Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 04-11-2016 Uruchomiony przez Maszek (10-11-2016 22:14:55) Uruchomiony z C:\Users\Maszek\Downloads\frst Windows 7 Ultimate Service Pack 1 (X64) (2016-03-16 16:53:18) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1763519817-1781849656-1431895266-500 - Administrator - Disabled) Gość (S-1-5-21-1763519817-1781849656-1431895266-501 - Limited - Disabled) Maszek (S-1-5-21-1763519817-1781849656-1431895266-1000 - Administrator - Enabled) => C:\Users\Maszek ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated) ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0053 - ASUS) Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.00.05 - TOSHIBA CORPORATION) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd) ETDWare PS/2-x64 7.0.5.7_WHQL (HKLM\...\Elantech) (Version: - ) Game Dev Tycoon version 1.5.12 (HKLM-x32\...\{D67C6882-BCA6-4883-928F-B004138ECD46}_is1) (Version: 1.5.12 - Yuzutu, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 4.5.2 Hotfix Rollup (KB3011114) (HKLM\...\{8AB1C38E-8622-3F81-B3D8-C5DD2D70830E}) (Version: 4.5.52279 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) MU LEGEND GLOBAL CBT (HKLM-x32\...\{MU2GB92C-VH2O-Z2AQ-N26J-M2VJEWJEUE52}_is1) (Version: 1.0.0.0 - Webzen) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5948 - Realtek Semiconductor Corp.) SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.1500 - SRS Labs, Inc.) The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {14E4B47C-4698-4F17-85E7-26A31A564F85} - \psv_Stimtex -> Brak pliku <==== UWAGA Task: {166B23ED-84E7-4DC1-BCDE-F2434E4B3556} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-16] (Google Inc.) Task: {57A66BE5-8448-41E3-A395-41422CA1F8AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-16] (Google Inc.) Task: {752EDD07-9EDF-45D5-91F9-55DBBEC20508} - \psv_Rounddox -> Brak pliku <==== UWAGA Task: {765FC0E9-3D16-44B8-866E-F7731530ACE4} - \KuaiZip_Update -> Brak pliku <==== UWAGA Task: {8811C942-7CB9-42CE-B46E-D68BD51A166B} - \PPI Update -> Brak pliku <==== UWAGA Task: {99054C69-5403-4991-8C5C-56F96120C90C} - \psv_Hotfax -> Brak pliku <==== UWAGA Task: {9F1FFED5-644B-49B4-B1B4-071A979909F6} - \snp -> Brak pliku <==== UWAGA Task: {C7BB1F6F-83A9-4EE0-98B7-C47E5551A21B} - System32\Tasks\Chrome Cleanup Tool post reboot run => C:\Users\Maszek\AppData\Local\Temp\F907.exe [2016-11-10] (Google) <==== UWAGA Task: {D91591BF-E9B0-46C5-BD64-B24397FFFD02} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated) Task: {D9C61F1C-CC71-4617-A557-5B87D3F48E03} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [2016-08-02] (UCWeb Inc) <==== UWAGA Task: {E4BEC95F-FF93-4EB3-94D2-5B20436A2506} - \snf -> Brak pliku <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== UWAGA ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2016-10-31 18:03 - 2016-10-31 11:08 - 03786752 _____ () C:\ProgramData\Logic Handler\set.exe 2016-09-26 08:00 - 2016-09-28 09:08 - 00057856 _____ () C:\ProgramData\NetworkPacketManitor\Nettrans.exe 2016-10-31 18:03 - 2016-10-31 18:02 - 00710656 _____ () C:\ProgramData\Quoteex\Quoteex.exe 2016-10-31 18:05 - 2016-10-31 18:05 - 00560768 _____ () C:\Program Files (x86)\KuaiZip\X64\KZipShell.dll 2016-03-16 18:06 - 2016-03-16 18:06 - 46344704 _____ () C:\Program Files (x86)\ContentPush\app\bin\nw.exe 2016-10-31 18:05 - 2016-10-31 18:05 - 00216704 _____ () c:\program files (x86)\kuaizip\x86\kuaizipupdatechecker.dll 2016-10-31 18:02 - 2016-10-31 18:02 - 01296896 ____N () C:\Users\Maszek\AppData\Local\ISPsoft\qggmilmh.dll 2016-03-16 18:06 - 2016-03-16 18:06 - 01481728 _____ () C:\Program Files (x86)\ContentPush\app\bin\libglesv2.dll 2016-03-16 18:06 - 2016-03-16 18:06 - 00073728 _____ () C:\Program Files (x86)\ContentPush\app\bin\libegl.dll 2016-03-16 18:05 - 2016-03-16 18:05 - 01681224 _____ () C:\Program Files (x86)\ContentPush\app\bin\ffmpegsumo.dll 2016-11-10 21:51 - 2016-11-10 21:51 - 01351680 ____N () C:\Users\Maszek\AppData\Local\YSPack\qwxjudsn.dll 2016-10-30 22:50 - 2016-10-20 09:47 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libglesv2.dll 2016-10-30 22:50 - 2016-10-20 09:47 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libegl.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2016-10-31 18:04 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1763519817-1781849656-1431895266-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{A244E75F-4156-4B30-86B9-382B885B0294}C:\users\maszek\desktop\fifa 12\game\fifa.exe] => (Allow) C:\users\maszek\desktop\fifa 12\game\fifa.exe FirewallRules: [UDP Query User{7939E12E-2172-4E64-A396-080862B11752}C:\users\maszek\desktop\fifa 12\game\fifa.exe] => (Allow) C:\users\maszek\desktop\fifa 12\game\fifa.exe FirewallRules: [{638C3B60-59E8-4D25-AB2E-162E78D50E77}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4CA0789B-CF8F-4AA7-9DB0-FD0C2A29EA62}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{C85DBA59-66CE-426F-A30E-A3AF7264AAE5}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{0E2EFFEE-DD5A-4B6F-9455-82E6B2BFA831}] => (Allow) C:\Users\Maszek\AppData\Local\Temp\inst_buychannel_45.exe FirewallRules: [{8DF11360-4A13-49AB-AE6A-4B4F802F0776}] => (Allow) C:\Users\Maszek\AppData\Local\Temp\inst_buychannel_45.exe ==================== Punkty Przywracania systemu ========================= 16-06-2016 08:17:13 Instalator modułów systemu Windows 31-10-2016 16:45:30 Zainstalowany program DirectX 31-10-2016 16:46:32 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 31-10-2016 17:18:14 Zainstalowany program DirectX 31-10-2016 17:19:19 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 31-10-2016 17:46:27 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 10-11-2016 21:49:10 Chrome Cleanup Tool ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (11/10/2016 09:46:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/30/2016 10:41:10 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: ) Description: Pozyskiwanie oryginalnego biletu (hr=0xC004C533) dla szablonu o identyfikatorze 66c92734-d682-4d71-983e-d6ec3f16059f nie powiodło się. Error: (10/30/2016 10:41:10 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: ) Description: Szczegóły błędu pozyskiwania licencji. hr=0xC004C533 Error: (10/30/2016 10:39:04 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/16/2016 09:14:35 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/16/2016 08:17:09 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Opis = Windows Update; Błąd = 0x81000101). Error: (06/12/2016 08:03:10 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/12/2016 07:49:10 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (06/10/2016 03:27:37 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: Event-ID 7001 Error: (06/09/2016 08:17:29 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (11/10/2016 09:47:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Network Packet Manitor zawiesiła się podczas uruchamiania. Error: (11/10/2016 09:47:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Background Logic Handler zawiesiła się podczas uruchamiania. Error: (10/31/2016 06:05:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Kuaizip Update Checker. Error: (10/31/2016 05:20:07 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {E60687F7-01A1-40AA-86AC-DB1CBF673334} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (06/12/2016 07:47:30 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 23:11:02 na ‎2016-‎06-‎11 było nieoczekiwane. Error: (06/11/2016 11:28:58 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (06/11/2016 11:28:58 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (06/11/2016 11:28:57 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (06/11/2016 11:28:56 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (06/09/2016 06:09:13 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi ShellHWDetection. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz Procent pamięci w użyciu: 60% Całkowita pamięć fizyczna: 4095.24 MB Dostępna pamięć fizyczna: 1627.83 MB Całkowita pamięć wirtualna: 8188.66 MB Dostępna pamięć wirtualna: 4500.79 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:97.66 GB) (Free:39.35 GB) NTFS Drive d: () (Fixed) (Total:368.01 GB) (Free:357.05 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A74E9D10) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=368 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================