Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja: 07-12-2016 Uruchomiony przez XxX (11-12-2016 22:54:53) Uruchomiony z C:\Users\XxX\Desktop Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2016-09-14 13:04:17) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1974380397-4061749477-1577027054-500 - Administrator - Disabled) Guest (S-1-5-21-1974380397-4061749477-1577027054-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1974380397-4061749477-1577027054-1002 - Limited - Enabled) XxX (S-1-5-21-1974380397-4061749477-1577027054-1000 - Administrator - Enabled) => C:\Users\XxX ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1974380397-4061749477-1577027054-1000\...\uTorrent) (Version: 3.4.9.42973 - BitTorrent Inc.) Adobe AIR (HKLM\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated) Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated) Adobe Flash Player 23 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.13.0.21 (Version: 2.13.0.21 - NVIDIA Corporation) Hidden Amigo (HKU\S-1-5-21-1974380397-4061749477-1577027054-1000\...\Amigo) (Version: 50.0.2661.240 - Mail.Ru) Bethesda.net Launcher (HKLM\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.9.4 - Bethesda Softworks) BlueStacks App Player (HKLM\...\BlueStacks) (Version: 2.5.50.6271 - BlueStack Systems, Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform) Cities in Motion 2 (c) Paradox Interactive version 1 (HKLM\...\Q2l0aWVzIGluIE1vdGlvbiAyIChjKSBQYXJhZG94IEludGVyYWN0aXZl_is1) (Version: 1 - ) Creative ALchemy (HKLM\...\ALchemy) (Version: 1.43 - Creative Technology Limited) Creative Audio Control Panel (HKLM\...\AudioCS) (Version: 2.56 - Creative Technology Limited) Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited) Creative Sound Blaster Properties (HKLM\...\Creative Sound Blaster Properties) (Version: 1.02 - Creative Technology Limited) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd) Facebook Games Arcade 0.11.2.3 (HKLM\...\{58208543-2127-4A01-A72E-AF4FDF1DC885}) (Version: 0.11.2.3 - Facebook) Fallout Shelter (HKLM\...\Fallout Shelter) (Version: - Bethesda Softworks) Google Drive (HKLM\...\{8696116E-F4C2-4C64-AD7E-FF365E244FA4}) (Version: 1.32.3889.0961 - Google, Inc.) Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden Hooligans - Storm over Europe (HKLM\...\{B89933C8-E38D-44BE-B3DB-96657D11338F}) (Version: - ) Java 8 Update 101 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) K-Lite Codec Pack 12.3.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 12.3.5 - KLCP) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Games for Windows - LIVE (HKLM\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{FD052FB9-FE90-4438-B355-15EDC89D8FB1}) (Version: 2.0.673.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Mozilla Firefox 50.0.2 (x86 pl) (HKLM\...\Mozilla Firefox 50.0.2 (x86 pl)) (Version: 50.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla) Notepad++ (32-bit x86) (HKLM\...\Notepad++) (Version: 7.2.2 - Notepad++ Team) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation) NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 342.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.00 - NVIDIA Corporation) NVIDIA Sterownik graficzny 342.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.00 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden Opera Stable 41.0.2353.69 (HKLM\...\Opera 41.0.2353.69) (Version: 41.0.2353.69 - Opera Software) Panel sterowania NVIDIA 342.00 (Version: 342.00 - NVIDIA Corporation) Hidden S.T.A.L.K.E.R. - Clear Sky [v1.0003] (HKLM\...\S.T.A.L.K.E.R. - Clear Sky_is1) (Version: 1.0003 - Deep Silver) Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Samsung Kies (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden Skype™ 7.27 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.) SpyHunter 4 (HKLM\...\SpyHunter) (Version: 4.24.3.4750 - Enigma Software Group, LLC) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) The Sims 4 (HKLM\...\VGhlU2ltczQ=_is1) (Version: 1 - ) The Sims™ 4 (HKLM\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.) This War of Mine (HKLM\...\This War of Mine_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Tom Clancy's Rainbow Six Vegas 2 (HKLM\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.00 - Ubisoft) Unity Web Player (HKU\S-1-5-21-1974380397-4061749477-1577027054-1000\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS) Ustawka (HKLM\...\com.readysquare.ustawka) (Version: 1.5.0 - UNKNOWN) Ustawka (Version: 1.5.0 - UNKNOWN) Hidden WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Wojna o Pierścień (HKLM\...\War of the Ring) (Version: 1.0 - Sierra Entertainment, Inc.) World of Tanks (HKU\S-1-5-21-1974380397-4061749477-1577027054-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) World of Warplanes (HKU\S-1-5-21-1974380397-4061749477-1577027054-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813eu}_is1) (Version: - Wargaming.net) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1974380397-4061749477-1577027054-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\XxX\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {01304B6F-4E91-482C-A1D4-DA3E0791A054} - System32\Tasks\Opera scheduled Autoupdate 1473858573 => C:\Program Files\Opera\launcher.exe [2016-11-21] (Opera Software) Task: {0E2AF39A-31C8-43B9-9BB9-3F1F087584D8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation) Task: {28FB9AFC-9814-445F-8F43-D8C4EFB7D18E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation) Task: {2AC8A891-B91D-4F6C-880E-D4B5235C1540} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation) Task: {2C59ECAF-3A27-4640-9F4B-519B05BDD70F} - \Microsoft\Windows\MUI\LPRemove -> Brak pliku <==== UWAGA Task: {2E4C006B-D82B-4584-8958-E66981E07D62} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe [2016-11-08] (Adobe Systems Incorporated) Task: {5316377D-D22E-4B27-BC27-3BEA2C72E6F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-09-15] (Google Inc.) Task: {60176616-A039-4286-8264-B542A5C4D4B7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd) Task: {6D93816E-3E95-4436-8768-CCF7102E9419} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-13] (Adobe Systems Incorporated) Task: {6F710340-563D-4857-A46D-BFF67EEA8C7D} - System32\Tasks\{DCAC5478-B08E-43AF-88EA-3799A6563169} => E:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe Task: {723EB5FE-C38A-48BB-9A10-DC67A76D6A7F} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-08-15] () Task: {747692B4-E0EF-4AD0-8278-9EB05697D873} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe Task: {79F28E9B-A94B-4BC3-B908-6406C2B931AA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2016-11-17] (NVIDIA Corporation) Task: {A1C5AC0A-03EF-4407-BC1C-798C21563D1C} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation) Task: {B602258B-74C8-4522-B2B7-B14FF1BD550C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater32.exe [2016-11-17] (NVIDIA Corporation) Task: {C0A3883E-CFC7-4B7D-BA71-E8924877A4C5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-09-15] (Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\XxX\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ВКонтакте.lnk -> C:\Users\XxX\AppData\Local\Amigo\Application\amigo.exe (Brak pliku) <===== Cyrillic Shortcut: C:\Users\XxX\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Одноклассники.lnk -> C:\Users\XxX\AppData\Local\Amigo\Application\amigo.exe (Brak pliku) <===== Cyrillic ShortcutWithArgument: C:\Users\XxX\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,FileProtocolHandler "hxxp://www.mail.ru/cnt/20775012?gp=811008" ==================== Załadowane moduły (filtrowane) ============== 2016-09-15 19:07 - 2016-10-18 14:48 - 00121792 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2016-11-27 18:55 - 2016-11-27 18:55 - 00267952 _____ () C:\Program Files\Notepad++\NppShell_06.dll 2016-09-14 14:27 - 2016-11-17 14:45 - 00900032 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-09-14 14:27 - 2016-11-17 14:45 - 03774400 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2016-09-14 14:28 - 2016-11-17 14:45 - 00370112 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin.dll 2016-09-14 14:27 - 2016-11-17 11:20 - 00506424 _____ () \\?\C:\Program Files\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2016-09-14 14:27 - 2016-11-17 11:20 - 00252352 _____ () \\?\C:\Program Files\NVIDIA Corporation\NvNode\DriverInstall.node 2016-09-14 14:27 - 2016-11-17 11:20 - 02809912 _____ () \\?\C:\Program Files\NVIDIA Corporation\NvNode\Downloader.node 2016-09-14 14:27 - 2016-11-17 11:20 - 00245184 _____ () \\?\C:\Program Files\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2016-09-14 14:27 - 2016-11-17 11:20 - 00436792 _____ () \\?\C:\Program Files\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2016-09-14 14:27 - 2016-11-17 11:20 - 00338488 _____ () \\?\C:\Program Files\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2016-09-14 14:27 - 2016-11-17 11:20 - 00968248 _____ () \\?\C:\Program Files\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2016-09-14 14:27 - 2016-11-17 14:45 - 00018880 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll 2016-11-25 11:57 - 2016-11-25 11:57 - 66025168 _____ () C:\Program Files\Opera\41.0.2353.69\opera.dll 2016-11-25 11:57 - 2016-11-25 11:56 - 01888464 _____ () C:\Program Files\Opera\41.0.2353.69\libglesv2.dll 2016-11-25 11:57 - 2016-11-25 11:56 - 00094416 _____ () C:\Program Files\Opera\41.0.2353.69\libegl.dll 2016-11-08 15:06 - 2016-11-08 15:06 - 17772736 _____ () C:\Windows\system32\Macromed\Flash\pepflashplayer32_23_0_0_207.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2016-12-11 00:20 - 2016-12-11 00:20 - 00000000 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1974380397-4061749477-1577027054-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\XxX\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja wyłączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR MSCONFIG\startupreg: RGSC => E:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: uTorrent => "C:\Users\XxX\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED MSCONFIG\startupreg: World of Tanks => "E:\Games\World_of_Tanks\WargamingGameUpdater.exe" MSCONFIG\startupreg: World of Warplanes => "E:\Games\World_of_Warplanes\WargamingGameUpdater.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{228386A6-71A3-4FC5-A515-C3321248C502}] => C:\Users\XxX\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{41EF27E7-5F40-409F-A5FF-2CA80CB70EE8}] => C:\Users\XxX\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{EC50DBAF-6A07-48C9-A0EA-6EC596AACFBC}] => C:\Users\XxX\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F7E11340-C732-4FAD-B3CC-5B40B15786CB}] => C:\Users\XxX\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2F00BC9C-FD95-4B40-A55A-E3C192353C88}] => C:\Users\XxX\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3D773AC3-9E78-483F-B214-2ED0CB1AE99F}] => C:\Users\XxX\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7169D031-973E-49A2-8CD3-69BE549DE6D2}] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{F5D99FA2-260B-4E8C-A856-0D630F590660}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{F3025462-100A-473F-BB5B-C76B252F2312}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{1B29C3B1-05FB-4F02-B38E-E9EA029DD768}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{47FDFF8A-E0F6-475B-9E3A-A4394CB46738}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{CA009589-6945-41BC-A2B8-423D6A4C634F}] => C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{4702A5AB-9AC3-451C-B217-B1E47F719877}E:\program files\battlefield 3\bf3.exe] => E:\program files\battlefield 3\bf3.exe FirewallRules: [UDP Query User{6D88D431-AFEA-4E95-9FF5-A50CB254244C}E:\program files\battlefield 3\bf3.exe] => E:\program files\battlefield 3\bf3.exe FirewallRules: [{307C2C0F-869F-426C-885C-5A3F730B24D8}] => C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe FirewallRules: [{2CB49863-4AD6-4C62-B7FA-4ABC67FF1CAB}] => C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe FirewallRules: [{47767A5E-C97E-4D71-8887-082FC8711D97}] => C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe FirewallRules: [{3DECDBDC-3F43-44DC-A9AA-2F57E49B756D}] => C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe FirewallRules: [{A7804AA7-6B79-4066-A7B0-BD57EA77C268}] => E:\Games\World_of_Warplanes\WoWPLauncher.exe FirewallRules: [{76F0924B-4CF9-4F9D-9304-01A5C3A28DE8}] => E:\Games\World_of_Warplanes\WoWPLauncher.exe FirewallRules: [{3EB3A69B-9A40-4BB3-8019-F607AE81A9F3}] => E:\Games\World_of_Warplanes\worldofwarplanes.exe FirewallRules: [{433E48E0-914A-4595-9FFB-B728F44DE22F}] => E:\Games\World_of_Warplanes\worldofwarplanes.exe FirewallRules: [{79579847-8CA7-4657-92AC-48221E5EBF6C}] => C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{9CC09DEE-A6D6-4946-AD33-47ADC41A6358}] => C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{0DAAD3C3-80CD-437D-BA94-5037CB84D80D}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{2D8205CD-27AC-433F-A415-FE7B449D287D}] => E:\Program Files\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{D0183063-E3AD-4058-97DE-B678893228A5}] => E:\Program Files\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{8059358D-E3FC-41F7-9697-A61B4D6C8CC5}] => E:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{420C3BD9-D5C9-4EF6-BB04-D08954D9F654}] => E:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{C5DAC44E-B6D7-44E5-A317-52F11D53F0D1}] => E:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{637F8296-C7AF-4CB6-B189-3E73A77C8753}] => E:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{5C7D8D3A-C191-436A-91BC-E205E71C764E}] => E:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe FirewallRules: [{10E82E9D-2142-4C4E-BAA3-96F78BD9A25F}] => E:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe FirewallRules: [{5C4AC271-1FC1-48EC-AB21-133E809AF46D}] => E:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe FirewallRules: [{12085CEE-00CC-4500-AAAD-EA1F70820CCF}] => E:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe FirewallRules: [{9A9F0880-16DA-4561-9F90-95911BBEFD32}] => C:\Users\XxX\AppData\Local\Amigo\Application\amigo.exe ==================== Punkty Przywracania systemu ========================= 11-12-2016 14:29:36 Installed SpyHunter 11-12-2016 22:53:21 Removed SpyHunter ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/11/2016 06:58:12 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/11/2016 06:56:57 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Spyhunter4.exe w wersji 4.17.6.4336 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 7f0 Godzina rozpoczęcia: 01d253d7e67dbdc0 Godzina zakończenia: 0 Ścieżka aplikacji: C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe Identyfikator raportu: 338db4d1-bfcb-11e6-951f-001fd034cc74 Error: (12/11/2016 02:41:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/11/2016 02:29:02 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/10/2016 07:09:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/10/2016 06:57:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/10/2016 06:01:12 PM) (Source: BugSplat) (EventID: 1) (User: ) Description: Event-ID 1 Error: (12/10/2016 05:56:18 PM) (Source: BugSplat) (EventID: 1) (User: ) Description: Event-ID 1 Error: (12/10/2016 05:50:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/09/2016 08:06:45 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (12/11/2016 06:56:36 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (12/11/2016 02:39:47 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (12/11/2016 02:39:31 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 14:38:15 na ‎2016-‎12-‎11 było nieoczekiwane. Error: (12/11/2016 02:27:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: cdrom Error: (12/11/2016 02:27:14 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 06:28:10 na ‎2016-‎12-‎11 było nieoczekiwane. Error: (12/11/2016 12:20:03 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (12/11/2016 12:20:00 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (12/11/2016 12:19:59 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (12/10/2016 11:24:34 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (12/10/2016 10:21:50 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. ==================== Statystyki pamięci =========================== Procesor: AMD Phenom(tm) 8650 Triple-Core Processor Procent pamięci w użyciu: 49% Całkowita pamięć fizyczna: 3070.55 MB Dostępna pamięć fizyczna: 1556.74 MB Całkowita pamięć wirtualna: 9209.95 MB Dostępna pamięć wirtualna: 7338.43 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:48.83 GB) (Free:12.84 GB) NTFS Drive d: () (Fixed) (Total:48.73 GB) (Free:28.72 GB) NTFS Drive e: (Gry i Programy) (Fixed) (Total:368.1 GB) (Free:172.86 GB) NTFS Drive z: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00056310) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=48.7 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================