7269C20-B3CE-4CD0-8E88-3D307D3BD41A}) (Version: 1.29.2074.1528 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden HP Deskjet Ink Adv 2060 K110 — badanie mające na celu poprawę produktów (HKLM\...\{56AF7441-1677-47A0-A998-8C34C3ADCE8C}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet Ink Adv 2060 K110 — podstawowe oprogramowanie urządzenia (HKLM\...\{75A263B6-BDAC-4EB8-B2F5-D20009231CAB}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet Ink Adv 2060 K110 Pomoc (HKLM-x32\...\{261A4762-744B-4C71-81D2-57FA5038DC7B}) (Version: 140.0.2.2 - Hewlett Packard) HP Support Solutions Framework (HKLM-x32\...\{2AD02988-163A-45E2-AC71-530B080D1A73}) (Version: 12.4.18.7 - HP) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation) iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.) Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.69.4 - ELAN Microelectronic Corp.) Malwarebytes Anti-Malware wersja 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Pakiet sterowników systemu Windows - Intel (NETwNe64) net (02/21/2013 15.6.1.6) (HKLM\...\8D9612122FB122E74AABD8B727C58E14ED36030A) (Version: 02/21/2013 15.6.1.6 - Intel) Pakiet sterowników systemu Windows - Intel (NETwNs64) net (01/22/2012 14.3.2.1) (HKLM\...\CD88F0FADE1395C9F91302912FD35B13CF75C196) (Version: 01/22/2012 14.3.2.1 - Intel) Pakiet sterowników systemu Windows - Intel (NETwNs64) net (01/23/2013 15.4.1.1) (HKLM\...\EDB3AFE3A78039CF2ECCA4716CFA00C670559BEA) (Version: 01/23/2013 15.4.1.1 - Intel) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Pakiet sterowników systemu Windows - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications) Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.19 - Qualcomm Atheros Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform) ShadowExplorer 0.9 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.9.462.0 - ShadowExplorer.com) Skype Web Plugin (HKLM-x32\...\{0DCA0976-1B6D-494D-9A81-1CD3C7129D84}) (Version: 7.18.0.58 - Skype Technologies S.A.) Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.) Spybot Anti-Beacon (HKLM-x32\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 1.5 - Safer-Networking Ltd.) Trans 4.7.3.7039 (HKLM-x32\...\Trans_is1) (Version: 4.7.3.7039 - Logintrans sp. z o.o.) UsbFix (HKLM-x32\...\Usbfix) (Version: 8.247 - El Desaparecido - www.usb-antivirus.com - www.sosvirus.net) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) Wise Auto Shutdown 1.43 (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 1.43 - WiseCleaner.com, Inc.) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-71419581-4181100480-2560518972-1001_Classes\CLSID\{0F4C16BF-C81B-48A3-9A5A-9FDBFB52AE53}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\SkypePlugin\7.18.0.58\GatewayActiveX-x64.dll (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-71419581-4181100480-2560518972-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-71419581-4181100480-2560518972-1001_Classes\CLSID\{9E004698-89A0-4396-9BE4-BC6AF18BD4B6}\localserver32 -> C:\Users\Sebastian\AppData\Local\SkypePlugin\7.18.0.58\GatewayVersion-x64.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-71419581-4181100480-2560518972-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Sebastian\AppData\Local\SkypePlugin\7.18.0.58\EdgeCalling.exe (Skype Technologies S.A.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1407A9B4-D5F9-42B1-9850-400AAECEDBFB} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization => C:\Program Files (x86)\Spybot Anti-Beacon\SDAntiBeacon.exe [2015-10-19] (Safer-Networking Ltd.) Task: {1DD20545-4D31-4D24-8628-AF78C16F3B0D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA Task: {1FECFC3B-9564-4E85-98B9-BEA456AB8A92} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA Task: {2123C27E-BEB4-4C64-BDF5-FDBCBFBBC4C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard) Task: {21FD62F5-6DE7-4A96-A9AF-A9455310FB0C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA Task: {2E1603F9-44D8-4F58-B66F-5467062D70A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {2EEF5CB4-32EA-4859-9A48-4D6D95464AC2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard) Task: {458BF255-781B-4204-B181-4346533085AA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Brak pliku <==== UWAGA Task: {49000098-0425-45DF-BFC9-554750DE32EF} - System32\Tasks\pc shutdown => s Task: {4D75708B-B0F1-4B71-88FF-51E4F0CD90C8} - System32\Tasks\{062DAA1F-31BE-4288-AB54-F6B5F357E6F5} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/pl/abandoninstall?source=lightinstaller&page=tsBing Task: {5A0F9D09-F5B4-4F65-87EC-0B5E142CF85E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA Task: {6D3FC8D5-7089-4FC4-950B-955712E33DDA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA Task: {A544BDC3-DE03-40C7-B250-8C50A9E50745} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Brak pliku <==== UWAGA Task: {B5233FF3-D38E-4AC4-BF1B-F3B4E5F882C4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Brak pliku <==== UWAGA Task: {BD17689D-F1F3-4BD8-BD20-62FF319B2812} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Brak pliku <==== UWAGA Task: {BED9EC8A-D32C-4BCA-BFF2-4B66ED889EFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {D888C60E-3F9E-4F2E-9A6C-E03B4EB6D22B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Brak pliku <==== UWAGA Task: {D9A8C63F-15B7-4D00-A9FE-CD7F867945BF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation) Task: {E8E19BF7-9081-4314-BDE9-3896D6108258} - System32\Tasks\HPCustParticipation HP Deskjet Ink Adv 2060 K110 => C:\Program Files\HP\HP Deskjet Ink Adv 2060 K110\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.) Task: {EDD67DDF-3726-4C65-B166-9BD77D13C08D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Brak pliku <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-17 19:38 - 2015-12-17 19:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-12-17 19:38 - 2015-12-17 19:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-04-13 09:48 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-13 09:48 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-05-18 18:37 - 2016-05-18 18:37 - 00959168 _____ () C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2011-03-17 01:07 - 2011-03-17 01:07 - 04297568 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2015-07-18 00:35 - 2015-12-19 02:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe 2015-12-18 21:22 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-10 21:24 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-27 04:37 - 2016-01-27 04:37 - 02412952 _____ () C:\Program Files (x86)\Audials\Audials 2016\AudialsNotifier.exe 2016-03-29 06:44 - 2016-03-29 06:44 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-03-29 06:44 - 2016-03-29 06:44 - 17535488 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-03-04 13:54 - 2016-03-04 13:55 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2016-05-10 21:25 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-05-10 21:25 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-05-10 21:25 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-05-10 21:26 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-05-18 18:37 - 2016-05-18 18:37 - 00679624 _____ () C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll 2016-01-27 04:37 - 2016-01-27 04:37 - 00049424 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_thread-vc90-mt-1_39.dll 2016-01-27 04:37 - 2016-01-27 04:37 - 00048400 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_date_time-vc90-mt-1_39.dll 2016-01-27 04:37 - 2016-01-27 04:37 - 00068504 _____ () C:\Program Files (x86)\Audials\Audials 2016\CrashRpt.dll 2016-01-27 04:37 - 2016-01-27 04:37 - 00618256 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_regex-vc90-mt-1_39.dll 2016-01-27 04:38 - 2016-01-27 04:38 - 00544152 _____ () C:\Program Files (x86)\Audials\Audials 2016\StreamingClient.dll 2016-01-27 04:37 - 2016-01-27 04:37 - 00016144 _____ () C:\Program Files (x86)\Audials\Audials 2016\boost_system-vc90-mt-1_39.dll 2016-01-27 04:37 - 2016-01-27 04:37 - 00040856 _____ () C:\Program Files (x86)\Audials\Audials 2016\CrashHandlerNET.dll 2011-03-17 01:11 - 2011-03-17 01:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2016-05-13 07:01 - 2016-05-11 13:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll 2016-05-13 07:01 - 2016-05-11 13:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 15:25 - 2016-05-26 07:58 - 00002641 ____A C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.0 choice.microsoft.com 0.0.0.0 choice.microsoft.com.nstac.net 0.0.0.0 df.telemetry.microsoft.com 0.0.0.0 oca.telemetry.microsoft.com 0.0.0.0 oca.telemetry.microsoft.com.nsatc.net 0.0.0.0 redir.metaservices.microsoft.com 0.0.0.0 reports.wes.df.telemetry.microsoft.com 0.0.0.0 services.wes.df.telemetry.microsoft.com 0.0.0.0 settings-sandbox.data.microsoft.com 0.0.0.0 settings-win.data.microsoft.com 0.0.0.0 sqm.df.telemetry.microsoft.com 0.0.0.0 sqm.telemetry.microsoft.com 0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net 0.0.0.0 telecommand.telemetry.microsoft.com 0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net 0.0.0.0 telemetry.appex.bing.net 0.0.0.0 telemetry.microsoft.com 0.0.0.0 telemetry.urs.microsoft.com 0.0.0.0 vortex-sandbox.data.microsoft.com 0.0.0.0 vortex-win.data.microsoft.com 0.0.0.0 vortex.data.microsoft.com 0.0.0.0 watson.telemetry.microsoft.com 0.0.0.0 watson.telemetry.microsoft.com.nsatc.net 0.0.0.0 watson.ppe.telemetry.microsoft.com 0.0.0.0 wes.df.telemetry.microsoft.com 0.0.0.0 vortex-bn2.metron.live.com.nsatc.net 0.0.0.0 vortex-cy2.metron.live.com.nsatc.net 0.0.0.0 watson.live.com 0.0.0.0 watson.microsoft.com 0.0.0.0 feedback.search.microsoft.com Wykryto więcej niż wyliczono: 6 linii. ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-71419581-4181100480-2560518972-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebastian\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{b0f728ba-2e68-47bb-a9bb-3cc0996d66ef}.jpg DNS Servers: 91.232.90.18 - 91.232.90.19 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{7F9E33C8-7D8B-4CA9-B603-FE3A52AB1C65}] => (Allow) C:\Users\Sebastian\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{FDF1F96F-92B0-4D59-B024-4E611E5ADE57}] => (Allow) C:\Users\Sebastian\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8968785E-A1E0-4394-8C12-51C1C12FF6A8}] => (Allow) C:\Users\Sebastian\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E57BE1AA-FE18-46B8-A678-8687E5302878}] => (Allow) C:\Users\Sebastian\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{1D6E7473-6756-4474-9695-58C7C52B301C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{6459469E-E596-483B-AB43-7C5F2F1BA5D5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{65EBE84A-D711-468E-A1D2-C01232710C63}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{2A9E1404-71CC-4621-A83C-01F6F3458CF6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{8877DDA3-4A60-44D0-8611-C18F5AB14D32}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{2E956256-A96E-480C-8BBE-3F13F8CA5600}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{8F72340E-7634-4698-9172-CEC9F30326FF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{1CE11F31-14D1-49FC-8B55-FDD7D9ED76BE}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{AD66FF76-9463-4FB8-B4AE-FDD8EEC3973C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{7185F993-82AE-41C2-98AC-4E9F77FE2B96}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{52E371FD-2764-419D-BB90-0B8C36497A7B}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{EBF5D3F5-3C4A-4509-8EF7-D22A8F501B1C}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{C40B6255-23E4-4E00-B248-3941DFD1233C}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{03469D3F-DDB5-456A-842F-B18128845D6B}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{539261CC-9133-47A4-835E-ACDBC881A350}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{6BA0C9B2-3AD5-4754-AE8D-7071D48E734B}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{51B9E25C-8090-4AE0-97FA-1369D0679FB1}] => (Allow) C:\Program Files (x86)\Wi-Fi\Wi-Fi.exe FirewallRules: [{B225A6B5-9B0B-46FE-BF99-484BC787300B}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{BC1CC9AE-71F3-45BF-B2AE-613BB0014DEF}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{159FC10E-0A09-48CB-8B7D-7A2C401256CD}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{938866D3-EB7F-4B8F-8B1F-80E407C761BE}] => (Allow) C:\Program Files\HP\HP Deskjet Ink Adv 2060 K110\Bin\USBSetup.exe FirewallRules: [{71494030-53B3-4618-82D4-C35B31AD473D}] => (Allow) C:\Program Files (x86)\Audials\Audials 2016\Audials.exe FirewallRules: [{92F3558D-541E-4B85-AA94-496EDC3B3B28}] => (Allow) LPort=12972 FirewallRules: [{9A6F1EA7-A0DD-4C8F-AE78-7F02D064B5C4}] => (Allow) LPort=14714 FirewallRules: [{D2ADD9B3-1A4C-438F-8DA2-F18895CAAE28}] => (Allow) LPort=31931 FirewallRules: [{4F41E869-FDBC-424D-A05E-206B79AAE282}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{71AFDC2B-894C-48B1-A94C-69F25B05531B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{124C1EF0-E85A-42FC-9CA0-BFCD2EA1A01A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{06059B76-2C63-4952-AAA5-659634735803}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{A19B07DA-C4F9-4FBD-8F52-90BA575C0A03}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{18B84625-1524-4535-B15B-3064A6E569B2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{BDD18DE5-32B6-486E-A27E-596BC35324EA}C:\users\sebastian\appdata\local\skypeplugin\7.18.0.58\pluginhost.exe] => (Allow) C:\users\sebastian\appdata\local\skypeplugin\7.18.0.58\pluginhost.exe FirewallRules: [UDP Query User{D05A075F-8190-4414-9504-E0AB103AF6EB}C:\users\sebastian\appdata\local\skypeplugin\7.18.0.58\pluginhost.exe] => (Allow) C:\users\sebastian\appdata\local\skypeplugin\7.18.0.58\pluginhost.exe ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (05/26/2016 11:10:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ENDER) Description: Aktywacja aplikacji Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (05/26/2016 09:08:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ENDER) Description: Aktywacja aplikacji Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (05/26/2016 07:55:30 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ENDER) Description: Aktywacja aplikacji Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (05/26/2016 07:53:28 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: igfxHK.exe, wersja: 6.15.10.4331, sygnatura czasowa: 0x564cc83e Nazwa modułu powodującego błąd: igfxHK.exe, wersja: 6.15.10.4331, sygnatura czasowa: 0x564cc83e Kod wyjątku: 0xc0000409 Przesunięcie błędu: 0x0000000000015953 Identyfikator procesu powodującego błąd: 0x1168 Godzina uruchomienia aplikacji powodującej błąd: 0xigfxHK.exe0 Ścieżka aplikacji powodującej błąd: igfxHK.exe1 Ścieżka modułu powodującego błąd: igfxHK.exe2 Identyfikator raportu: igfxHK.exe3 Pełna nazwa pakietu powodującego błąd: igfxHK.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: igfxHK.exe5 Error: (05/26/2016 07:09:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ENDER) Description: Aktywacja aplikacji Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (05/26/2016 06:31:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ENDER) Description: Aktywacja aplikacji Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. Error: (05/26/2016 12:55:38 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 10802875 Error: (05/26/2016 12:55:38 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 10802875 Error: (05/26/2016 12:55:38 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/25/2016 08:37:03 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1477609 Dziennik System: ============= Error: (05/26/2016 11:16:27 AM) (Source: DCOM) (EventID: 10016) (User: ENDER) Description: domyślne ustawienia komputeraLokalnyAktywacja{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}EnderSebastianS-1-5-21-71419581-4181100480-2560518972-1001LocalHost (użycie LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (05/26/2016 11:12:27 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Error: (05/26/2016 09:50:00 AM) (Source: DCOM) (EventID: 10016) (User: ZARZĄDZANIE NT) Description: właściwe dla aplikacjiLokalnyAktywacja{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}ZARZĄDZANIE NTSYSTEMS-1-5-18LocalHost (użycie LRPC)NiedostępnyNiedostępny Error: (05/26/2016 09:29:18 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Error: (05/26/2016 07:56:27 AM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (05/26/2016 07:54:23 AM) (Source: DCOM) (EventID: 10016) (User: ENDER) Description: domyślne ustawienia komputeraLokalnyAktywacja{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}EnderSebastianS-1-5-21-71419581-4181100480-2560518972-1001LocalHost (użycie LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (05/26/2016 07:54:23 AM) (Source: DCOM) (EventID: 10016) (User: ENDER) Description: domyślne ustawienia komputeraLokalnyAktywacja{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}EnderSebastianS-1-5-21-71419581-4181100480-2560518972-1001LocalHost (użycie LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (05/26/2016 07:54:23 AM) (Source: DCOM) (EventID: 10016) (User: ENDER) Description: domyślne ustawienia komputeraLokalnyAktywacja{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}EnderSebastianS-1-5-21-71419581-4181100480-2560518972-1001LocalHost (użycie LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (05/26/2016 07:53:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi SAService z powodu następującego błędu: %%2 Error: (05/26/2016 07:52:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Synchronizuj hosta_18f6cc6. CodeIntegrity: =================================== Date: 2016-05-26 09:47:20.535 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-26 09:47:20.457 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-26 09:47:19.925 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-26 09:47:19.824 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-26 09:47:19.268 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-26 09:47:19.191 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-26 09:47:18.660 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-26 09:47:18.577 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-26 07:49:39.022 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-26 07:49:38.891 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-4000M CPU @ 2.40GHz Procent pamięci w użyciu: 62% Całkowita pamięć fizyczna: 4008.27 MB Dostępna pamięć fizyczna: 1486.25 MB Całkowita pamięć wirtualna: 5096.27 MB Dostępna pamięć wirtualna: 1890.43 MB ==================== Dyski ================================ Drive c: (Windows) (Fixed) (Total:110.88 GB) (Free:14.64 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 111.8 GB) (Disk ID: 6F7C18CE) Partition: GPT. ==================== Koniec Addition.txt ============================