Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:09-12-2015 Uruchomiony przez 7 (2015-12-09 18:09:26) Uruchomiony z C:\Users\7\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2014-07-31 18:04:27) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= 7 (S-1-5-21-4265689537-3529688487-1946468061-1000 - Administrator - Enabled) => C:\Users\7 Administrator (S-1-5-21-4265689537-3529688487-1946468061-500 - Administrator - Disabled) ASPNET (S-1-5-21-4265689537-3529688487-1946468061-1002 - Limited - Enabled) Gość (S-1-5-21-4265689537-3529688487-1946468061-501 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-4265689537-3529688487-1946468061-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.7.4.10 (Version: 2.7.4.10 - NVIDIA Corporation) Hidden Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.6.2.40658 - Electronic Arts) BB FlashBack Express 5 (HKLM-x32\...\BB FlashBack Express 5) (Version: 5.3.0.3386 - Blueberry) CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform) Contagion (HKLM-x32\...\Steam App 238430) (Version: - Monochrome, Inc) CWK (Czasowy Wyłącznik Komputera) (HKLM-x32\...\CWK) (Version: 2.52.3.43 - Damian Pasternak) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Euro Truck Simulator 2 (HKLM-x32\...\Euro Truck Simulator 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) FIFA 15, âĺđńč˙ 1.0.0.0 (HKLM-x32\...\FIFA 15_is1) (Version: 1.0.0.0 - RePack by SEYTER) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) KeyTweak - Keyboard Remapper (remove only) (HKLM-x32\...\KeyTweak) (Version: - ) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 42.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 pl)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.00 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Sterownik graficzny 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.00 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) OpenFM (HKU\S-1-5-21-4265689537-3529688487-1946468061-1000\...\OpenFM) (Version: 2 - GG Network S.A.) Origin (HKLM-x32\...\Origin) (Version: 9.4.12.2807 - Electronic Arts, Inc.) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) Panel sterowania NVIDIA 359.00 (Version: 359.00 - NVIDIA Corporation) Hidden PLAY ONLINE (HKLM-x32\...\PLAY ONLINE) (Version: 23.015.02.02.264 - Huawei Technologies Co.,Ltd) Polski pakiet językowy dla programu Microsoft .NET Framework 4.5 PLK (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50709 - Microsoft Corporation) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.105 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-4265689537-3529688487-1946468061-1000\...\Spotify) (Version: 1.0.10.107.gd0dfca3a - Spotify AB) SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.21.10.4584 - Enigma Software Group, LLC) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) ZOTAC FireStorm (HKLM-x32\...\ZOTAC FireStorm) (Version: - ) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Punkty Przywracania systemu ========================= 06-12-2015 23:34:49 Zainstalowano: Microsoft Visual C++ 2005 Redistributable (x64) 06-12-2015 23:35:08 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 06-12-2015 23:35:13 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 06-12-2015 23:35:59 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 06-12-2015 23:36:00 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 06-12-2015 23:36:31 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 06-12-2015 23:37:07 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 06-12-2015 23:37:56 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 09-12-2015 12:56:57 Installed AVG 2016 09-12-2015 12:57:19 Installed AVG 09-12-2015 14:28:03 Removed AVG 09-12-2015 14:29:26 Removed AVG 2016 09-12-2015 15:48:57 Removed Skype Click to Call 09-12-2015 16:37:40 Removed Visual Studio 2012 x86 Redistributables 09-12-2015 17:49:36 Removed ON_OFF Charge B12.1025.1 ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2015-08-03 10:35 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {3E2EC08B-73CA-46FB-874A-271FABADA93E} - \Steam_x64-S-2-106-91 -> Brak pliku <==== UWAGA Task: {9E8E992F-D811-4698-AF9F-5C93310C695C} - System32\Tasks\{6B8F8BFA-4EC5-41E3-868D-B7ED528CB070} => pcalua.exe -a C:\Users\7\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=cor Task: {CBFC33B6-DFB3-4081-94A2-C2B053856BBE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449660685&z=0e7c6e7dcacd502db5a0f58g1z4z6t4qeq1eaqcbfz&from=ient07021&uid=WDCXWD10EZRX-00L4HB0_WD-WCC4J6P9NAK99NAK9 <==== UWAGA ShortcutWithArgument: C:\Users\7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449660685&z=0e7c6e7dcacd502db5a0f58g1z4z6t4qeq1eaqcbfz&from=ient07021&uid=WDCXWD10EZRX-00L4HB0_WD-WCC4J6P9NAK99NAK9 <==== UWAGA ShortcutWithArgument: C:\Users\7\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449660685&z=0e7c6e7dcacd502db5a0f58g1z4z6t4qeq1eaqcbfz&from=ient07021&uid=WDCXWD10EZRX-00L4HB0_WD-WCC4J6P9NAK99NAK9 <==== UWAGA ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449660685&z=0e7c6e7dcacd502db5a0f58g1z4z6t4qeq1eaqcbfz&from=ient07021&uid=WDCXWD10EZRX-00L4HB0_WD-WCC4J6P9NAK99NAK9 <==== UWAGA ShortcutWithArgument: C:\Users\Public\Desktop\FIFA 15.lnk -> E:\Program Files (x86)\FIFA 15\FIFA 15\Launcher.exe () -> hxxp://www.yoursites123.com/?type=sc&ts=1449660685&z=0e7c6e7dcacd502db5a0f58g1z4z6t4qeq1eaqcbfz&from=ient07021&uid=WDCXWD10EZRX-00L4HB0_WD-WCC4J6P9NAK99NAK9 <==== UWAGA ==================== Załadowane moduły (filtrowane) ============== 2014-07-31 19:21 - 2015-11-14 07:06 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-10-28 03:02 - 2013-10-28 03:02 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2014-08-30 12:15 - 2013-10-26 10:45 - 00651856 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe 2014-08-02 17:28 - 2015-05-04 12:07 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe 2015-11-21 03:16 - 2015-11-16 04:35 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2014-08-30 12:15 - 2013-08-31 06:44 - 02417152 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtCore4.dll 2014-08-30 12:15 - 2009-01-10 19:32 - 00011362 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\mingwm10.dll 2014-08-30 12:15 - 2009-06-23 03:42 - 00043008 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll 2014-08-30 12:15 - 2013-08-31 06:46 - 01148416 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtNetwork4.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-4265689537-3529688487-1946468061-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\7\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp DNS Servers: 192.168.8.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupfolder: C:^Users^7^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Download.lnk => C:\Windows\pss\Download.lnk.Startup MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\7\AppData\Local\Akamai\netsession_win.exe" MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spotify => "C:\Users\7\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\7\AppData\Roaming\Spotify\SpotifyWebHelper.exe" MSCONFIG\startupreg: uTorrent => "C:\Users\7\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED MSCONFIG\startupreg: VCVS01EN => "C:\Program Files\ACD Systems\ACDSee Video Studio\acdIDInTouch2.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{7494725A-B722-4239-8798-623A1EE9AB4B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{B1C3CE8D-CC6D-4E44-94E9-9E3023C7A26B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{54F7FB33-90CC-4E68-89DE-E9ED36134508}] => (Allow) C:\Users\7\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{584429B0-57EB-4385-B182-210E11FBD49B}] => (Allow) C:\Users\7\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0A125150-C249-4A89-9D0C-F289CC146FE4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{958CBD74-1675-4AF3-8C9A-735909939C36}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{C1CBC3DF-C9E8-4A7E-A23A-5AB9857E1CE4}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{C2A674B8-4871-4653-85BF-EF172622D927}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{E7DE32D6-34AB-4625-8F2C-4A419B1423D3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{B173474A-79E6-4EA9-8057-A48AD68364CE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{DD0447D5-BDD2-47DE-B192-38DB482F393F}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe FirewallRules: [{5F613685-B7DA-498A-B700-02A3E9E29D2D}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe FirewallRules: [{57566720-32D5-4145-9944-ADC10D9F82AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{CE31742B-39EC-49B8-88E8-4C2994772DC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{A2BE52FB-FC1F-4A46-9A7D-C936DCA63D3A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{954ADB39-1F1A-4B6C-AE10-0B617411437A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9B1E1510-B195-4591-8E08-0BD0F377F0F7}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe FirewallRules: [{514A196F-F6AA-49F1-A525-66D85650676D}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe FirewallRules: [{AF41B49C-D960-40D3-A9BA-823FD2BE41C9}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe FirewallRules: [{60DFCCE6-34B5-48A8-8ADF-76B3F899F0A5}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe FirewallRules: [{F0EE3095-E447-4811-8F1B-34FAFCDAC4A5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{B9AD0976-0C53-4B0B-81B6-90F28E2BFDCC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{42171B93-725D-41B4-A9A5-A366B85FBADC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{4F45BB36-DD98-4DC7-A81F-E87D24921675}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{76086A22-1B1B-4A1E-9E1A-026C83B0D50C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{85F26563-F310-4D37-ABE8-8F6ED39BB392}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CB551EA4-58C6-4B97-A5FB-D687BC38C776}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{E5493B5C-AE31-404C-850A-DD555022F424}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{00BB190D-7722-4E5F-84B0-66B13E22E720}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{D105BB74-1099-4285-904F-3465C9422F57}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{AA4A03EF-1DB2-4D74-9A79-AD5A9B331B0E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{5C6640A6-0D0E-4639-9331-68FABECA2F37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{BCBB08F4-F49B-4BDE-8C21-A6FAE9748F3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{CC93BA67-B4E4-47FA-8565-18B3C4F9E4C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{20516A99-608C-46A2-9BAE-2A778BC54473}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E6FBB6C9-429D-48EF-985D-16D4C3A8F646}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F6FF7DCC-997E-436E-9783-75AD52D4C96F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Contagion\contagion.exe FirewallRules: [{39DF1F47-8E91-4D98-A0E6-C23F1F240CF6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Contagion\contagion.exe FirewallRules: [{B6BB332B-A921-46A2-A062-3B11B57B393F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{B75DCD7E-9D31-4165-B80C-25E8BEE9EA96}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/09/2015 05:45:48 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/09/2015 04:28:36 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/09/2015 02:41:14 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/09/2015 02:32:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/09/2015 02:29:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary AVGIDSDriver. System Error: Nie można odnaleźć określonego pliku. . Error: (12/09/2015 02:15:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/09/2015 01:02:45 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/09/2015 12:31:39 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/08/2015 03:20:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 42.0.0.5780, sygnatura czasowa: 0x5632d0a4 Nazwa modułu powodującego błąd: mozglue.dll, wersja: 42.0.0.5780, sygnatura czasowa: 0x5632ba58 Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x0000ed50 Identyfikator procesu powodującego błąd: 0x10e4 Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0 Ścieżka aplikacji powodującej błąd: plugin-container.exe1 Ścieżka modułu powodującego błąd: plugin-container.exe2 Identyfikator raportu: plugin-container.exe3 Error: (12/08/2015 02:13:10 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Dziennik System: ============= Error: (12/09/2015 05:44:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error: (12/09/2015 05:44:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error: (12/09/2015 05:43:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/09/2015 05:43:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa bramy warstwy aplikacji niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/09/2015 05:43:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa PnkBstrA niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/09/2015 05:43:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Network Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/09/2015 05:43:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa HWDeviceService64.exe niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/09/2015 05:43:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA GeForce Experience Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/09/2015 05:43:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/09/2015 05:43:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Stereoscopic 3D Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. CodeIntegrity: =================================== Date: 2015-08-03 11:35:16.538 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-03 11:35:16.507 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-03 11:35:16.491 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-03 11:35:16.460 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-02-04 16:23:48.619 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-02-04 16:23:48.588 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: AMD FX(tm)-6300 Six-Core Processor Procent pamięci w użyciu: 23% Całkowita pamięć fizyczna: 8189.55 MB Dostępna pamięć fizyczna: 6299.81 MB Całkowita pamięć wirtualna: 16377.3 MB Dostępna pamięć wirtualna: 14281.45 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:467.88 GB) (Free:362.7 GB) NTFS Drive d: (PLAY ONLINE) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS Drive e: () (Fixed) (Total:463.53 GB) (Free:229.3 GB) NTFS Drive i: (PLAY ONLINE) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3ADE4CA3) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=467.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=463.5 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================