Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:02-03-2016 Uruchomiony przez Krzysiek (2016-03-25 20:37:48) Uruchomiony z D:\Programy\Frst Windows 7 Home Premium Service Pack 1 (X64) (2015-10-26 15:14:07) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2286393275-2221825981-1864126036-500 - Administrator - Disabled) Gość (S-1-5-21-2286393275-2221825981-1864126036-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2286393275-2221825981-1864126036-1003 - Limited - Enabled) Krzysiek (S-1-5-21-2286393275-2221825981-1864126036-1000 - Administrator - Enabled) => C:\Users\Krzysiek ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B} AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) "Nero SoundTrax Help (x32 Version: 4.0.15.0 - Nero AG) Hidden µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - ) Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated) Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden Aktualizacje NVIDIA 2.10.2.40 (Version: 2.10.2.40 - NVIDIA Corporation) Hidden Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1830 - CyberLink Corp.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) DivX H.264 decoder 8.2.0.26 (HKLM-x32\...\divxh264_is1) (Version: 8.2.0.26 - ) DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - ) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.) GG (HKU\S-1-5-21-2286393275-2221825981-1864126036-1000\...\GG) (Version: 12 - GG Network S.A.) GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team) Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - ) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation) Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab) Kaspersky Total Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden Komunikator WTW 1.16.0.4737 (HKLM\...\{1DF5019A-68B5-4ba1-8E59-E185C7B7FF11}) (Version: 1.16.0.4737 - K2T.eu) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Menu Templates - Starter Kit (x32 Version: 9.6.0.0 - Nero AG) Hidden Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01055 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Movie Templates - Starter Kit (x32 Version: 9.6.0.0 - Nero AG) Hidden Mozilla Firefox 45.0.1 (x64 pl) (HKLM\...\Mozilla Firefox 45.0.1 (x64 pl)) (Version: 45.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.17.0 - NEC Electronics Corporation) NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.17.0 - NEC Electronics Corporation) Hidden Nero 8 Lite (HKLM-x32\...\Nero8Lite_is1) (Version: 8.3.20.0 - UpdatePack.nl) NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation) NVIDIA Sterownik graficzny 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) ODF Add-in for Microsoft Office (HKLM-x32\...\{2BC21CD2-8053-406A-80F6-9AB61717B49D}) (Version: 4.0.5309.0 - OpenXML/ODF Translator Team) Oprogramowanie mikroukładu Intel® (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden Paint XP version 1.5 (HKLM-x32\...\{2367FAB6-055A-4923-835F-F57F7BBBA363}_is1) (Version: 1.5 - MSPAINTXP.COM) Pakiet zgodności dla systemu Office 2007 (HKLM-x32\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Panel sterowania NVIDIA 341.92 (Version: 341.92 - NVIDIA Corporation) Hidden Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista (HKLM-x32\...\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}) (Version: 1.00.0000 - Realtek) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7680 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.) SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) SoundTrax (x32 Version: 4.4.39.0 - Nero AG) Hidden StarCraft II: Heart of the Swarm (c) Blizzard Entertainment version 1 (HKLM-x32\...\U3RhckNyYWZ0IElJOiBIZWFydCBvZiB0aGUgU3dhcm0gKGMp~BFC02D25_is1) (Version: 1 - ) Sun ODF Plugin for Microsoft Office 3.2 (HKLM-x32\...\{BD136CE7-6666-4273-A056-8D92F8625AAB}) (Version: 3.2.9483 - Sun Microsystems) Video Download Capture wersja 5.1.0 (HKLM-x32\...\{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1) (Version: 5.1.0 - APOWERSOFT LIMITED) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WinRAR 5.21 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - ) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2286393275-2221825981-1864126036-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Krzysiek\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0710E9DB-B54D-438C-BF5E-F1A525D3A6B3} - System32\Tasks\{4D149841-84F9-4D6B-82AF-E0492021CE42} => pcalua.exe -a C:\Brother\mflpro\Data\Disk1\setup.exe -d C:\Brother\mflpro\Data\Disk1 Task: {239BFEEA-1217-4B9D-ACFF-FC331CE54044} - System32\Tasks\Driver Booster SkipUAC (Krzysiek) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {309DEBE5-C6B4-4DD3-85AA-E2E36A4CB516} - System32\Tasks\{3CB070F3-567F-4853-9A0E-C5CF16F50B1F} => pcalua.exe -a E:\Network\Rtl8139\Vista\setup.exe -d E:\Network\Rtl8139\Vista Task: {50E829D1-D4D6-4FD8-A411-06B86559A875} - System32\Tasks\{DB99425C-26A9-41D5-B7A7-39C4000BCA95} => pcalua.exe -a E:\Network\Atheros\setup.exe -d E:\Network\Atheros Task: {519CE688-385E-43B1-BB72-A934E4932DB5} - System32\Tasks\{83AB83D2-603E-40B5-8465-F4E235124A24} => pcalua.exe -a E:\Network\Rtl8139\Drivers\Setup.exe -d E:\Network\Rtl8139\Drivers Task: {82C7C4EE-897A-4A81-8F34-B0D7D5E22A39} - System32\Tasks\{67CA2CC8-FFA2-4DCE-A118-1298A58AFA41} => pcalua.exe -a C:\Users\Krzysiek\Downloads\0006-64bit_Win7_Win8_Win81_Win10_R279.exe -d C:\Users\Krzysiek\Downloads Task: {9665FE09-C62C-413C-913E-AAB2B371B3E2} - System32\Tasks\{C08BC096-441E-413A-91C0-4302DF89C237} => pcalua.exe -a E:\Network\Intel\Autorun.exe -d E:\Network\Intel Task: {CD5F5F25-9B88-40F7-80C0-9F83D7A52308} - System32\Tasks\{E349E93A-170E-4394-94C6-F7B25E3081B6} => pcalua.exe -a C:\Users\Krzysiek\Downloads\0006-64bit_Win7_Win8_Win81_Win10_R279.exe -d C:\Users\Krzysiek\Downloads Task: {DFF363B6-A2DC-4882-A6C2-A40E824BC91D} - System32\Tasks\{6A8EE60A-CAE2-44F4-8BB3-FD604A395E01} => pcalua.exe -a "C:\Users\Krzysiek\Downloads\Nero 8.3.2.1b Portable\Nero 8.3.2.1b Portable\NeroExpressPortable.exe" -d "C:\Users\Krzysiek\Downloads\Nero 8.3.2.1b Portable\Nero 8.3.2.1b Portable" Task: {E0D1F5C1-E13B-4DF3-AE52-3EC15E20D9E9} - System32\Tasks\{E41E7CE5-9A5E-40DA-8E43-592A472299E7} => pcalua.exe -a "C:\Users\Krzysiek\Downloads\Nero_8.by.takky\Nero 8.3.6.0 PL\Nero-8.3.6.0_plk.exe" -d "C:\Users\Krzysiek\Downloads\Nero_8.by.takky\Nero 8.3.6.0 PL" Task: {E9C8AE99-89AD-484C-8789-2A69970CF18A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-24] (Adobe Systems Incorporated) Task: {EDD0B2E5-68FA-4D42-BC5A-E63154B566EB} - System32\Tasks\{C7E784FA-ADD4-4547-B653-F13BA98758AB} => pcalua.exe -a "D:\Programy\Stery Mainboard\Atheros\setup.exe" -d "D:\Programy\Stery Mainboard\Atheros" Task: {FD29AF0D-40BA-460B-9462-D370DD004A04} - System32\Tasks\{CFF76EEE-8B18-478E-89F2-35C8244F8A8B} => C:\Program Files (x86)\Paint XP\mspaint.exe [2005-02-23] (Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2015-11-18 12:29 - 2015-10-13 18:26 - 00125616 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-03-19 20:11 - 2016-02-17 07:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-03-19 20:12 - 2016-02-17 07:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-03-19 20:11 - 2016-02-17 07:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2015-10-27 11:05 - 2016-02-01 11:39 - 00019456 _____ () C:\Program Files\K2T\WTW\libCryptoLayer.module 2015-10-27 11:05 - 2016-02-01 11:39 - 00088064 _____ () C:\Program Files\K2T\WTW\libCryptoWtw.module 2015-10-27 11:05 - 2016-02-01 11:39 - 00555008 _____ () C:\Program Files\K2T\WTW\libSQ3.module 2015-10-27 11:05 - 2016-02-01 11:39 - 00577024 _____ () C:\Program Files\K2T\WTW\libImage.module 2015-10-27 11:05 - 2016-02-01 11:39 - 00092160 _____ () C:\Program Files\K2T\WTW\libZlib.module 2015-10-27 11:05 - 2016-02-01 11:39 - 00129024 _____ () C:\Program Files\K2T\WTW\libExpat.module 2015-10-27 11:05 - 2016-02-01 11:39 - 00442880 _____ () C:\Program Files\K2T\WTW\libLexer.module 2016-03-24 14:32 - 2016-03-24 14:32 - 26727616 _____ () C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll 2014-08-30 16:12 - 2014-08-30 16:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\kpcengine.2.3.dll 2016-03-19 20:10 - 2016-02-17 08:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2286393275-2221825981-1864126036-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Krzysiek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\Services: ABBYY.Licensing.FineReader.Professional.12.0 => 2 MSCONFIG\Services: MBAMScheduler => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\startupreg: Bonus.SSR.FR12 => "C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe" /autorun MSCONFIG\startupreg: BrHelp => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: GG => "C:\Users\Krzysiek\AppData\Local\GG\Application\gghub.exe" MSCONFIG\startupreg: RemoteControl8 => "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{E83794D5-95FD-44E7-9C19-BCE47564BBD1}] => (Allow) D:\TORRENT\utorrent\uTorrent.exe FirewallRules: [{D7168694-47CD-4781-9C51-B139DF5A0E3A}] => (Allow) D:\TORRENT\utorrent\uTorrent.exe FirewallRules: [{7A11DCA0-5250-4097-A814-7EFCD6EC710D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{075FC40E-6FFA-4CDD-8F71-9C8A5B9822AF}] => (Block) C:\Windows.old\Program Files (x86)\StarCraft II\Versions\Base24944\SC2.exe FirewallRules: [{57BA1586-357B-4642-A7D1-20A693FDFEC3}] => (Allow) C:\Windows.old\Program Files (x86)\StarCraft II\Versions\Base24944\SC2.exe FirewallRules: [{62C59A1A-9160-4E30-85D5-7AAA91819B94}] => (Allow) C:\Windows.old\Program Files (x86)\StarCraft II\Versions\Base24944\SC2.exe FirewallRules: [{561435D6-B6D6-4D87-BA98-A6464C261F34}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe FirewallRules: [{5531657A-FE17-4518-8308-094F889D0DDB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe FirewallRules: [{A30DA3A1-A67F-4F74-B888-060F57DB3D5E}] => (Block) C:\Program Files (x86)\StarCraft II\Versions\Base24944\SC2.exe FirewallRules: [{C9E27FA2-F5B4-47DF-B57C-48AFDFD12C56}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base24944\SC2.exe FirewallRules: [{74D7CFD8-B471-485D-B304-2A445E8E77A7}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base24944\SC2.exe FirewallRules: [{ABB9DC3B-1DF1-4B49-B33D-6DE83B905E30}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base24944\SC2.exe FirewallRules: [{54F8AD19-0AB9-4069-AC2F-52A30DADAD74}] => (Allow) C:\Program Files (x86)\StarCraft II\Versions\Base24944\SC2.exe FirewallRules: [{69A20172-5F8A-4DF5-AFD8-A2A0CAE87375}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{A9E56346-0F18-462A-B95B-1A34245E5ACC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{86E1765C-60CD-47B9-BEC9-3440861FF974}] => (Allow) D:\Programy\Video Download Capture\Video Download Capture.exe FirewallRules: [{DC31A287-0B8F-41ED-8DE1-390858627AF5}] => (Allow) D:\Programy\Video Download Capture\Video Download Capture.exe FirewallRules: [{F2137935-C96D-4DC5-A0BC-0FD122457899}] => (Allow) D:\Programy\Video Download Capture\ApowersoftSrv.dll FirewallRules: [{E51E5F50-AC5C-4177-A792-065DFA26322D}] => (Allow) D:\Programy\Video Download Capture\ApowersoftSrv.dll FirewallRules: [{7B81BCC1-2C5B-4D34-B804-8A29F8A37FB2}] => (Allow) D:\Programy\Video Download Capture\ApowersoftDump.dll FirewallRules: [{12DF6C02-54D1-472C-BE1A-5A6D3FEF4688}] => (Allow) D:\Programy\Video Download Capture\ApowersoftDump.dll FirewallRules: [{649F000C-A598-43DC-B3CC-9B8C5C493157}] => (Allow) D:\Programy\Video Download Capture\ApowersoftAC.dll FirewallRules: [{B89F70E4-3BAA-4488-AF45-D6798B1D5D77}] => (Allow) D:\Programy\Video Download Capture\ApowersoftAC.dll FirewallRules: [{92AA2B4D-54AA-4329-83B1-7C63554B5387}] => (Allow) D:\Programy\Video Download Capture\ApowersoftPlayer.dll FirewallRules: [{BF739319-2AA3-49B5-8E14-04B55E7C360C}] => (Allow) D:\Programy\Video Download Capture\ApowersoftPlayer.dll FirewallRules: [{06747E18-9D16-4BC5-9A87-47E96B40820F}] => (Allow) D:\Programy\Video Download Capture\ApowersoftDownloaderHelp.dll FirewallRules: [{F671A91F-9F44-421F-8F65-E39A58FF8E1A}] => (Allow) D:\Programy\Video Download Capture\ApowersoftDownloaderHelp.dll FirewallRules: [{A0BD7F22-524C-4069-A8A9-18F47060F313}] => (Allow) D:\Programy\Video Download Capture\ApowersoftHDSDump.dll FirewallRules: [{CF29E9CD-666C-42B2-BC76-0BA458359B40}] => (Allow) D:\Programy\Video Download Capture\ApowersoftHDSDump.dll FirewallRules: [{4A01C904-3F31-4B34-BD91-00DFC92E77D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{CDE40D1E-6C16-4A68-8FF9-69D56064C2C6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{FC871142-EAB3-449F-ACD9-065AFC443CC6}C:\program files (x86)\nero\nero 9\nero burning rom\nero.exe] => (Allow) C:\program files (x86)\nero\nero 9\nero burning rom\nero.exe FirewallRules: [UDP Query User{73F53A46-9D39-4DAA-A600-8E571864E4E2}C:\program files (x86)\nero\nero 9\nero burning rom\nero.exe] => (Allow) C:\program files (x86)\nero\nero 9\nero burning rom\nero.exe FirewallRules: [{264EE32E-A618-4C9D-BE09-5B1B3732847E}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe FirewallRules: [{700B23DD-4495-4A88-A2BD-CE7B09011D74}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe FirewallRules: [{DD621BC6-2964-44B4-BA55-53E2E27B95A4}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll FirewallRules: [{4593060D-0AAD-474B-81B0-BE77620DC600}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll FirewallRules: [{F7F525D9-D8D9-48AD-A16C-0BC5028901FD}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll FirewallRules: [{DF90178A-131C-4D96-A7A9-63410BCD0547}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll FirewallRules: [{8AFD662D-4D9D-41A7-8D94-42182627135A}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll FirewallRules: [{55688C2B-156A-4F6A-9C7E-B49E63E5A55E}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll FirewallRules: [{802DE193-69F1-4993-8794-2BEE3B8D769A}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll FirewallRules: [{7E600AB3-6A03-4B9E-81E4-444E6A2E37A4}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll FirewallRules: [{11D01885-8A16-497F-AB63-E88CA4622214}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll FirewallRules: [{5446B55A-24BA-4FEC-87CC-8D91E090B39E}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll FirewallRules: [{2E221952-BAA4-40C9-8C95-8E89CAB7CEE7}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll FirewallRules: [{CCDF78DF-2613-4C3C-B3A2-EF11BC929365}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll FirewallRules: [{7C870B29-B676-46D6-A052-929815C971D1}] => (Allow) C:\Program Files\K2T\WTW\wtw.exe FirewallRules: [{266F06B2-0DE9-424B-8F0A-81AA1D4EE3B7}] => (Allow) C:\Program Files\K2T\WTW\wtw.exe FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe FirewallRules: [{A88DCD9D-AC8A-4697-BFCF-9ED87C531C16}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE FirewallRules: [{65BBF5CE-B12C-4449-86E8-FECF7F95F77F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE FirewallRules: [{C765BE34-6E22-4D25-93E3-A46150D96DE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{60791A76-576A-4B2B-9772-374ED79CBD3D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{82B7AF76-E890-4E70-81AA-A47320386C8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{4212CD42-DFD5-4FFC-9905-25637338CD8B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{ED139C9B-9BDD-4E4B-8FB5-B52338C24BBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe ==================== Punkty Przywracania systemu ========================= 19-03-2016 10:07:07 Windows Update 19-03-2016 17:56:04 Windows Update 19-03-2016 20:07:33 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 20-03-2016 19:42:14 Windows Update 21-03-2016 15:47:29 SlimDrivers Installing Drivers 21-03-2016 15:49:11 Removed SlimDrivers 23-03-2016 19:32:58 Zainstalowane Brother Software Suite 24-03-2016 09:11:00 Windows Update 24-03-2016 21:58:16 Usunięte Brother Software Suite ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Power Control [2016/02/04 13:25:56] Description: Power Control [2016/02/04 13:25:56] Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: {09F57980-3432-4AFC-957D-27AC45FAE1F5} Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (03/25/2016 01:35:54 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/25/2016 09:15:25 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/24/2016 08:58:40 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/24/2016 08:57:27 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2016/03/24 20:57:27.379]: [00002676]: Initialize TwdsMain Class failed! Error: (03/24/2016 08:57:27 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2016/03/24 20:57:27.379]: [00002676]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (03/24/2016 08:57:27 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2016/03/24 20:57:27.379]: [00002676]: BrStiIf: GetDeviceList Failed! pStiInfo = 0x0.. Error: (03/24/2016 08:57:27 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2016/03/24 20:57:27.020]: [00002676]: Initialize TwdsMain Class failed! Error: (03/24/2016 08:57:27 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2016/03/24 20:57:27.020]: [00002676]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (03/24/2016 08:57:27 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2016/03/24 20:57:27.020]: [00002676]: GetDeviceList Failed! pStiInfo = 0x0.. Error: (03/24/2016 04:03:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Dziennik System: ============= Error: (03/25/2016 01:34:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Power Control [2016/02/04 13:25:56] z powodu następującego błędu: %%3 Error: (03/25/2016 01:34:25 PM) (Source: SNMP) (EventID: 1500) (User: ) Description: Usługa SNMP napotkała błąd podczas dostępu do klucza rejestru SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error: (03/25/2016 01:34:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi LiveUpdate z powodu następującego błędu: %%2 Error: (03/25/2016 01:34:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi CyberLink PowerDVD 13 Media Server Service z powodu następującego błędu: %%2 Error: (03/25/2016 01:34:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi CyberLink PowerDVD 13 Media Server Monitor Service z powodu następującego błędu: %%2 Error: (03/25/2016 09:32:16 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.215.2880.0). Error: (03/25/2016 09:15:06 AM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error: (03/25/2016 09:15:04 AM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk1\DR1 wystąpił zły blok. Error: (03/25/2016 09:13:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Power Control [2016/02/04 13:25:56] z powodu następującego błędu: %%3 Error: (03/25/2016 09:13:58 AM) (Source: SNMP) (EventID: 1500) (User: ) Description: Usługa SNMP napotkała błąd podczas dostępu do klucza rejestru SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. CodeIntegrity: =================================== Date: 2015-12-07 13:28:31.642 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18950_none_b542c5b2c8eaeeec\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-07 13:28:31.369 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18950_none_b542c5b2c8eaeeec\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-07 13:28:31.228 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18950_none_b542c5b2c8eaeeec\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-07 13:28:31.093 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.18950_none_b542c5b2c8eaeeec\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-07 13:28:30.627 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22943_none_b5da3161e1fdc1a3\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-07 13:28:30.392 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22943_none_b5da3161e1fdc1a3\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-07 13:28:30.217 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22943_none_b5da3161e1fdc1a3\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-07 13:28:30.109 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22943_none_b5da3161e1fdc1a3\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-07 13:28:29.879 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23002_none_b60448e9e1de6bca\appid.sys because the set of per-page image hashes could not be found on the system. Date: 2015-12-07 13:28:29.803 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23002_none_b60448e9e1de6bca\appid.sys because the set of per-page image hashes could not be found on the system. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM)2 Duo CPU E7200 @ 2.53GHz Procent pamięci w użyciu: 85% Całkowita pamięć fizyczna: 4094.49 MB Dostępna pamięć fizyczna: 594.43 MB Całkowita pamięć wirtualna: 8187.17 MB Dostępna pamięć wirtualna: 3532.18 MB ==================== Dyski ================================ Drive c: (SYSTEM) (Fixed) (Total:298.09 GB) (Free:151.64 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: (Nowy) (Fixed) (Total:931.51 GB) (Free:20.97 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 8D4A3253) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: C40CC40C) Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================