Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 04-11-2016 Uruchomiony przez Człowiek (06-11-2016 14:51:42) Uruchomiony z C:\Pobrane Windows 7 Home Premium Service Pack 1 (X64) (2015-08-28 22:03:51) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3191348758-2093589088-296921901-500 - Administrator - Disabled) Człowiek (S-1-5-21-3191348758-2093589088-296921901-1000 - Administrator - Enabled) => C:\Users\Człowiek Gość (S-1-5-21-3191348758-2093589088-296921901-501 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E} AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated) Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated) Bandizip (HKLM\...\Bandizip) (Version: 5.15 - Bandisoft.com) BleachBit (HKLM-x32\...\BleachBit) (Version: 1.12 - BleachBit) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6229 - CDBurnerXP) CodeBlocks (HKU\S-1-5-21-3191348758-2093589088-296921901-1000\...\CodeBlocks) (Version: 16.01 - The Code::Blocks Team) Crucial Storage Executive (HKU\S-1-5-21-3191348758-2093589088-296921901-1000\...\Crucial Storage Executive 3.24.082015.05) (Version: 3.24.082015.05 - Crucial) Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc) EMET 5.51 (HKLM-x32\...\{A8608E0F-56B8-465C-A762-86D68FF4FC72}) (Version: 5.51 - Microsoft Corporation) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.3 - Lenovo) Energy Management (x32 Version: 7.0.3.3 - Lenovo) Hidden Heroes of Might and Magic III - Złota Edycja (HKLM-x32\...\{2F95D723-72D2-425C-A238-367FF157B6EE}) (Version: 1.00 - Ubisoft) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Lenovo CAPOSD (HKLM-x32\...\InstallShield_{48F851E7-DD0C-4A35-AD7A-57878023E987}) (Version: 1.0.0.6 - Lenovo) Lenovo CAPOSD (x32 Version: 1.0.0.6 - Lenovo) Hidden Lenovo EasyCamera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.3.3.31 - SunplusIT) Lenovo MuteSync (HKLM-x32\...\{16D5D9E9-C8DE-4014-A09C-B9B5ABA0F7FA}) (Version: 1.0.10 - Lenovo) LibreOffice 5.0.1.2 (HKLM\...\{A18CF6D8-7CE1-46F2-85B9-D87B7197B2F6}) (Version: 5.0.1.2 - The Document Foundation) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 49.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 49.0.2 (x64 pl)) (Version: 49.0.2 - Mozilla) Mozilla Thunderbird 45.3.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 45.3.0 (x86 pl)) (Version: 45.3.0 - Mozilla) MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team) NVIDIA Oprogramowanie systemu PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NVIDIA Sterownik graficzny 368.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.22 - NVIDIA Corporation) Odkurzacz (HKLM-x32\...\Odkurzacz 14.2_is1) (Version: 14.2.0.4492 - FranmoSoftware - Maciej Opaliński) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 41.0.2353.46 (HKU\S-1-5-21-3191348758-2093589088-296921901-1000\...\Opera 41.0.2353.46) (Version: 41.0.2353.46 - Opera Software) Oprogramowanie Intel® PROSet/Wireless WiFi (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo) Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.01.01.0000 - Panda Security) Panda Free Antivirus (Version: 8.20.00.0000 - Panda Security) Hidden Panda Security URL Filtering (HKLM-x32\...\Panda Security URL Filtering) (Version: 2.0.3.5 - Panda Security) Panel sterowania NVIDIA 368.22 (Version: 368.22 - NVIDIA Corporation) Hidden qBittorrent 3.2.5 (HKLM-x32\...\qBittorrent) (Version: 3.2.5 - The qBittorrent project) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.48.823.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.) Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39015 - Realtek Semiconductor Corp.) Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH) SpyShelter Firewall 10.8.9 (HKLM\...\SpyshelterInternetSecurity_is1) (Version: 10.8.9 - Datpol) SRWare Iron wersja 53.0.2800.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: 53.0.2800.0 - SRWare) SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.33.0 - Synaptics Incorporated) TeamSpeak 3 Client (HKU\S-1-5-21-3191348758-2093589088-296921901-1000\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH) World of Tanks (HKU\S-1-5-21-3191348758-2093589088-296921901-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) World of Warships (HKU\S-1-5-21-3191348758-2093589088-296921901-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3191348758-2093589088-296921901-1000_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll () CustomCLSID: HKU\S-1-5-21-3191348758-2093589088-296921901-1000_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl64.dll (Bandisoft.com) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1C6DABBF-0DB2-44DB-AAF9-129813365B27} - \{67039849-2DD3-427C-AF99-6ECF6D9E366F} -> Brak pliku <==== UWAGA Task: {2E099D4A-A17F-42E8-B6DD-D6A00B165A8B} - System32\Tasks\Odkurzacz => C:\Program Files (x86)\Odkurzacz\odkurzacz.exe [2016-08-25] (FranmoSoftware) Task: {3502041A-E1B4-4D0C-BB35-4C69262A95F5} - \{CAB03B32-752F-4BB6-BE97-04B9106D15F8} -> Brak pliku <==== UWAGA Task: {36131B11-5BE2-4467-BA00-6C3209D8A634} - \{B0A04DFA-8613-4761-A403-89441D61272D} -> Brak pliku <==== UWAGA Task: {3A68B11A-620B-4B92-9BBD-B1DD10B55681} - \{24AED4F4-C906-45F1-96A8-CEBB776E0B82} -> Brak pliku <==== UWAGA Task: {45D9C6FF-443E-4673-98CA-D1FB492BDF4F} - \{34091071-50C8-418C-B948-DD859C92A789} -> Brak pliku <==== UWAGA Task: {4855E401-EDB3-4A6F-B5E8-3FCD368C0214} - \{C2041C5A-5B7B-4914-B3F5-3881F7FA2805} -> Brak pliku <==== UWAGA Task: {58B949A3-8594-4DFE-8691-815C25E42B1E} - \{8B14A4F6-5250-4E91-BAC1-D5AACB53312F} -> Brak pliku <==== UWAGA Task: {5C27F07F-4D09-4234-850A-0D8FAB0FC0C2} - \{0D79D898-AC66-4B6C-9C96-447C268BB7E4} -> Brak pliku <==== UWAGA Task: {616F5314-1E31-4B31-96E6-E35AF20D1C76} - \{838334B2-6106-489A-93AB-F32798B1C437} -> Brak pliku <==== UWAGA Task: {79DE1E90-599D-4FE0-9C36-E5D4D7B15EC6} - \{858363A5-BCC5-49EE-A123-BB50808A0510} -> Brak pliku <==== UWAGA Task: {83DC6174-83A1-46C2-93A1-8AF406479DA2} - \{4072CA12-50DC-42CA-B34F-4DBF24B12FE0} -> Brak pliku <==== UWAGA Task: {96C7729F-8111-40F1-A1DF-C2BE9A0D2391} - \{D8E4CC35-596B-404F-A181-AB97FCC9BE8F} -> Brak pliku <==== UWAGA Task: {A2295C86-32DD-4FF7-82CF-11DB6DDEB0F5} - \{9F89189A-C76D-483F-9401-3EFC36617682} -> Brak pliku <==== UWAGA Task: {A67A8533-2F3C-4BDC-BD6B-65675D6DEEB9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {A83A5E48-3CEE-47DB-ABC6-2FCF53861924} - System32\Tasks\Opera scheduled Autoupdate 1470487867 => C:\Program Files\Opera\launcher.exe [2016-10-24] (Opera Software) Task: {A91074E6-60C5-4948-83E6-0192D60CE764} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {B046BE54-7EA8-4194-901B-321721CF9A16} - \{8B31155A-D4D6-4608-9C58-C0D8C6A3612A} -> Brak pliku <==== UWAGA Task: {E026EE2D-7AD5-473C-A439-4D71430C7A9A} - \{8B6BA0CE-476B-4B90-B3A2-109848EE758B} -> Brak pliku <==== UWAGA Task: {F2ADE53A-39C2-4330-ACBA-A4D8D1BA1B41} - \{4A28A1BB-A967-4F06-ABA6-6E75D24A1145} -> Brak pliku <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => c:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-04-25 16:41 - 2013-04-15 10:50 - 00198144 _____ () C:\Windows\System32\HP1006LM.DLL 2016-04-25 16:42 - 2013-04-15 10:50 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1006PP.dll 2015-09-03 20:15 - 2016-05-20 08:01 - 00020536 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2015-08-28 23:07 - 2012-02-08 09:03 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 2012-01-19 06:48 - 2012-01-19 06:48 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2008-12-20 02:20 - 2015-08-28 23:09 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll 2008-12-20 02:20 - 2015-08-28 23:09 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll 2012-02-21 12:06 - 2015-08-28 23:09 - 01490944 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll 2012-02-21 12:06 - 2015-08-28 23:09 - 00005120 _____ () C:\Program Files (x86)\Lenovo\Energy Management\pl-PL\EMWpfUI.resources.dll 2015-12-15 18:17 - 2015-12-15 18:17 - 00618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll 2015-09-03 20:15 - 2016-05-20 08:01 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2015-09-03 20:17 - 2016-05-02 07:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2011-06-28 13:28 - 2011-06-28 13:28 - 00042496 _____ () C:\Program Files (x86)\Lenovo\Lenovo CAPOSD\QTKB.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2015-08-31 21:01 - 00003631 ___RA C:\Windows\system32\Drivers\etc\hosts 0.0.0.0 vortex.data.microsoft.com 0.0.0.0 vortex-win.data.microsoft.com 0.0.0.0 telecommand.telemetry.microsoft.com 0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net 0.0.0.0 oca.telemetry.microsoft.com 0.0.0.0 oca.telemetry.microsoft.com.nsatc.net 0.0.0.0 sqm.telemetry.microsoft.com 0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net 0.0.0.0 watson.telemetry.microsoft.com 0.0.0.0 watson.telemetry.microsoft.com.nsatc.net 0.0.0.0 redir.metaservices.microsoft.com 0.0.0.0 choice.microsoft.com 0.0.0.0 df.telemetry.microsoft.com 0.0.0.0 reports.wes.df.telemetry.microsoft.com 0.0.0.0 services.wes.df.telemetry.microsoft.com 0.0.0.0 sqm.df.telemetry.microsoft.com 0.0.0.0 watson.ppe.telemetry.microsoft.com 0.0.0.0 telemetry.appex.bing.net 0.0.0.0 telemetry.urs.microsoft.com 0.0.0.0 telemetry.appex.bing.net:443 0.0.0.0 settings-sandbox.data.microsoft.com 0.0.0.0 vortex-sandbox.data.microsoft.com 0.0.0.0 survey.watson.microsoft.com 0.0.0.0 watson.live.com 0.0.0.0 statsfe2.ws.microsoft.com 0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com 0.0.0.0 compatexchange.cloudapp.net 0.0.0.0 cs1.wpc.v0cdn.net 0.0.0.0 a-0001.a-msedge.net 0.0.0.0 statsfe2.update.microsoft.com.akadns.net Wykryto więcej niż wyliczono: 48 linii. ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3191348758-2093589088-296921901-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Człowiek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 89.231.1.206 - 217.172.224.160 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\Services: nvsvc => 2 MSCONFIG\startupreg: Lenovo EasyCamera_Monitor => C:\Program Files (x86)\Lenovo EasyCamera\monitor.exe MSCONFIG\startupreg: ROCCAT Savu Gaming Mouse => "C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe" /Automation ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{062774C4-1EDC-4792-8087-0C0BBBB18306}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{C28E687C-41AE-49B3-9876-F14CE86C9254}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe FirewallRules: [{525F2764-E7A3-486C-986A-E3BEAA623F2C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{B72C9923-D484-4308-A2D2-5416026B7BB3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{CD342139-445A-4ED9-860A-F20AE66B131A}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{1F4D3CB4-0CC4-44B2-8F07-F8B13AD12D38}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{5F44206A-A42A-4AD4-9CD0-5FF709BA1714}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [UDP Query User{28C7EBE7-6218-47C8-B49C-5D9A2408D55A}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [TCP Query User{7FE8D5CC-9851-400B-8E14-DCCFC3412AB4}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Block) C:\program files (x86)\qbittorrent\qbittorrent.exe FirewallRules: [UDP Query User{A919B6AF-300E-4FB3-A5A9-4AA621FBD863}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Block) C:\program files (x86)\qbittorrent\qbittorrent.exe FirewallRules: [TCP Query User{A9DBFABD-0004-4114-940B-EA9D4CCB5385}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe FirewallRules: [UDP Query User{E1E07889-550C-40CE-AD4C-6354DDCC25D4}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe ==================== Punkty Przywracania systemu ========================= 18-10-2016 23:43:56 Windows Update 22-10-2016 20:20:35 Windows Update 29-10-2016 11:46:42 Windows Update 01-11-2016 12:26:23 Windows Update 04-11-2016 15:49:45 Windows Update 04-11-2016 17:45:11 Instalator modułów systemu Windows 05-11-2016 17:51:15 Windows Update ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Lenovo EasyCamera Description: Lenovo EasyCamera Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Liteon Service: SPUVCbv Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (11/06/2016 02:25:17 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/06/2016 12:51:41 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/06/2016 10:30:22 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/05/2016 11:18:09 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/04/2016 05:56:18 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/04/2016 03:45:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/03/2016 03:30:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/02/2016 10:49:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/02/2016 03:33:02 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/01/2016 11:58:50 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (11/06/2016 02:25:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: PSBoot VBoxNetAdp Error: (11/06/2016 12:51:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: PSBoot VBoxNetAdp Error: (11/06/2016 12:51:01 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2. Error: (11/06/2016 12:51:00 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR2. Error: (11/06/2016 12:50:27 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla ImagePath nie powiodło się i wystąpił następujący błąd: Odmowa dostępu. . Error: (11/06/2016 10:30:21 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: VBoxNetAdp Error: (11/05/2016 11:18:06 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: VBoxNetAdp Error: (11/04/2016 05:56:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: VBoxNetAdp Error: (11/04/2016 03:45:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: VBoxNetAdp Error: (11/03/2016 03:30:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: VBoxNetAdp ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz Procent pamięci w użyciu: 26% Całkowita pamięć fizyczna: 8051.32 MB Dostępna pamięć fizyczna: 5921.3 MB Całkowita pamięć wirtualna: 10097.5 MB Dostępna pamięć wirtualna: 7870.35 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:232.79 GB) (Free:127.77 GB) NTFS Drive e: (Nowy) (Fixed) (Total:465.76 GB) (Free:436.73 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: C7CB90BA) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2E739DFD) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================