Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:05-03-2016 01 Uruchomiony przez Pawel (2016-03-29 23:06:41) Uruchomiony z C:\Users\Pawel\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2015-08-07 13:23:54) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-297010708-480915151-2761616004-500 - Administrator - Disabled) Guest (S-1-5-21-297010708-480915151-2761616004-501 - Limited - Disabled) Pawel (S-1-5-21-297010708-480915151-2761616004-1000 - Administrator - Enabled) => C:\Users\Pawel ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-297010708-480915151-2761616004-1000\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.) 4Story PL 5.1.185 (HKLM-x32\...\4Story_PL_is1) (Version: 5.1.185 - Gameforge4D GmbH) AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1500, 31.08.2015 - AIMP DevTeam) Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software) Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version: - DICE) Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) Eden4S version 33888 (HKLM-x32\...\{34AA00FF-DFF1-4BB2-9AF2-DD43866A934A}_is1) (Version: 33888 - Eden4S, Inc.) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games) GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.38.1036 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation) Kodi (HKU\S-1-5-21-297010708-480915151-2761616004-1000\...\Kodi) (Version: - XBMC-Foundation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{FD052FB9-FE90-4438-B355-15EDC89D8FB1}) (Version: 2.0.673.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Oprogramowanie Intel® PROSet/Wireless (HKLM-x32\...\{1e9b4847-4e73-4d00-91f5-96e0f6ce3e5a}) (Version: 16.1.1 - Intel Corporation) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.92.229.0 - Overwolf Ltd.) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games) SafeZone Stable 1.48.2066.44 (x32 Version: 1.48.2066.44 - Avast Software) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH) Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0415-0000-0000000FF1CE}_Office15.PROPLUS_{905D709F-3A3E-46BB-B1D5-A7AA11430819}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3114831) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BAEE7A38-3C9E-44DC-9E43-19FC94DD77E2}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3114831) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BAEE7A38-3C9E-44DC-9E43-19FC94DD77E2}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3114831) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0415-0000-0000000FF1CE}_Office15.PROPLUS_{BAEE7A38-3C9E-44DC-9E43-19FC94DD77E2}) (Version: - Microsoft) VAIO Care (HKLM\...\{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}) (Version: 8.1.0.10120 - Sony Corporation) VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 5.4.0.02260 - Sony Corporation) VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden WinRAR 5.21 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-297010708-480915151-2761616004-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {04019C21-E514-4BCE-A682-BC08E945C339} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd) Task: {0A933656-F211-42F1-ADF3-43C3A6116BAD} - System32\Tasks\{FE7F974D-2DDA-430D-A22C-080863746A93} => pcalua.exe -a "D:\Rise of Nations\Rise Of Nations spolszczenie.exe" -d "D:\Rise of Nations" Task: {16565698-ACDA-4BCD-98C0-58D2CC9C7E9A} - System32\Tasks\{D12DD7B7-FA17-4F84-A346-0E81B277031C} => pcalua.exe -a "C:\Users\Pawel\AppData\Local\Temp\Temp1_VAIO_Control_Center_4.1_4.1.0.10160.zip\VAIO Control Center 4.1 - 4.1.0.10160\setup.exe" Task: {17E13847-08E2-4AD7-97FF-04869617A955} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {2A3ACB57-E7E1-4D4D-A3C6-8EB64FBEB2D3} - System32\Tasks\{5C8B06F3-53C8-4BCF-AE17-2EFF8F0E8706} => D:\Eden4S\Eden4S\4Story.exe [2013-06-10] (Zemi Interactive Inc.) Task: {2BD2B0AF-A992-4375-952A-AE339D0139C9} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {3B48A647-14BA-450B-A562-38F3423E365E} - System32\Tasks\{1E039450-BF3B-4C7E-8F61-B620C1921175} => pcalua.exe -a "D:\Rise of Nations\Rise of Nations Thrones and Patriots spolszczenie.exe" -d "D:\Rise of Nations" Task: {41802A5B-A5E8-4BC1-9B5E-0C457F06FDCC} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2013-09-24] (Sony Corporation) Task: {4ED24C66-7B1F-4DF7-AE50-173220D68714} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {5DC98326-A8C6-4B23-94F1-7ABFDC11359B} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-03-21] (Overwolf LTD) Task: {62788788-5579-4361-A0A2-C9797D5814C2} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-11-23] (Sony Corporation) Task: {699A88D9-4352-42D3-99BB-85F2DFC2ECCF} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {79CBCFF4-863C-44D3-A85E-C3A91474B85D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-07] (Google Inc.) Task: {823BCF0C-6295-46C2-BC22-6858C8222BB5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {8621F248-ED5C-4B39-BE20-2D47DB9B7596} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {887CDD6D-C298-4226-8D1D-3727EB5584BF} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-11-23] (Sony Corporation) Task: {8E7C4AF0-89D2-4873-9715-DA5044425148} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {A553380C-9CC3-488D-84BD-CE275C94836A} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {AD71CCFC-550A-43A4-82FB-C59CE631FCA9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-03-26] (AVAST Software) Task: {B73F6849-BAAB-4531-AAB5-7391FF33B2ED} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2013-09-24] (Sony Corporation) Task: {BB643E8A-394B-4FA2-B9D4-E857D3130C1B} - System32\Tasks\SafeZone scheduled Autoupdate 1458993571 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-02-01] (Avast Software) Task: {C89F39B8-5B88-4136-95BE-6EBEC17606DF} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {C9E17527-B9D4-4FED-9600-6C1E8141888F} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation) Task: {DCA57F66-A467-43D3-8B2B-177E0A7848DD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {EAAB4441-6376-4D5F-A4C4-257E3CEA44A9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-26] (AVAST Software) Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -> Brak pliku <==== UWAGA Task: {EB5617E0-E251-4CF5-81D6-3DFB353F0839} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-07] (Google Inc.) Task: {F13F6F55-C6D4-45D0-9D35-58489B0BEA23} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2013-09-24] (Sony Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2015-11-05 15:59 - 2015-11-05 19:57 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-08-07 14:53 - 2015-08-07 14:53 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2015-08-07 14:56 - 2015-08-09 05:50 - 00404376 _____ () C:\Windows\system32\igfxTray.exe 2012-08-06 14:27 - 2012-08-06 14:27 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe 2015-07-17 18:34 - 2015-07-17 18:34 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2012-08-06 14:27 - 2012-08-06 14:27 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe 2016-03-26 12:49 - 2016-03-26 12:49 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2016-03-26 12:49 - 2016-03-26 12:49 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-03-29 22:25 - 2016-03-29 22:25 - 02846208 _____ () C:\Program Files\AVAST Software\Avast\defs\16032901\algo.dll 2016-03-26 12:49 - 2016-03-26 12:49 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-02-29 23:40 - 2012-11-23 23:48 - 00021128 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll 2015-08-07 14:53 - 2015-08-07 14:53 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2016-03-26 12:49 - 2016-03-26 12:49 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-03-17 12:48 - 2016-03-08 03:48 - 01676440 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll 2016-03-17 12:48 - 2016-03-08 03:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll 2016-03-24 15:20 - 2016-03-21 17:17 - 17541312 _____ () C:\Users\Pawel\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.197\pepflashplayer.dll 2016-03-29 23:03 - 2016-03-29 23:03 - 00380928 _____ () C:\Users\Pawel\Desktop\p1zwwj8c.exe ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-297010708-480915151-2761616004-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pawel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Sony MSS.lnk => C:\Windows\pss\Sony MSS.lnk.CommonStartup MSCONFIG\startupreg: 4StoryPrePatch => D:\GameforgeLive\Games\POL_pol\4Story\PrePatch.exe MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{78FA399C-DB69-41BB-BBF2-50061FB8A491}C:\users\pawel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pawel\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{F3412FDD-274D-4C17-BE8B-7EBCF43ED4C4}C:\users\pawel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pawel\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{62F29368-81FB-4E85-8736-43993F6282DB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{83781464-9BA4-4455-BEE0-7B226612288E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{37EA9EF8-EF8C-4D90-940A-A1C12B2CC28A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{348625F1-21B0-4BAD-B7EC-41B24987E4F8}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{0AA263DC-89CB-4DFF-BB25-F72038CE0EAE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{E5D93E9B-8D6A-4EC2-A4F2-0AA99DD5A663}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{0D0F3B8A-E04B-4704-858F-6B8E688D611A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{401EF0F9-5800-47B5-B3E8-B75200A3F89C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{FE67EBDA-7E98-4CEC-A674-6D7FA12A3A25}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{D200EB2F-085F-4E9D-862A-470273A359A2}] => (Allow) D:\Steam\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe FirewallRules: [{7E4C8E55-AD48-40D9-8CCA-DA8300383116}] => (Allow) D:\Steam\steamapps\common\Battlefield Bad Company 2\BFBC2Game.exe FirewallRules: [{A177F090-77B0-4196-AE38-C97E5BADA737}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{4E46DFD7-0516-4290-B43F-4A66BB73EDA9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{CF685AF5-EC06-4912-84C2-6C2C91C0AE1E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{B16BDC87-06F0-46BD-B4C0-036E7577763F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{0DF1A88D-87FA-4037-AAB5-493AE467C517}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{39E2C27D-14F8-4618-833B-A9B5BAB0B6E4}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{086BE4C1-9D13-4B0D-BC26-826BD56FC94A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{8740E3D8-5767-40AE-8691-49FE66666D2F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{9D51D91C-5920-4B30-ABE8-58448F5BC777}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{0000CC59-EB41-44FD-9874-592E36F02D4A}C:\users\pawel\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\pawel\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{4C2391AD-85A1-4D28-BB32-F504C844A922}C:\users\pawel\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\pawel\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{D948CF49-3C36-40B3-86AD-96704829F962}] => (Allow) LPort=8317 FirewallRules: [{FF0A4B79-9832-4C52-8C3B-3FF93D2054F1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{CBD4043E-C10A-46FF-BA1C-DCB3CE3E6FD8}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe FirewallRules: [UDP Query User{48BF2FA4-7C4E-4639-B18A-2BAF20EFAF6B}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe FirewallRules: [{C047EF25-BE43-438F-BD2D-2765CF13E477}] => (Allow) D:\Rockstar Games Social Club\RGSCLauncher.exe FirewallRules: [{6FB41DDD-F548-4AD9-975D-63D4B441ECD5}] => (Allow) D:\Rockstar Games Social Club\RGSCLauncher.exe ==================== Punkty Przywracania systemu ========================= 27-03-2016 14:26:29 Removed Grand Theft Auto IV 27-03-2016 14:53:27 Configured Grand Theft Auto IV 27-03-2016 14:56:38 Installed Grand Theft Auto IV 27-03-2016 14:59:50 Installed Rockstar Games Social Club 27-03-2016 15:07:14 Removed Grand Theft Auto IV 27-03-2016 15:07:50 Removed Rockstar Games Social Club 27-03-2016 15:11:53 Removed Grand Theft Auto IV 27-03-2016 15:13:22 Removed Grand Theft Auto IV 27-03-2016 16:56:45 Installed GTA San Andreas 27-03-2016 22:09:21 Kopia zapasowa systemu Windows 28-03-2016 20:46:41 Installed GTA San Andreas 29-03-2016 13:02:21 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Realtek PCIe GBE Family Controller Description: Realtek PCIe GBE Family Controller Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: RTL8167 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Unknown Device Description: Unknown Device Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standardowy kontroler hosta USB) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Mysz zgodna z PS/2 Description: Mysz zgodna z PS/2 Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (03/29/2016 10:31:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/29/2016 10:30:01 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (03/29/2016 10:30:01 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (03/29/2016 10:30:01 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=17, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (03/29/2016 10:25:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/29/2016 10:24:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: ZeroConfigService.exe, wersja: 16.1.0.0, sygnatura czasowa: 0x51e6e2e1 Nazwa modułu powodującego błąd: MurocApi.dll, wersja: 16.1.0.0, sygnatura czasowa: 0x51e6e1c8 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000026570 Identyfikator procesu powodującego błąd: 0x984 Godzina uruchomienia aplikacji powodującej błąd: 0xZeroConfigService.exe0 Ścieżka aplikacji powodującej błąd: ZeroConfigService.exe1 Ścieżka modułu powodującego błąd: ZeroConfigService.exe2 Identyfikator raportu: ZeroConfigService.exe3 Error: (03/29/2016 10:23:54 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (03/29/2016 10:23:54 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (03/29/2016 10:23:54 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=17, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (03/29/2016 11:57:52 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Dziennik System: ============= Error: (03/29/2016 10:29:58 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x00000050 (0xfffffa80e49dfae8, 0x0000000000000000, 0xfffff800032b05d0, 0x0000000000000005)C:\Windows\MEMORY.DMP Error: (03/29/2016 10:29:58 PM) (Source: BugCheck) (EventID: 1005) (User: ) Description: Error: (03/29/2016 10:29:47 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 22:28:38 na ‎29/‎03/‎2016 było nieoczekiwane. Error: (03/29/2016 10:25:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) PROSet/Wireless Zero Configuration Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (03/29/2016 10:25:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 z powodu następującego błędu: %%1053 Error: (03/29/2016 10:25:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0. Error: (03/29/2016 01:05:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.217.23.0). Error: (03/28/2016 06:47:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi SampleCollector. Error: (03/28/2016 06:47:26 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi SampleCollector. Error: (03/27/2016 11:18:36 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi FontCache3.0.0.0. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz Procent pamięci w użyciu: 85% Całkowita pamięć fizyczna: 5883.89 MB Dostępna pamięć fizyczna: 867.73 MB Całkowita pamięć wirtualna: 11765.98 MB Dostępna pamięć wirtualna: 6392.62 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:117.09 GB) (Free:35.35 GB) NTFS Drive d: () (Fixed) (Total:180.9 GB) (Free:41.91 GB) NTFS Drive g: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive j: (GTA_SAN_ANDREAS) (CDROM) (Total:3.94 GB) (Free:0 GB) UDF ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 3BB96C15) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=117.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=180.9 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================