Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 07-12-2016 Uruchomiony przez Paweł (15-12-2016 22:22:45) Uruchomiony z C:\Users\Paweł\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2016-11-14 14:47:02) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-844956796-4294606565-3297058277-500 - Administrator - Disabled) Gość (S-1-5-21-844956796-4294606565-3297058277-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-844956796-4294606565-3297058277-1003 - Limited - Enabled) Paweł (S-1-5-21-844956796-4294606565-3297058277-1000 - Administrator - Enabled) => C:\Users\Paweł ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.) AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies) AVG (Version: 16.131.7924 - AVG Technologies) Hidden AVG 2016 (Version: 16.0.4739 - AVG Technologies) Hidden AVG Protection (HKLM\...\AVG) (Version: 2016.131.7924 - AVG Technologies) AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) BF4 Settings Editor (HKLM\...\{EF4C9459-47DE-4FCD-B9E0-CEB5BA03FC64}) (Version: 1.1 - Realmware) Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.34.223.5 - Broadcom Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform) Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit) FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Hot CPU Tester Pro 4.4.1 (HKLM-x32\...\{5A39D5C2-A28B-421D-925A-0390FD1E5529}_is1) (Version: 4.4 LE - 7Byte Computers) HWiNFO64 Version 5.38 (HKLM\...\HWiNFO64_is1) (Version: 5.38 - Martin Malík - REALiX) Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.00081 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation) MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD) OCCT 4.4.2 (HKLM-x32\...\OCCT) (Version: 4.4.2 - Ocbase.com) Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) RadeonPro 1.0 (Build 1.1.1.0) (HKLM-x32\...\RadeonPro_is1) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7712 - Realtek Semiconductor Corp.) Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.103 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-844956796-4294606565-3297058277-1000\...\Spotify) (Version: 1.0.44.100.ga60c0ce1 - Spotify AB) TeamSpeak 3 Client (HKU\S-1-5-21-844956796-4294606565-3297058277-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic) Total War: ROME II - Emperor Edition (HKLM\...\Steam App 214950) (Version: - Creative Assembly) Video Card Stability Test (HKLM-x32\...\Video Card Stability Test) (Version: v.1.0.0.3 - FreeStone Group) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.118 - Zemana Ltd.) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0617937B-06F3-4D08-88E0-7DED96E3A61D} - System32\Tasks\Driver Booster Scheduler => D:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-21] (IObit) Task: {070ECC73-8C13-4972-A97D-C1A17B709ABB} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe Task: {1EC9E816-4188-40A0-A13F-D4F8DD9088ED} - System32\Tasks\Microsoft\Windows\PLA\GPU => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "GPU" "$(Arg0)" Task: {2A0B3B25-DFEF-42C4-B6E7-3FB9769CCF80} - System32\Tasks\Terrymewuse Adapter => C:\Program Files (x86)\Kuzush\dasush.exe Task: {3E3C9FEB-CB2E-49BD-92CF-00B578CCCB2B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-14] (Google Inc.) Task: {41774E7D-70AF-4F04-A847-E4DE8E31A52E} - System32\Tasks\Driver Booster SkipUAC (Paweł) => D:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-25] (IObit) Task: {76EB0987-DF84-472F-AB46-BAFA5CCED7CD} - System32\Tasks\Microsoft\Windows\PLA\CPU => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "CPU" "$(Arg0)" Task: {92A2E941-65A9-4082-A860-F477ED1386C4} - \8d66777dde5c9948c03b04d1f9eb5a60 -> Brak pliku <==== UWAGA Task: {96E9D772-DD48-4361-B036-6839124CE072} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-14] (Google Inc.) Task: {BF7A1F20-BA8E-48BA-BCE4-0F9A369FF52A} - System32\Tasks\steamwebhelper_killer => TASKKILL [Argument = /F /IM steamwebhelper.exe /T] <==== UWAGA Task: {E3E3BD3E-4B90-4D3D-8E7F-0B040099F423} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Google Hangouts (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=knipolnnllmklapflnccelgolnpehhpl ShortcutWithArgument: C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl ==================== Załadowane moduły (filtrowane) ============== 2016-11-21 15:55 - 2016-11-23 14:48 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2016-12-15 21:45 - 2016-12-15 21:45 - 03977168 _____ () C:\Users\Paweł\Downloads\adwcleaner_6.041.exe 2016-11-14 16:23 - 2016-11-08 22:03 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll 2016-11-14 16:23 - 2016-11-08 22:03 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll 2016-12-12 23:27 - 2016-12-12 23:27 - 31164504 _____ () C:\Users\Paweł\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.186\pepflashplayer.dll 2016-12-15 21:13 - 2016-12-15 21:10 - 48920064 _____ () d:\Program Files (x86)\AVG\UiDll\2623\libcef.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2016-12-15 20:43 - 00001006 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-844956796-4294606565-3297058277-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.5.1 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: AMD FUEL Service => 2 MSCONFIG\Services: BEService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: Origin Web Helper Service => 2 MSCONFIG\Services: RadeonPro Support Service => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: RadeonPro => "D:\Program Files (x86)\RadeonPro\RadeonPro.exe" MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spotify => "C:\Users\Paweł\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Paweł\AppData\Roaming\Spotify\SpotifyWebHelper.exe" MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{942D71A2-EAD4-4364-9E6C-4D7D59F35463}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{531BB91F-08DD-44D1-885C-DBB5964C2A70}] => D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{39A4DE3E-BDB2-4CED-88DF-2F5DB2F989B9}] => D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{2D78525C-DB1C-4FAB-8FD1-75D1C554E73A}D:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => D:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe FirewallRules: [UDP Query User{E83976CE-9A04-4905-B05B-BF12E401E364}D:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => D:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe FirewallRules: [TCP Query User{9207611C-5137-47A1-B92C-935F5D2123ED}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [UDP Query User{3A6FE6ED-A3A4-454C-B036-404FF879B39D}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [TCP Query User{A0AB7643-2099-4BDB-B312-D91EF9665692}C:\users\paweł\appdata\roaming\spotify\spotify.exe] => C:\users\paweł\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{F8EB83BA-9AC3-484D-836E-F3957A468766}C:\users\paweł\appdata\roaming\spotify\spotify.exe] => C:\users\paweł\appdata\roaming\spotify\spotify.exe FirewallRules: [{BC349615-BF7D-4096-B6C1-CF8FB8BFD583}] => C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{220043B4-706E-4519-9453-B2929D5F5BDC}D:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => D:\program files (x86)\steam\steamapps\common\total war attila\attila.exe FirewallRules: [UDP Query User{E2E2CBB8-BC9C-4C9F-ABBB-F4A9F7786ABC}D:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => D:\program files (x86)\steam\steamapps\common\total war attila\attila.exe FirewallRules: [{8AAA3FBF-6F18-4226-B5B2-D6B2047CC2AE}] => D:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{3C0E0FA9-D0FD-4866-AE90-52773E20359F}] => D:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{06958A0D-6CFB-4C83-9800-6FA7019EF303}] => D:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe FirewallRules: [{00AA8E6C-06E3-4152-BEA8-3147B2362044}] => D:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe FirewallRules: [TCP Query User{9C90330D-33CE-4768-A8EE-E9DC2F225E3D}D:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => D:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe FirewallRules: [UDP Query User{E91CDC84-B55F-4ED8-AAD8-CE25FEB753D4}D:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => D:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe FirewallRules: [{BFCAC7DB-C216-4BB7-A3A4-B7491D0A4B52}] => C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{B7B7DA92-BDF7-42E9-A6C3-B023297F47D6}] => C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{EA3F54E9-41F5-44E2-B9E8-A556F9D677E8}] => C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{B9AEE00E-24A6-4836-8E40-CE2270CBD9F6}] => C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{0C9C3051-BFEF-4974-ABA8-210640EBADD6}] => C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{DD938C79-5677-4CC7-B7F0-6A0308DB327F}] => C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{FC007BEA-64C5-476A-8D34-62F19DE7B717}] => C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{479A6CF5-9F79-4E61-A04C-5971DEB981CE}] => C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [TCP Query User{9552286A-B0A9-403D-8775-A6CCB2FC9092}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [UDP Query User{2E10B7FA-C084-4D02-BADA-8E7C94EA3B6C}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [TCP Query User{5A65CB43-4C39-48A8-A09D-89EFC363DFBC}C:\program files (x86)\origin games\battlefield 4\bf4_x86.exe] => C:\program files (x86)\origin games\battlefield 4\bf4_x86.exe FirewallRules: [UDP Query User{37226A41-199C-4E55-A0FD-34216C88A8F9}C:\program files (x86)\origin games\battlefield 4\bf4_x86.exe] => C:\program files (x86)\origin games\battlefield 4\bf4_x86.exe FirewallRules: [{5D3DEA80-E90D-4B10-9C8F-EC285C9842A9}] => D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [{F7C56E37-95B2-4617-9A70-2822BA7B125C}] => D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [TCP Query User{89CB4342-9EFB-4D9F-9B40-AF5A09661D70}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => C:\program files\java\jre1.8.0_111\bin\javaw.exe FirewallRules: [UDP Query User{F9E9D964-A0D9-47ED-94EC-E1E3E18A5A01}C:\program files\java\jre1.8.0_111\bin\javaw.exe] => C:\program files\java\jre1.8.0_111\bin\javaw.exe FirewallRules: [TCP Query User{5AD8B497-2FAA-4052-B023-05557D4DE868}C:\users\paweł\appdata\roaming\spotify\spotify.exe] => C:\users\paweł\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{E3D01EA8-D12F-49BB-827F-767D039C8416}C:\users\paweł\appdata\roaming\spotify\spotify.exe] => C:\users\paweł\appdata\roaming\spotify\spotify.exe FirewallRules: [{DA5EC6AE-447A-4582-8459-B4250B3A8D2B}] => d:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe FirewallRules: [{14A4284D-48BE-453E-B121-D24C702C48E7}] => d:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe FirewallRules: [{A0B0E9B3-F608-450F-BB0E-8813C7935AF7}] => d:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe FirewallRules: [{9C5E0590-F520-41E3-B2C1-A9B0EAADB3C6}] => d:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe FirewallRules: [{6BEDB76B-5C76-4FB4-BA33-BCF97A3C1868}] => d:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe FirewallRules: [{B7D322D7-FF4E-4167-A603-0250EE1ADF6D}] => d:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe FirewallRules: [{42CC07F5-49B7-415E-8BBD-0E7261312417}] => D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{200A263A-3805-43A7-92F7-D8D4640ECC53}] => D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{C559214F-C52D-44DB-BC9F-141B3F164106}] => C:\Users\Paweł\AppData\Local\Temp\00022615\inst_buychannel_07.exe FirewallRules: [{B623BE2C-0681-419B-B196-692B1BB74056}] => C:\Users\Paweł\AppData\Local\Temp\00022615\inst_buychannel_07.exe FirewallRules: [{5A458051-0531-4943-966F-408BC110CC42}] => D:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{38BCC8C2-4B49-434D-A0F1-5EDD68C6A72B}] => D:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{9C23CBF5-B335-483B-84D6-D112183A15E7}] => D:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{1E9352CD-A92C-42B1-AD89-08414E0E51E9}] => D:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{DE7013BA-5D07-49B0-BA83-C1784B09D3DA}] => D:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{A3B73A36-1941-481C-AE5F-A62EAE12C095}] => D:\Program Files (x86)\AVG\Av\avgemca.exe ==================== Punkty Przywracania systemu ========================= 13-12-2016 21:14:26 Installed AVG 2016 13-12-2016 21:14:47 Installed AVG 13-12-2016 21:29:44 Removed AVG 13-12-2016 21:31:19 Removed AVG 2016 15-12-2016 18:34:21 Instalator modułów systemu Windows 15-12-2016 21:24:01 Installed AVG 2016 15-12-2016 21:24:45 Installed AVG ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Karta tunelowania Teredo firmy Microsoft Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/15/2016 10:14:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/15/2016 09:51:27 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/15/2016 09:24:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service Qercerge since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (12/15/2016 09:24:45 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury ConvertStringSidToSid(S-1-5-21-844956796-4294606565-3297058277-500.bak). hr = 0x80070539, Struktura identyfikatora zabezpieczenia jest nieprawidłowa. . Operacja: Zdarzenie OnIdentify Zbieranie danych modułu zapisującego Kontekst: Kontekst wykonywania: Shadow Copy Optimization Writer Identyfikator klasy modułu zapisującego: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Nazwa modułu zapisującego: Shadow Copy Optimization Writer Identyfikator wystąpienia modułu zapisującego: {04862be9-629a-45ff-b0ce-1564d8c562ac} Error: (12/15/2016 09:24:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service Qercerge since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (12/15/2016 09:24:02 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury ConvertStringSidToSid(S-1-5-21-844956796-4294606565-3297058277-500.bak). hr = 0x80070539, Struktura identyfikatora zabezpieczenia jest nieprawidłowa. . Operacja: Zdarzenie OnIdentify Zbieranie danych modułu zapisującego Kontekst: Kontekst wykonywania: Shadow Copy Optimization Writer Identyfikator klasy modułu zapisującego: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Nazwa modułu zapisującego: Shadow Copy Optimization Writer Identyfikator wystąpienia modułu zapisującego: {04862be9-629a-45ff-b0ce-1564d8c562ac} Error: (12/15/2016 09:03:55 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/15/2016 08:59:45 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/15/2016 08:53:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/15/2016 08:51:01 PM) (Source: Schedule) (EventID: 0) (User: ) Description: Event-ID 0 Dziennik System: ============= Error: (12/15/2016 10:14:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (12/15/2016 10:14:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (12/15/2016 10:14:11 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił następujący błąd: Odmowa dostępu. . Error: (12/15/2016 10:13:50 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił następujący błąd: Odmowa dostępu. . Error: (12/15/2016 10:12:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\System32\bcmihvsrv64.dll Error: (12/15/2016 10:12:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\System32\bcmihvsrv64.dll Error: (12/15/2016 10:12:27 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: Wywołanie ScRegSetValueExW dla FailureActions nie powiodło się i wystąpił następujący błąd: Odmowa dostępu. . Error: (12/15/2016 10:12:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\System32\bcmihvsrv64.dll Error: (12/15/2016 10:12:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/15/2016 10:12:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Ochrona oprogramowania niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. ==================== Statystyki pamięci =========================== Procesor: AMD Athlon(tm) II Dual-Core M320 Procent pamięci w użyciu: 49% Całkowita pamięć fizyczna: 4094.36 MB Dostępna pamięć fizyczna: 2064.2 MB Całkowita pamięć wirtualna: 8186.93 MB Dostępna pamięć wirtualna: 5791.41 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:94.56 GB) (Free:29.36 GB) NTFS Drive d: (Nowy) (Fixed) (Total:371.09 GB) (Free:269.97 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 15801580) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=94.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=371.1 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================