Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x86) Wersja:05-03-2016 01 Uruchomiony przez F (2016-03-27 09:22:33) Uruchomiony z C:\Users\F\Desktop Microsoft Windows 7 Professional Service Pack 1 (X86) (2012-12-28 15:47:54) Tryb startu: Safe Mode (with Networking) ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3811378809-90562482-1901480312-500 - Administrator - Disabled) F (S-1-5-21-3811378809-90562482-1901480312-1000 - Administrator - Enabled) => C:\Users\F Gość (S-1-5-21-3811378809-90562482-1901480312-501 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET NOD32 Antivirus 4.0 (Enabled - Out of date) {CB0F8167-5331-BA19-698E-64816B6801A5} AS: ESET NOD32 Antivirus 4.0 (Enabled - Out of date) {706E6083-750B-B597-533E-5FF310EF4B18} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{EAB74CB6-760C-2136-FC77-9549721FB84A}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) ESET NOD32 Antivirus (HKLM\...\{09C85E5A-3E10-4268-904C-BACEF16ECEF0}) (Version: 4.0.314.0 - Eset spol s r. o.) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Max Payne 3 (HKLM\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games) Microsoft DirectX SDK (June 2010) (HKLM\...\Microsoft DirectX SDK (June 2010)) (Version: 9.29.1962.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE (HKLM\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{DCFD26A8-60A5-4C69-A52D-264D0386FDB3}) (Version: 1.20.146.0 - Microsoft) NVIDIA PhysX (HKLM\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation) PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Rockstar Games Social Club (HKLM\...\Rockstar Games Social Club) (Version: 1.0.9.5 - Rockstar Games) Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited) WinRAR 5.10 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-3811378809-90562482-1901480312-1000_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> E:\HAWX2\orbit\npuplaypc.dll => Brak pliku ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {E6233618-353A-47FF-98BF-AA69CAF12412} - System32\Tasks\XboxStatTask => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe [2009-09-30] (Microsoft Corporation) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== ==================== Alternate Data Streams (filtrowane) ========= ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3811378809-90562482-1901480312-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\F\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: Urządzenie nie jest podłączone do internetu. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{B542F44D-74C0-4909-A7EE-834CE435C885}] => (Allow) C:\Windows\System32\PnkBstrA.exe FirewallRules: [{0D4FBB7F-2344-4675-AD59-27F4A13E8FF5}] => (Allow) C:\Windows\System32\PnkBstrA.exe FirewallRules: [{B4EE8450-7D09-4BF4-9E98-E20338175C96}] => (Allow) C:\Windows\System32\PnkBstrB.exe FirewallRules: [{90F059BC-4AFC-4713-9F76-07A69BDEB7B7}] => (Allow) C:\Windows\System32\PnkBstrB.exe FirewallRules: [TCP Query User{3E58B903-E3AA-4B4E-B048-2B5E493CAC23}E:\call of duty - black ops ii\t6sp.exe] => (Block) E:\call of duty - black ops ii\t6sp.exe FirewallRules: [UDP Query User{C8CCE4B4-F718-43BF-8283-5C4DF1B6BEDE}E:\call of duty - black ops ii\t6sp.exe] => (Block) E:\call of duty - black ops ii\t6sp.exe FirewallRules: [TCP Query User{FFB59613-5DFA-4D4C-BEBE-F22A5576C9B8}E:\max payne 3\maxpayne3.exe] => (Allow) E:\max payne 3\maxpayne3.exe FirewallRules: [UDP Query User{07B89C99-50D6-4065-A7C2-C187CCDFB869}E:\max payne 3\maxpayne3.exe] => (Allow) E:\max payne 3\maxpayne3.exe FirewallRules: [TCP Query User{685256B2-C0D1-42FE-A24A-C0B77E33066E}E:\company of heroes 2\reliccoh2.exe] => (Allow) E:\company of heroes 2\reliccoh2.exe FirewallRules: [UDP Query User{CBEBF7DE-A36C-4158-8513-BDBD4F33481D}E:\company of heroes 2\reliccoh2.exe] => (Allow) E:\company of heroes 2\reliccoh2.exe FirewallRules: [{CBB0D593-0359-4E4E-A0E8-E758BF1B9D9F}] => (Allow) E:\Assassin's Creed Rogue\ACC.exe FirewallRules: [{40AA3B0D-E578-438B-A4FA-7F137686760E}] => (Allow) E:\Assassin's Creed Rogue\ACC.exe ==================== Punkty Przywracania systemu ========================= 26-03-2016 22:41:53 Removed L.A. Noire 26-03-2016 22:42:37 Removed Tom Clancy's Splinter Cell Conviction 26-03-2016 22:43:54 Removed Ubisoft Game Launcher ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: ehdrv Description: ehdrv Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ehdrv Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Security Processor Loader Driver Description: Security Processor Loader Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: spldr Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (03/27/2016 09:20:23 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/26/2016 11:24:41 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/26/2016 10:40:45 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/26/2016 09:44:04 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program iexplore.exe w wersji 9.0.8112.16446 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: a10 Godzina rozpoczęcia: 01d18797b8a9bcb3 Godzina zakończenia: 15 Ścieżka aplikacji: C:\Program Files\Internet Explorer\iexplore.exe Identyfikator raportu: Error: (03/26/2016 09:15:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/26/2016 08:06:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/14/2016 09:21:48 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/27/2016 03:11:40 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/06/2016 08:09:31 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/30/2015 10:33:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Dziennik System: ============= Error: (03/27/2016 09:18:54 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (03/27/2016 09:18:54 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (03/27/2016 09:18:53 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (03/27/2016 09:18:47 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: discache ehdrv spldr Wanarpv6 Error: (03/27/2016 09:18:47 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC} Error: (03/26/2016 11:23:15 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (03/26/2016 11:23:15 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (03/26/2016 11:23:14 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (03/26/2016 11:23:08 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC} Error: (03/26/2016 11:23:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: discache ehdrv spldr Wanarpv6 ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM)2 Duo CPU E7400 @ 2.80GHz Procent pamięci w użyciu: 30% Całkowita pamięć fizyczna: 2047.12 MB Dostępna pamięć fizyczna: 1425.97 MB Całkowita pamięć wirtualna: 4094.23 MB Dostępna pamięć wirtualna: 3497 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:58.59 GB) (Free:45.79 GB) NTFS Drive d: () (Fixed) (Total:58.59 GB) (Free:29.94 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] Drive e: () (Fixed) (Total:348.56 GB) (Free:347.04 GB) NTFS Drive f: (Hello Kitty's PL.092) (CDROM) (Total:2.99 GB) (Free:0 GB) UDF ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F155B577) Partition 1: (Active) - (Size=58.6 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=407.2 GB) - (Type=OF Extended) ==================== Koniec Addition.txt ============================