Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 05-02-2017 Uruchomiony przez Bernard (07-02-2017 12:15:42) Uruchomiony z C:\Users\Bernard\Desktop Windows 7 Professional Service Pack 1 (X64) (2016-09-25 14:01:47) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1469676549-4071989466-3462987422-500 - Administrator - Disabled) Bernard (S-1-5-21-1469676549-4071989466-3462987422-1000 - Administrator - Enabled) => C:\Users\Bernard Gość (S-1-5-21-1469676549-4071989466-3462987422-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1469676549-4071989466-3462987422-1002 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Aktualizacje NVIDIA 23.23.0.0 (Version: 23.23.0.0 - NVIDIA Corporation) Hidden Amnesia: The Dark Descent (HKLM\...\Steam App 57300) (Version: - Frictional Games) Ansel (Version: 376.33 - NVIDIA Corporation) Hidden AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies) AVG (Version: 16.141.7998 - AVG Technologies) Hidden AVG 2016 (Version: 16.0.4756 - AVG Technologies) Hidden AVG Protection (HKLM\...\AVG) (Version: 2016.141.7998 - AVG Technologies) AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies) AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform) CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version: - Codemasters Racing Studio) Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version: - SCS Software) FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden Fraps (HKLM-x32\...\Fraps) (Version: - ) GG (HKU\S-1-5-21-1469676549-4071989466-3462987422-1000\...\GG) (Version: 12 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.) Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS) GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation) Metro 2033 (HKLM\...\Steam App 43110) (Version: - 4A Games) Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation) Microsoft .NET Framework 4.6.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01590 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation) NVIDIA Sterownik graficzny 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.4.2.12697 - Electronic Arts, Inc.) Panel sterowania NVIDIA 376.33 (Version: 376.33 - NVIDIA Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) The Forest (HKLM\...\Steam App 242760) (Version: - Endnight Games Ltd) TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team) Unity Web Player (HKU\S-1-5-21-1469676549-4071989466-3462987422-1000\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS) Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{67847964-08E2-4A8F-B09D-B08D5CE69250}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3141468) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CB85A0CF-0448-43D8-8006-173A8C84A018}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3141468) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CB85A0CF-0448-43D8-8006-173A8C84A018}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3141468) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{CB85A0CF-0448-43D8-8006-173A8C84A018}) (Version: - Microsoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) WERSJA DEMO FIFA 17 (HKLM-x32\...\{39C00B2C-EA3C-4A6B-AECF-DADA0F09C2AE}) (Version: 1.0.45.26330 - Electronic Arts) WinRAR 5.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1469676549-4071989466-3462987422-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-1469676549-4071989466-3462987422-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Bernard\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0E1E4BD9-2793-457F-B26C-D68A6170FBA5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd) Task: {1298CDFB-7766-4D25-9C9F-5155C198DE7F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation) Task: {1B7D76D5-E0D1-4351-A52C-3F09CD65F996} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {20199637-AA2E-4493-91AD-CED3B8E60199} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-25] (Google Inc.) Task: {27934504-71AA-4186-91B6-C38E8FDE9D3C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation) Task: {364CC231-3ED3-4D55-8900-EBA9B3311097} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-25] (Google Inc.) Task: {3A306C16-2E68-47E2-9B4F-49688B953FC2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation) Task: {70685922-2ED7-48EF-A0CD-47D91965EA3B} - System32\Tasks\{E525ED94-2189-484E-BACE-CCE90D184042} => Chrome.exe hxxps://ui.skype.com/ui/0/7.31.80.104/pl/go/help.faq.installer?LastError=1603 Task: {795CB076-8D8F-4044-9422-799DD55C98A9} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe Task: {AFB22E0A-414A-4318-8E06-F919A789929B} - System32\Tasks\{C389BFFC-0514-402E-A8B7-7831540B2908} => Chrome.exe hxxps://ui.skype.com/ui/0/7.31.80.104/pl/go/help.faq.installer?LastError=1603 Task: {BD054950-1F6A-4848-A125-850421C778E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {C24C280B-C57E-48AD-A4A1-9750E7907051} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation) Task: {C3BA2CCC-F2ED-485D-B773-583A5EB7B8D5} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation) Task: {D744E294-6D78-4A1B-9DC5-2A0528078115} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {D9290C41-FBBD-48E2-ADFE-8D31FDF69D71} - System32\Tasks\PPI Update => "hxxp://insightcdn.online/download/index.php?mn=9995" <==== UWAGA Task: {DCF17AE0-EC74-416F-AE78-38A2E4BC4A21} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation) Task: {F51CD42F-1620-42D5-B398-38CE247A5D90} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe Task: {FE2266E8-3E04-444E-966D-BA9F68557B59} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-12-26 17:30 - 2017-02-06 18:42 - 00981576 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe 2016-09-25 15:32 - 2016-12-11 19:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-01-01 18:23 - 2017-01-20 19:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-01-01 18:23 - 2017-01-20 19:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2016-12-26 17:30 - 2017-02-06 18:42 - 02183752 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe 2017-01-01 18:23 - 2017-01-20 19:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2017-01-01 18:23 - 2017-01-20 19:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-01-01 18:23 - 2017-01-20 19:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll 2016-12-26 14:43 - 2016-12-26 14:42 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll 2016-12-14 22:16 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll 2016-12-14 22:16 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1469676549-4071989466-3462987422-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bernard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\Services: ASGT => 2 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: igfxCUIService1.0.0.0 => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: NvNetworkService => 2 MSCONFIG\Services: NvStreamSvc => 2 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: Origin Web Helper Service => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: Stereo Service => 2 MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart MSCONFIG\startupreg: GG => "C:\Users\Bernard\AppData\Local\GG\Application\gghub.exe" MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [VirtualPC-In-UDP-1] => %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-UDP-2] => %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-TCP-1] => %SystemRoot%\System32\vpc.exe FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe FirewallRules: [{C286D784-31B8-45A8-8C1F-7E28EA9002D4}] => C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{5A2943FD-353E-4D5F-8AB0-DB0131AF7AF3}] => C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{FB7AF71F-403D-46E4-9A6A-2C205C46F483}] => C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe FirewallRules: [{A7F7F539-8D36-4626-AA44-E8F13BDD83E6}] => C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe FirewallRules: [{B619CDD5-E61F-400C-BEC5-939891438825}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{A2441BBF-5E0E-43D0-817D-3CAD0FBD76F9}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{F3BE3F78-E693-442D-A492-F5015EEBE1FB}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{5F095F19-7091-4428-9CEC-802CF7C69962}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{7DBFEDB5-D796-449E-9239-CC2B0285002C}C:\games\ball 3d\game\ball 3d.exe] => C:\games\ball 3d\game\ball 3d.exe FirewallRules: [UDP Query User{5B9291BF-A69D-469D-81DC-2B5178504CED}C:\games\ball 3d\game\ball 3d.exe] => C:\games\ball 3d\game\ball 3d.exe FirewallRules: [{3EDF48E8-8A9B-4DFD-8002-F2D6FBCBCAE1}] => C:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe FirewallRules: [{7673A820-C845-46F9-9A65-40AEA42A4029}] => C:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe FirewallRules: [{B41805F5-956B-44A9-A466-793A09D802F9}] => C:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe FirewallRules: [{6A171299-3DA0-4A9F-A639-FBBE165AEA0A}] => C:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe FirewallRules: [{92E7AB26-C0EF-4CB9-B5B6-4EC511B97E50}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{C45AF75B-9AE7-40B0-A2C5-FC6AF90FF4AC}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{BFE39877-2E2F-40CE-87D2-3B17F7A7FCD7}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{B185F138-0F66-4D18-B3CC-080B8F63DDF0}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{D1A2D89A-FA12-426C-B1B2-FD3B27EDDC68}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{051276E1-1CBA-43C3-B1BE-EF4E6382D64E}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{E3E6EC7D-2B27-4BA0-A856-38E4FF2BD0E7}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{49E90544-D717-4641-B9B7-B7E6F08CF930}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{6AC713C8-422A-430D-9F63-B322E28239A4}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{E6D64133-F439-4FE0-A1F3-ECE522600785}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{737AE1AD-4655-458E-82EC-6FE981F5A6D9}] => C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe FirewallRules: [{82A2BD1E-B270-45A4-90CB-F1FCC9C679A3}] => C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe FirewallRules: [{561B760F-58DE-4C45-977F-7FA884224B89}] => C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe FirewallRules: [{EFA17CE5-AF07-4FEE-9C9D-652E9072F1B3}] => C:\Program Files (x86)\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe FirewallRules: [{043E0043-7A24-4760-8D7D-95C99EE171DD}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{2AF576F1-E04E-4C12-BDAD-84B7B668EE15}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{D340393D-AD6F-483E-AF0D-CFE31AD77F51}] => C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{412425C0-8131-4363-B778-73066A2BE5F7}] => C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{96747F09-52CB-4950-AC8C-0D30B53F3970}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{7B3B04B6-6ADE-4D79-92DB-5EFAD3DE94BA}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{BEC3A666-B485-4929-973D-638E61AEDEF6}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{8CD764C0-EB16-4BC7-84D0-29F735EDB80B}] => C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{D1ACED47-E2BD-4884-A3D6-15C2B50E97A3}] => C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{268305DF-6502-4E3C-9710-080AA357DEA9}] => C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{A6288953-1F53-47D2-84F8-C0795E0B6E1D}] => C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{194DF292-3784-444B-AB94-9808A1F67A09}] => C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{BA439FD9-16B1-4016-A53B-D28335BE7B10}] => C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{3261B689-18AF-4BDE-B8D3-AB81E56BDC2B}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{957CB027-D7A0-4020-93FB-BA6161BC5A6B}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{3775FA8A-19E1-42A4-A524-4A9A2BB70EA0}] => C:\Program Files (x86)\Origin Games\FIFA 17 DEMO\FIFASetup\fifaconfig.exe FirewallRules: [{6DB42329-2CC9-4610-B420-A0923548A206}] => C:\Program Files (x86)\Origin Games\FIFA 17 DEMO\FIFASetup\fifaconfig.exe FirewallRules: [TCP Query User{802467C9-11C4-4CB9-93D2-17FFCEE78430}C:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe] => C:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe FirewallRules: [UDP Query User{B0CBC95B-6BF1-4797-A5EE-7AC74F15857A}C:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe] => C:\program files (x86)\origin games\fifa 17 demo\fifa17_demo.exe ==================== Punkty Przywracania systemu ========================= 05-02-2017 15:48:05 Windows Update 06-02-2017 11:30:06 Windows Update 06-02-2017 12:05:33 Windows Update 06-02-2017 13:07:31 Windows Update 06-02-2017 13:22:49 Windows Update 06-02-2017 13:29:08 Windows Update 06-02-2017 14:07:41 Windows Update 06-02-2017 14:15:39 Usunięte LG Mobile Driver 06-02-2017 14:25:09 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (02/07/2017 12:09:47 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/06/2017 07:27:20 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Steam.exe w wersji 3.78.49.52 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1324 Godzina rozpoczęcia: 01d280a6553d949f Godzina zakończenia: 10 Ścieżka aplikacji: C:\Program Files (x86)\Steam\Steam.exe Identyfikator raportu: dd415a03-ec99-11e6-9992-fcaa1426d239 Error: (02/06/2017 07:24:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/06/2017 02:41:54 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/06/2017 02:35:16 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/06/2017 02:21:51 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/06/2017 01:46:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Explorer.EXE, wersja: 6.1.7601.23537, sygnatura czasowa: 0x57c44efe Nazwa modułu powodującego błąd: SHLWAPI.dll, wersja: 6.1.7601.17514, sygnatura czasowa: 0x4ce7c9ab Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000007306 Identyfikator procesu powodującego błąd: 0x844 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2807633478493 Ścieżka aplikacji powodującej błąd: C:\Windows\Explorer.EXE Ścieżka modułu powodującego błąd: C:\Windows\system32\SHLWAPI.dll Identyfikator raportu: 5443a924-ec6a-11e6-afb1-fcaa1426d239 Error: (02/06/2017 01:39:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (02/06/2017 01:35:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Ball 3D.exe, wersja: 5.5.0.46319, sygnatura czasowa: 0x5836fd87 Nazwa modułu powodującego błąd: Ball 3D.exe, wersja: 5.5.0.46319, sygnatura czasowa: 0x5836fd87 Kod wyjątku: 0xc000041d Przesunięcie błędu: 0x006b5c5c Identyfikator procesu powodującego błąd: 0x16dc Godzina uruchomienia aplikacji powodującej błąd: 0x01d280757736ce9a Ścieżka aplikacji powodującej błąd: C:\Games\Ball 3D\game\Ball 3D.exe Ścieżka modułu powodującego błąd: C:\Games\Ball 3D\game\Ball 3D.exe Identyfikator raportu: cbada320-ec68-11e6-9eb8-fcaa1426d239 Error: (02/06/2017 01:35:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Ball 3D.exe, wersja: 5.5.0.46319, sygnatura czasowa: 0x5836fd87 Nazwa modułu powodującego błąd: Ball 3D.exe, wersja: 5.5.0.46319, sygnatura czasowa: 0x5836fd87 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x006b5c5c Identyfikator procesu powodującego błąd: 0x16dc Godzina uruchomienia aplikacji powodującej błąd: 0x01d280757736ce9a Ścieżka aplikacji powodującej błąd: C:\Games\Ball 3D\game\Ball 3D.exe Ścieżka modułu powodującego błąd: C:\Games\Ball 3D\game\Ball 3D.exe Identyfikator raportu: c981e15d-ec68-11e6-9eb8-fcaa1426d239 Dziennik System: ============= Error: (02/07/2017 12:09:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (02/07/2017 12:09:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (02/07/2017 12:08:32 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił następujący błąd: Odmowa dostępu. . Error: (02/07/2017 12:08:15 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił następujący błąd: Odmowa dostępu. . Error: (02/06/2017 10:26:49 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił następujący błąd: Odmowa dostępu. . Error: (02/06/2017 10:26:44 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {F9717507-6651-4EDB-BFF7-AE615179BCCF} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (02/06/2017 07:23:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (02/06/2017 07:23:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (02/06/2017 07:23:06 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił następujący błąd: Odmowa dostępu. . Error: (02/06/2017 07:22:51 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił następujący błąd: Odmowa dostępu. . ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz Procent pamięci w użyciu: 24% Całkowita pamięć fizyczna: 12180.22 MB Dostępna pamięć fizyczna: 9174.77 MB Całkowita pamięć wirtualna: 24358.63 MB Dostępna pamięć wirtualna: 21184.19 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:450.66 GB) (Free:243.48 GB) NTFS Drive d: () (Fixed) (Total:15 GB) (Free:14.91 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8D837008) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=450.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================