Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 31-08-2016 Uruchomiony przez Wiktor (01-09-2016 23:41:08) Uruchomiony z C:\Users\media\Desktop Windows 10 Home Wersja 1607 (X64) (2016-08-30 20:32:20) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1393445446-2982289665-441606675-500 - Administrator - Disabled) Gość (S-1-5-21-1393445446-2982289665-441606675-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1393445446-2982289665-441606675-1003 - Limited - Enabled) Konto domyślne (S-1-5-21-1393445446-2982289665-441606675-503 - Limited - Disabled) Wiktor (S-1-5-21-1393445446-2982289665-441606675-1001 - Administrator - Enabled) => C:\Users\media ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Baidu Antivirus (Enabled - Up to date) {0B023102-4312-4570-585A-1BAAA3570E16} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Baidu Antivirus (Disabled - Up to date) {B063D0E6-6528-4AFE-62EA-20D8D8D044AB} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) AION (HKLM-x32\...\AION) (Version: - ) ASUS Backtracker (HKLM-x32\...\{C15C060C-ED1C-49EB-83B3-F7C0FD1CD661}) (Version: 3.0.6 - ASUS) Asus FaceID (HKLM-x32\...\{C4071085-DDF0-403F-90F9-27582FC22C9B}) (Version: 7.6.9.3 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.7 - ASUS) ASUS Product Demo Kit (HKLM-x32\...\{1714AD6E-D517-40C0-9B19-4CE0078F7694}) (Version: 2.0.4 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS) ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.33 - ASUS) ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5712.52 - CyberLink Corp.) ASUSDVD (x32 Version: 10.0.5712.52 - CyberLink Corp.) Hidden AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS) Baidu Antivirus (HKLM-x32\...\Baidu Antivirus) (Version: 5.4.3.148966 - Baidu, Inc.) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source) CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{92DA2455-E6C9-4EFF-9AFD-07C2C3B185DA}) (Version: 4.2.41.2633 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) LBOTS Top Keyboard Driver (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 1.0 - ) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) NVIDIA Graphics Driver 332.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.85 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.96.218.0 - Overwolf Ltd.) Pakiet sterowników systemu Windows - ASUS (ATP) Mouse (11/11/2015 6.0.0.66) (HKLM\...\82D024CBD181D16D72E5AE45A426919815D5F456) (Version: 11/11/2015 6.0.0.66 - ASUS) Panel sterowania NVIDIA 353.54 (Version: 353.54 - NVIDIA Corporation) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.21.40.1020 - Electronic Arts Inc.) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1393445446-2982289665-441606675-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\media\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {111EA093-B8B8-4E2A-A429-545E40225813} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] () Task: {12B4E88F-34A5-4864-826C-0B95D49FAFC4} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [2014-01-03] () Task: {13CCE251-C120-4932-B17B-BB4779590CBA} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-03-20] (Realtek Semiconductor) Task: {325A22D9-6DC8-4599-9F8E-9EA1AE22FC83} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe Task: {5F091229-9AE6-447F-8B23-4332AE556F3F} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.) Task: {66AE1976-C9E4-415D-82A1-95E33A85B311} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-07-17] (Overwolf LTD) Task: {6D6BFB6C-62EC-4E37-A223-CD6ADAD1F15D} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS) Task: {78B7F80E-0400-44A7-AB60-CF4A1816E53E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-31] (Google Inc.) Task: {7B53AF11-1957-4E57-9F8A-F5C710EB42BD} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-21] (Realtek Semiconductor) Task: {8EF887DB-D754-42AC-BFF7-A803B28E59D9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd) Task: {9E5E8158-F7DC-4209-9911-B9630857A08E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-31] (Google Inc.) Task: {C4CBAD72-EB53-47E4-9550-89D8ABA16C4A} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => Cscript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js" Task: {C6EE3E1E-E834-48F9-AD30-32C638325E38} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\media\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-31] (Microsoft Corporation) Task: {DAF57369-61D6-4D29-B62B-34BFB6DE105D} - System32\Tasks\ASUS Vivokey => C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe [2014-02-04] (ASUSTek Computer Inc.) Task: {E053A4A9-0E82-4670-BD13-F6FCCF91D3C9} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-01-03] (ASUS) Task: {F28A9D66-22EA-488F-9E09-5772B6552A29} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-08-30 22:04 - 2015-07-13 19:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-11-07 18:12 - 2013-11-07 18:12 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 2013-11-07 18:12 - 2013-11-07 18:12 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll 2013-11-07 18:12 - 2013-11-07 18:12 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll 2014-01-03 18:26 - 2014-01-03 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2014-01-03 18:26 - 2014-01-03 18:26 - 00028672 _____ () C:\Program Files\ASUS\P4G\plctrl.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-08-31 07:18 - 2016-08-31 07:18 - 01864384 _____ () C:\Users\media\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll 2016-05-27 15:50 - 2016-05-27 15:50 - 00402520 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-08-31 14:57 - 2016-08-06 05:43 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-08-31 14:57 - 2016-08-06 05:28 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-08-31 14:57 - 2016-08-06 05:21 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-08-31 14:57 - 2016-08-06 05:21 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-08-31 14:57 - 2016-08-06 05:23 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-08-31 14:57 - 2016-08-06 05:23 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-12-06 14:39 - 2013-05-15 11:58 - 00745472 _____ () C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE 2016-08-31 07:44 - 2016-08-31 07:44 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11607.1001.51.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll 2016-08-30 22:46 - 2016-08-30 22:46 - 00297968 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\HipsLogger.dll 2016-08-30 22:46 - 2015-05-28 13:44 - 00198128 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\dark.dll 2016-08-30 22:46 - 2016-08-30 22:46 - 00540656 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\sqlite.dll 2016-08-30 22:46 - 2016-08-30 22:46 - 00370672 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\BNetOp.dll 2013-10-08 21:41 - 2013-10-08 21:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2013-09-09 19:23 - 2013-09-09 19:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2015-12-06 14:39 - 2012-08-14 08:49 - 00057344 _____ () C:\Program Files (x86)\Gaming Keyboard\lan.dll 2015-12-06 14:39 - 2012-08-14 23:41 - 00061440 _____ () C:\Program Files (x86)\Gaming Keyboard\hiddriver.dll 2016-08-30 22:46 - 2016-08-30 22:46 - 00277488 _____ () C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.0\Pulgin_Dark_DeleteFileTip.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"="" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2013-08-22 15:25 - 2016-09-01 23:34 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1393445446-2982289665-441606675-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\media\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp DNS Servers: Urządzenie nie jest podłączone do internetu. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\...\StartupApproved\Run32: => "KokoMoss" HKLM\...\StartupApproved\Run32: => "mpck_en_005030283" HKU\S-1-5-21-1393445446-2982289665-441606675-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-1393445446-2982289665-441606675-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1393445446-2982289665-441606675-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1393445446-2982289665-441606675-1001\...\StartupApproved\Run: => "Uninstall C:\Users\media\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1" HKU\S-1-5-21-1393445446-2982289665-441606675-1001\...\StartupApproved\Run: => "Uninstall C:\Users\media\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{5A0CCA64-2AA9-45A3-9B6C-F3F1DD21A798}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe FirewallRules: [{D8FA4D7A-C22A-4951-B56C-CBDC7A8169E0}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe FirewallRules: [{C392DB86-C9DD-4832-9A5D-D117D570E5CB}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{F5CB1848-7FD3-41D8-9E12-E1D380F6C8C9}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{8E91CDCF-EF97-4F4A-9696-F167010C9BD0}] => (Allow) C:\Users\media\Desktop\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{9607D058-554F-489C-B5D2-556E5486DCFC}] => (Allow) C:\Users\media\Desktop\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{418FE60C-AF92-4B46-9030-F988D46CA471}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{6ECC64E0-B9A5-4615-B131-73AAAE05AFE5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{32BF36B9-5D2B-47BF-B5CE-218D1B4A5404}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{0F290ED1-07F3-436F-B33B-AB66EF2A496E}] => (Allow) LPort=65387 FirewallRules: [{7620CB64-85E4-4265-99AF-884C2937B9E9}] => (Allow) LPort=65387 FirewallRules: [{B2A49D1F-8181-4F97-9AFE-768D46A2A6AF}] => (Allow) LPort=65388 FirewallRules: [{E6ECC9AB-EEE4-41B7-8741-35F7FB3B047B}] => (Allow) LPort=65388 FirewallRules: [{F53000B4-2EC4-4986-9CCE-F3B5916435F7}] => (Allow) LPort=65389 FirewallRules: [{5E4A0D1F-9959-4FBC-BF06-BD2BFD1E0D0F}] => (Allow) LPort=65389 FirewallRules: [TCP Query User{6041530B-0B23-4104-8E35-0D79F352661E}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [UDP Query User{79D702A6-6806-406D-B769-5D4B5E55590A}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [{1161AE27-3166-4406-AF3F-58759778ECC9}] => (Allow) C:\Users\media\Desktop\Steam\Steam.exe FirewallRules: [{A2BA263C-56E3-4B84-A87A-A565660C74AA}] => (Allow) C:\Users\media\Desktop\Steam\Steam.exe FirewallRules: [TCP Query User{5FD74251-64CD-44BE-A970-FB70E3A705F4}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{C525C45D-A450-4982-875B-207E0B1109AF}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{15338D99-529F-4010-947D-51112CE671D9}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{976BD5EB-6A99-4721-8DE6-CB932C99873A}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{3497D25D-E0D4-41FC-B6D6-919DA9AF8678}] => (Allow) C:\Users\media\Desktop\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe FirewallRules: [{917C591A-EB9F-43A6-A471-371875CEC9AA}] => (Allow) C:\Users\media\Desktop\Steam\steamapps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe FirewallRules: [{779EF484-0EED-4A27-B449-D3DC422C5C99}] => (Allow) C:\Users\media\Desktop\Steam\bin\steamwebhelper.exe FirewallRules: [{EE7E1DD6-92BE-4B03-8E18-90D18F2DA0B8}] => (Allow) C:\Users\media\Desktop\Steam\bin\steamwebhelper.exe FirewallRules: [TCP Query User{816BDB51-56E6-4A5A-B328-F50B5341414D}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [UDP Query User{7A04836F-00F6-426A-9990-2A84CAFCC22D}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [{EA2552C0-E8CA-4E95-8E93-FEBF86267CDA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= 31-08-2016 14:47:18 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (09/01/2016 06:01:30 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - OnThermalBatterySuspendRequest Received a callback to suspend due to thermal or battery - bThermal = 0. Error: (09/01/2016 06:01:29 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - OnThermalBatterySuspendRequest Received a callback to suspend due to thermal or battery - bThermal = 0. Error: (09/01/2016 06:01:28 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - OnThermalBatterySuspendRequest Received a callback to suspend due to thermal or battery - bThermal = 0. Error: (09/01/2016 06:01:27 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - OnThermalBatterySuspendRequest Received a callback to suspend due to thermal or battery - bThermal = 0. Error: (09/01/2016 06:01:26 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - OnThermalBatterySuspendRequest Received a callback to suspend due to thermal or battery - bThermal = 0. Error: (09/01/2016 06:01:25 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - OnThermalBatterySuspendRequest Received a callback to suspend due to thermal or battery - bThermal = 0. Error: (09/01/2016 06:01:24 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - OnThermalBatterySuspendRequest Received a callback to suspend due to thermal or battery - bThermal = 0. Error: (09/01/2016 06:01:23 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - OnThermalBatterySuspendRequest Received a callback to suspend due to thermal or battery - bThermal = 0. Error: (09/01/2016 06:01:22 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - OnThermalBatterySuspendRequest Received a callback to suspend due to thermal or battery - bThermal = 0. Error: (09/01/2016 06:01:21 PM) (Source: ISCTAgent) (EventID: 1000) (User: ) Description: ISCT - OnThermalBatterySuspendRequest Received a callback to suspend due to thermal or battery - bThermal = 0. Dziennik System: ============= Error: (09/01/2016 11:40:17 PM) (Source: DCOM) (EventID: 10010) (User: ZARZĄDZANIE NT) Description: Serwer {784E29F4-5EBE-4279-9948-1E8FE941646D} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (09/01/2016 11:37:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Baidu Hook Base z powodu następującego błędu: Urządzenie dołączone do komputera nie działa. Error: (09/01/2016 11:37:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Baidu Hook Base z powodu następującego błędu: Urządzenie dołączone do komputera nie działa. Error: (09/01/2016 11:37:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Baidu Hook Base z powodu następującego błędu: Urządzenie dołączone do komputera nie działa. Error: (09/01/2016 11:37:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Baidu Hook Base z powodu następującego błędu: Urządzenie dołączone do komputera nie działa. Error: (09/01/2016 11:37:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Baidu Hook Base z powodu następującego błędu: Urządzenie dołączone do komputera nie działa. Error: (09/01/2016 11:37:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Baidu Hook Base z powodu następującego błędu: Urządzenie dołączone do komputera nie działa. Error: (09/01/2016 11:37:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Baidu Hook Base z powodu następującego błędu: Urządzenie dołączone do komputera nie działa. Error: (09/01/2016 11:37:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Baidu Hook Base z powodu następującego błędu: Urządzenie dołączone do komputera nie działa. Error: (09/01/2016 11:37:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Baidu Hook Base z powodu następującego błędu: Urządzenie dołączone do komputera nie działa. CodeIntegrity: =================================== Date: 2016-08-31 15:32:57.373 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-08-31 15:14:02.331 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-08-31 09:34:31.992 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-08-31 07:43:30.598 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-08-31 07:15:30.864 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-08-30 22:47:13.060 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-08-30 22:21:49.149 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz Procent pamięci w użyciu: 34% Całkowita pamięć fizyczna: 3979.05 MB Dostępna pamięć fizyczna: 2600.92 MB Całkowita pamięć wirtualna: 5387.05 MB Dostępna pamięć wirtualna: 4077.63 MB ==================== Dyski ================================ Drive c: (OS) (Fixed) (Total:372.15 GB) (Free:281.2 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:536.81 GB) NTFS Drive f: () (Removable) (Total:14.91 GB) (Free:14.73 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: F684AEE1) Partition: GPT. ======================================================== Disk: 1 (Size: 14.9 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt ============================