Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja:09-12-2015 Uruchomiony przez Michał (2015-12-10 19:47:39) Uruchomiony z C:\Users\Michał\Desktop\pobrane Microsoft Windows 7 Professional Service Pack 1 (X86) (2014-09-02 17:37:56) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3406099390-1331833789-2179768664-500 - Administrator - Disabled) Ania (S-1-5-21-3406099390-1331833789-2179768664-1001 - Administrator - Enabled) => C:\Users\Ania Gość (S-1-5-21-3406099390-1331833789-2179768664-501 - Limited - Disabled) Michał (S-1-5-21-3406099390-1331833789-2179768664-1000 - Administrator - Enabled) => C:\Users\Michał ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) @BIOS (HKLM\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.08 - GIGABYTE) Adobe Acrobat Reader DC - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated) Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.) Aktualizacje NVIDIA 2.5.14.5 (Version: 2.5.14.5 - NVIDIA Corporation) Hidden AutoGreen B09.1014.2 (HKLM\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) AutoGreen B09.1014.2 (Version: 1.00.0000 - GIGABYTE) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform) Cheat Engine 6.4 (HKLM\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) DES 2.0 (HKLM\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte) Easy Tune 6 B10.0521.1 (HKLM\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Easy Tune 6 B10.0521.1 (Version: 1.00.0000 - GIGABYTE) Hidden FIFA 07 (HKLM\...\{5A438E06-0BB3-4C5F-0085-B14F1F4077E6}) (Version: - ) foobar2000 v1.3.3 (HKLM\...\foobar2000) (Version: 1.3.3 - Peter Pawlowski) Galeria fotografii (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Gigabyte Raid Configurer (HKLM\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.) Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.) Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden K-Lite Codec Pack 10.7.0 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.7.0 - ) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft SharePoint Designer 2010 (HKLM\...\Office14.SharePointDesigner) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 42.0 (x86 pl) (HKLM\...\Mozilla Firefox 42.0 (x86 pl)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla) Nero 8 (HKLM\...\{6D45EF03-E8EE-4355-81C3-F918CBCF1045}) (Version: 8.3.325 - Nero AG) NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA Sterownik graficzny 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) ON_OFF Charge B10.0427.1 (HKLM\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) OpenFM (HKU\S-1-5-21-3406099390-1331833789-2179768664-1000\...\OpenFM) (Version: 2 - GG Network S.A.) Origin (HKLM\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.) Panel sterowania NVIDIA 355.82 (Version: 355.82 - NVIDIA Corporation) Hidden PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden Pesgalaxy.com Patch 2016 (HKLM\...\Pesgalaxy.com Patch 2016 1.00) (Version: 1.00 - Pesgalaxy) Pesgalaxy.com Patch 2016 (HKLM\...\Pesgalaxy.com Patch 2016 1.50) (Version: 1.50 - Pesgalaxy) Pesgalaxy.com Patch 2016 DLC Installer (HKLM\...\Pesgalaxy.com Patch 2016 DLC Installer 1.00) (Version: 1.00 - Pesgalaxy) Poczta usługi Windows Live (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Pro Evolution Soccer 2016 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - ) Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden Smart 6 B10.0422.1 (HKLM\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE) Smart View 2.0 (HKLM\...\{FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1}) (Version: 1.0.0.0 - Samsung) SopCast 3.9.6 (HKLM\...\SopCast) (Version: 3.9.6 - www.sopcast.com) SpyHunter (HKLM\...\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}) (Version: 4.1.11 - Enigma Software Group USA, LLC) SpyHunter 4 (HKLM\...\SpyHunter) (Version: 4.20.9.4533 - Enigma Software Group, LLC) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden USB Vibration Joystick (HKLM\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - ) WERSJA DEMO FIFA 16 (HKLM\...\{D09AD1AE-6AAC-45EB-B9F6-C1F223DD8481}) (Version: 1.0.0.0 - Electronic Arts) WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Punkty Przywracania systemu ========================= 09-12-2015 17:22:38 Automatic creation 10-12-2015 11:10:54 Automatic creation 10-12-2015 19:44:33 Automatic creation ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:04 - 2015-12-10 19:00 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {01405F79-D20F-448F-BAC4-F8B6C4E99C2C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated) Task: {06085E12-A0AB-4255-8741-9F1124D02508} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-07] (Google Inc.) Task: {196BD4CC-530E-4433-92AC-9D22000367E9} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRCreate => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SrCmdCLR.exe" -c 1 Task: {5B6D343B-D3A4-42AE-9FF6-92B8B2C9E0E0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd) Task: {68D29CC4-6030-4A3D-B273-44DB5BB254D1} - \SW-Booster-S-792098896 -> Brak pliku <==== UWAGA Task: {78666FBD-481B-4D46-958D-510354C4A009} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-07] (Google Inc.) Task: {835F4D67-7039-4323-9871-32B9433362FD} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRFilter => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SRFilter.exe" /GBSMART6 -kdl Task: {8E28EEF6-86BC-4FDF-91D8-A4AAF94D822F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449734177&z=153799277306be2a11535e3gczfz6t8m5c8z7g4b9o&from=ient07021&uid=SAMSUNGXHD502HI_S1VZJ90ZC27776 <==== UWAGA ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449734177&z=153799277306be2a11535e3gczfz6t8m5c8z7g4b9o&from=ient07021&uid=SAMSUNGXHD502HI_S1VZJ90ZC27776 <==== UWAGA ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449734177&z=153799277306be2a11535e3gczfz6t8m5c8z7g4b9o&from=ient07021&uid=SAMSUNGXHD502HI_S1VZJ90ZC27776 <==== UWAGA ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449734177&z=153799277306be2a11535e3gczfz6t8m5c8z7g4b9o&from=ient07021&uid=SAMSUNGXHD502HI_S1VZJ90ZC27776 <==== UWAGA ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449734177&z=153799277306be2a11535e3gczfz6t8m5c8z7g4b9o&from=ient07021&uid=SAMSUNGXHD502HI_S1VZJ90ZC27776 <==== UWAGA ShortcutWithArgument: C:\Users\Michał\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449734177&z=153799277306be2a11535e3gczfz6t8m5c8z7g4b9o&from=ient07021&uid=SAMSUNGXHD502HI_S1VZJ90ZC27776 <==== UWAGA ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449734177&z=153799277306be2a11535e3gczfz6t8m5c8z7g4b9o&from=ient07021&uid=SAMSUNGXHD502HI_S1VZJ90ZC27776 <==== UWAGA ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yoursites123.com/?type=sc&ts=1449734177&z=153799277306be2a11535e3gczfz6t8m5c8z7g4b9o&from=ient07021&uid=SAMSUNGXHD502HI_S1VZJ90ZC27776 <==== UWAGA ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yoursites123.com/?type=sc&ts=1449734177&z=153799277306be2a11535e3gczfz6t8m5c8z7g4b9o&from=ient07021&uid=SAMSUNGXHD502HI_S1VZJ90ZC27776 <==== UWAGA ==================== Załadowane moduły (filtrowane) ============== 2014-09-02 18:54 - 2009-06-17 15:13 - 00068136 _____ () C:\Program Files\GIGABYTE\EnergySaver2\des2svr.exe 2014-09-02 18:54 - 2009-05-04 16:56 - 00102400 _____ () C:\Program Files\GIGABYTE\EnergySaver2\ycc.dll 2015-09-19 14:44 - 2015-08-25 15:27 - 00106288 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2010-01-30 01:41 - 2010-01-30 01:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2015-09-19 14:45 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll 2015-12-10 19:41 - 2014-01-28 18:36 - 00380416 _____ () C:\Users\MICHA~1\AppData\Local\Temp\Rar$EXa0.364\gmer.exe 2015-12-10 19:45 - 2015-12-10 19:45 - 43863784 _____ () C:\Users\Michał\Downloads\Firefox Setup 42.0.exe ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3406099390-1331833789-2179768664-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start MSCONFIG\startupreg: JMB36X IDE Setup => C:\Windows\RaidTool\xInsIDE.exe MSCONFIG\startupreg: NBKeyScan => "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [TCP Query User{F8E3E20E-BFB9-4366-AA82-D3DCCD9EC6B9}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe FirewallRules: [UDP Query User{01FA2763-F5AC-4BD8-A864-89B01E0DC6BC}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe FirewallRules: [{614F69F5-6B69-419C-BB3D-F43B5C67B1BF}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{E42BFED1-C0A2-44C9-9685-2C934E2A4DD6}] => (Allow) C:\Users\Michał\Downloads\solutoinstaller.exe FirewallRules: [{3F4C3CCC-38EB-41B5-89BC-6998D7676E38}] => (Allow) C:\Users\Michał\Downloads\solutoinstaller.exe FirewallRules: [{BFABD70D-44FD-4A97-8933-F5824E5FBC69}] => (Allow) C:\Program Files\SmartView2\Smart View 2.0.exe FirewallRules: [{A7473336-D936-43B4-BD7E-6869597B563F}] => (Allow) C:\Program Files\SmartView2\Smart View 2.0.exe FirewallRules: [{4A9E98AE-1964-46F5-AF85-27F4ADAD1FFF}] => (Allow) C:\Program Files\SmartView2\Smart View 2.0.exe FirewallRules: [{ABA52569-5C1B-4C6A-8EEB-3F81A3131C33}] => (Allow) C:\Program Files\SmartView2\Smart View 2.0.exe FirewallRules: [{7B09C16A-A427-4727-8BE3-A251C8AF3814}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{7BAACBAA-C129-4245-8318-060870D47F6C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{65DC10DB-05B0-4463-9C6A-4CE8691803B2}] => (Allow) D:\Program Files\FIFA 16 DEMO\fifasetup\fifaconfig.exe FirewallRules: [{C586BE70-0681-45EF-A15E-B3ADEEEB040D}] => (Allow) D:\Program Files\FIFA 16 DEMO\fifasetup\fifaconfig.exe FirewallRules: [TCP Query User{998654EC-B715-4177-A131-0F37CFA7F1B6}D:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) D:\program files\pro evolution soccer 2016\pes2016.exe FirewallRules: [UDP Query User{B98764C0-6B72-4E3B-8901-8C9B7A027F28}D:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) D:\program files\pro evolution soccer 2016\pes2016.exe FirewallRules: [{8B32FC86-0563-4E08-9EDE-7D32B56FE8D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{A0699406-38D2-4475-81C7-9EE33E521403}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{70ACC491-58C7-4EA5-AA58-BCD230A623E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{7F2D51FF-ED7D-49EA-955C-93D8EB32EFA5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{235DDBF6-1A76-4A27-B537-84443D1E6D23}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{DEE13650-1B2A-486E-9C4E-17A0CF9572BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{9202AD8D-47EF-445D-99E9-97CBFDEC8C38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{860C1C10-7D18-4FFC-A23D-6563F96B150C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{DD6E889C-F95E-4018-8901-2BFB05EF8B85}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{1171B389-9F20-4030-8F73-BE2731E0A80C}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{2006B371-4EB2-48E4-84E9-DB43675F34B6}] => (Allow) LPort=2869 FirewallRules: [{8D6C6215-587E-4751-B326-6E137582D460}] => (Allow) LPort=1900 FirewallRules: [{75D138A1-0944-4DAE-9F62-166E2DBFAB38}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{B19D23BA-3315-474F-A7B1-E1C4AF1A24D2}] => (Allow) D:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{4384A056-7EA9-4226-8867-E646536A9CB7}] => (Allow) D:\Program Files\Mozilla Firefox\firefox.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: G:\ Description: USB CF Reader Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Generic Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: wfdrvr_vt_1_10_0_28 Description: wfdrvr_vt_1_10_0_28 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: wfdrvr_vt_1_10_0_28 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: I:\ Description: USB MS Reader Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Generic Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: H:\ Description: USB SD Reader Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Generic Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: tcfd_vt_1_10_0_22 Description: tcfd_vt_1_10_0_22 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: tcfd_vt_1_10_0_22 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: J:\ Description: USB SM Reader Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Generic Service: WUDFRd Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/10/2015 07:44:29 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {ca657a21-3369-45d7-b620-07cbe0024ece} Error: (12/10/2015 07:16:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/10/2015 07:11:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/10/2015 06:54:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/10/2015 06:32:36 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/10/2015 06:02:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/10/2015 02:47:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/10/2015 11:10:50 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {ae14cb86-69a6-4843-bd12-50e0608a7601} Error: (12/10/2015 10:42:27 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/10/2015 08:56:33 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Dziennik System: ============= Error: (12/10/2015 07:14:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: tcfd_vt_1_10_0_22 wfdrvr_vt_1_10_0_28 Error: (12/10/2015 07:10:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: tcfd_vt_1_10_0_22 wfdrvr_vt_1_10_0_28 Error: (12/10/2015 07:09:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Smart TimeLock Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 100 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/10/2015 07:09:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/10/2015 07:09:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Live ID Sign-in Assistant niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/10/2015 07:09:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Smart TimeLock Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 100 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/10/2015 07:09:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa PLFlash DeviceIoControl Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/10/2015 07:09:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Streamer Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/10/2015 07:09:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Network Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/10/2015 07:09:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Nero BackItUp Scheduler 3 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5 CPU 661 @ 3.33GHz Procent pamięci w użyciu: 40% Całkowita pamięć fizyczna: 3575.49 MB Dostępna pamięć fizyczna: 2129.52 MB Całkowita pamięć wirtualna: 7149.27 MB Dostępna pamięć wirtualna: 5427.18 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:79.9 GB) (Free:18.25 GB) NTFS Drive d: () (Fixed) (Total:192.92 GB) (Free:111.38 GB) NTFS Drive e: () (Fixed) (Total:192.85 GB) (Free:37.17 GB) NTFS Drive f: () (Fixed) (Total:100.08 GB) (Free:1.22 GB) NTFS Drive k: (Pro Evolution Soccer 2016) (CDROM) (Total:4.84 GB) (Free:0 GB) UDF Drive l: () (Fixed) (Total:100.18 GB) (Free:50.27 GB) NTFS Drive m: () (Fixed) (Total:100.13 GB) (Free:24.54 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive n: () (Fixed) (Total:100.3 GB) (Free:44.22 GB) NTFS Drive o: () (Fixed) (Total:65.06 GB) (Free:28.89 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E25CDDB1) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=79.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=192.9 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=192.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3E7C69B6) Partition 1: (Active) - (Size=100.1 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=365.6 GB) - (Type=OF Extended) ==================== Koniec Addition.txt ============================