Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:25-05-2016 01 Uruchomiony przez Andrzej (2016-05-26 16:50:27) Uruchomiony z C:\Users\Andrzej\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2011-06-13 19:53:22) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1265772403-1215752451-2071767440-500 - Administrator - Disabled) Andrzej (S-1-5-21-1265772403-1215752451-2071767440-1000 - Administrator - Enabled) => C:\Users\Andrzej Gość (S-1-5-21-1265772403-1215752451-2071767440-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1265772403-1215752451-2071767440-1003 - Limited - Enabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: FortiClient AntiVirus (Enabled - Up to date) {385618A6-2256-708E-3FB9-7E98B93F91F9} AS: FortiClient AntiVirus (Enabled - Up to date) {8337F942-046C-7F00-0509-45EAC2B8DB44} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) 2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.43 - Adobe Systems Incorporated) Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Aktualizacje NVIDIA 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden Alice: Madness Returns (HKLM-x32\...\Alice: Madness Returns_is1) (Version: - ) ArcaVir x64 Prerequistes (x32 Version: 11.12.6401 - ArcaBit Sp. z o.o.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.288 - Electronic Arts, Inc.) FortiClient (HKLM\...\{A98353B4-1E25-44EC-BCC0-6F84D2F5F243}) (Version: 5.2.3.0633 - Fortinet Inc) GG (HKU\S-1-5-21-1265772403-1215752451-2071767440-1000\...\GG) (Version: 12 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden HP Deskjet 1050 J410 series — badanie mające na celu poprawę produktów (HKLM\...\{52A87876-4D1A-4524-9F06-53A490E6E34D}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet 1050 J410 series — podstawowe oprogramowanie urządzenia (HKLM\...\{B6A3D97D-484B-48B5-85C6-361D9FA25CDF}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet 1050 J410 series Pomoc (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden Java 7 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417017FF}) (Version: 7.0.170 - Oracle) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle) Java(TM) 6 Update 30 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416030FF}) (Version: 6.0.300 - Oracle) Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.370 - Oracle) K-Lite Codec Pack 9.5.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.5.5 - ) Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.309.1 - McAfee, Inc.) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Minecraft Auto wersja 1.0 (HKLM-x32\...\{65356EEA-6ABF-437B-A7C7-5AAA0C6086F2}_is1) (Version: 1.0 - hajducek) NapiProjekt 1.0.6.9 (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Need for Speed™ SHIFT (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts) Nero 7 Essentials (HKLM-x32\...\{8E72B982-D54F-486F-B35A-C24B6F171045}) (Version: 7.03.0581 - Nero AG) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.5 - ) NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation) OpenFM (HKU\S-1-5-21-1265772403-1215752451-2071767440-1000\...\OpenFM) (Version: 2 - GG Network S.A.) Pakiet zgodności dla systemu Office 2007 (HKLM-x32\...\{90120000-0020-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Panel sterowania NVIDIA 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6368 - Realtek Semiconductor Corp.) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12064_10 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.3.2.12064_10 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG PC Share Manager (HKLM-x32\...\InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}) (Version: 4.0 - SAMSUNG) SAMSUNG PC Share Manager (x32 Version: 4.0 - SAMSUNG) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.) Sevroll Compositor 4.3 (HKLM-x32\...\{0D6C898B-6C07-4F83-93C0-A061A536B602}) (Version: 4.3.0 - SEVROLL-SYSTEM Sp.z o.o.) SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Skype™ 7.23 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.) Stronghold Kingdoms (HKLM-x32\...\{D1D632A2-E249-466D-A094-B1B934D37645}_is1) (Version: 1.17 - Firefly Studios) TP-LINK Wireless Client Utility (HKLM-x32\...\{1E58B969-9BB4-4012-8D8B-D06005D1CD24}) (Version: 7.0 - TP-LINK) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN) Watchtower Library 2015 - wydanie polskie (HKLM-x32\...\{C1D7B7FF-CE20-45A8-B58B-6600DC10F91B}) (Version: 17.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.) Winamp (HKLM-x32\...\Winamp) (Version: 5.56 - Nullsoft, Inc) WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1265772403-1215752451-2071767440-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Andrzej\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1AA1CEF5-7727-4164-843A-6D586D7DCA85} - System32\Tasks\{ACFC21B4-ABA2-4D9D-AFCC-232C2955BED9} => pcalua.exe -a H:\GSetup.exe Task: {37881D7A-B7EC-4287-BDDC-B6F81306A7F4} - System32\Tasks\{E1C9F213-AF4C-42F6-A2BD-0CD058F34A7F} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/pl/abandoninstall?page=tsMain Task: {41DB3C2B-DAFE-4640-B444-D4C4891784F2} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.) Task: {4DB6478E-2243-47C7-926D-BAFAF9FC1E5F} - System32\Tasks\{CFF4AD88-7116-47EE-A848-3C4A655F737F} => pcalua.exe -a H:\EasySetupAssistant\wr741n\EasySetupAssistant.exe Task: {5C8335E1-1677-4F25-9BE5-C0E913E7861C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {613BF7E6-8ECB-4BD9-A218-BAA0E1305C19} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {7AB75A68-4622-40A5-A894-C3129737ED61} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation) Task: {7C99C2EF-F7DD-4ED1-A6B8-DB29A82C654F} - System32\Tasks\{C782DCA3-533E-4828-867C-41D876CD947F} => pcalua.exe -a C:\Users\Andrzej\Downloads\avira_antivir_premium_en.exe -d C:\Users\Andrzej\Desktop Task: {80B9FE76-3251-49E0-A4EA-EBB217A0212E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd) Task: {966967FD-4A33-49E3-A278-503CC02E60EA} - System32\Tasks\{C1724D0D-59C9-49C7-8262-95BD9505BD6D} => pcalua.exe -a "C:\Users\Andrzej\Desktop\WinAvi Video Converter 8.0 [PL]\Polski_WinAvi_Conv(dobreprogramy.pl).exe" -d "C:\Users\Andrzej\Desktop\WinAvi Video Converter 8.0 [PL]" Task: {9B7BDC01-B716-4D04-8079-562CD67BF287} - System32\Tasks\{312BC826-1579-4077-9AE5-BCA069CA10ED} => C:\Users\Andrzej\AppData\Local\Temp\ICReinstall_MediaPlayerSetup.exe <==== UWAGA Task: {AA71B19F-6D24-41CC-867E-D638F4972B79} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {B0FF076C-842C-4133-AE26-82A42568FEBA} - System32\Tasks\{3757F74B-C1D1-4719-9A36-7B305E78E41E} => pcalua.exe -a C:\Users\Andrzej\Downloads\ClonePlus_Update_3600\setup.exe -d C:\Users\Andrzej\Downloads\ClonePlus_Update_3600 Task: {BC43FC41-9B52-4875-B3AD-27A52CFB61CA} - System32\Tasks\{4C3251CC-13EA-4135-B7B5-20F52B4E085A} => pcalua.exe -a C:\Users\Andrzej\Desktop\CT3031817_SFT_Polska.exe -d C:\Users\Andrzej\Desktop (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ShortcutWithArgument: C:\Users\Andrzej\Desktop\vod.tvp.pl - Telewizja Polska S.A_.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://vod.tvp.pl/seriale/obyczajowe/wspaniale-stulecie ==================== Załadowane moduły (filtrowane) ============== 2012-02-21 16:44 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll 2012-07-16 13:24 - 2012-07-16 13:24 - 00021432 _____ () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe 2015-01-19 16:21 - 2015-01-19 16:21 - 00464402 _____ () C:\Program Files (x86)\Fortinet\FortiClient\sqlite3.dll 2014-05-27 12:45 - 2014-05-27 12:45 - 00115137 ____N () C:\Users\Andrzej\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [226] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-1265772403-1215752451-2071767440-1000\...\internet -> internet IE trusted site: HKU\S-1-5-21-1265772403-1215752451-2071767440-1000\...\mcafee.com -> hxxp://mcafee.com IE trusted site: HKU\S-1-5-21-1265772403-1215752451-2071767440-1000\...\mcafee.com -> hxxps://mcafee.com ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2016-04-07 20:15 - 00000857 ____A C:\Windows\system32\Drivers\etc\hosts 0.0.0.1 mssplus.mcafee.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1265772403-1215752451-2071767440-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 194.204.159.1 - 194.204.152.34 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: ArcaClean => C:\Program Files\ArcaBit\arcavir\arcaclean.exe MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" MSCONFIG\startupreg: EA Core => "D:\EADM\Core.exe" -silent MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Lync => "C:\Program Files\Microsoft Office\Office15\lync.exe" /fromrunkey MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{51387B62-F332-4613-99A3-085613AD55D2}] => (Allow) C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe FirewallRules: [{288A4EFE-EDEE-450F-843C-F7BFBD6C6515}] => (Allow) C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe FirewallRules: [{596BDD7D-4221-44E4-8F19-41491D38336C}] => (Allow) C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe FirewallRules: [{A39504EC-A854-41B4-976F-EF008798C543}] => (Allow) C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe FirewallRules: [TCP Query User{E63D2F9E-9254-4471-AA0B-D921C15D4006}C:\users\andrzej\appdata\roaming\torrius\engine\torreador.exe] => (Allow) C:\users\andrzej\appdata\roaming\torrius\engine\torreador.exe FirewallRules: [UDP Query User{F5E160A1-48F1-4012-82FA-B470E19A1731}C:\users\andrzej\appdata\roaming\torrius\engine\torreador.exe] => (Allow) C:\users\andrzej\appdata\roaming\torrius\engine\torreador.exe FirewallRules: [{2D1C2F3D-E214-491F-B250-D471F7117C5F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{536A35BC-E1F2-47B1-ABC4-0134939E19AF}] => (Allow) LPort=2869 FirewallRules: [{A5CC0015-E8F7-4A30-8931-AFFDC13827F7}] => (Allow) LPort=1900 FirewallRules: [{182B31AF-5A58-43DB-B0E9-1F3A6F1CC22E}] => (Allow) C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe FirewallRules: [{9336CC03-FF40-42A5-A05E-59FD4735AC9A}] => (Allow) C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe FirewallRules: [{4EA751A1-8D6D-4215-87E6-18EFC58A519F}] => (Allow) C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe FirewallRules: [{F1F0781B-0C68-4F68-A8EB-0537E8957842}] => (Allow) C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe FirewallRules: [{2B5E7CBC-F4C2-464E-9A41-823DDD7BF5D8}] => (Allow) LPort=50001 FirewallRules: [{B94907EF-E09D-47AB-8794-A5A31302D820}] => (Allow) LPort=50000 FirewallRules: [{661F6A4B-55E8-4F7E-91B2-3580D4D7C127}] => (Allow) LPort=50000 FirewallRules: [{C0394553-C068-419A-8D81-32AE00592F0F}] => (Allow) LPort=50001 FirewallRules: [{68F4E6AC-F9AD-4F9A-88F5-169AF6320AD8}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{0E3C3A50-306D-49A9-A351-A7D6D388CB42}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [TCP Query User{2026517E-CC85-49E6-96F8-1FD539DB3A93}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe FirewallRules: [UDP Query User{EC213A39-5503-4894-9983-CF1B447D5394}C:\program files\java\jre6\bin\java.exe] => (Allow) C:\program files\java\jre6\bin\java.exe FirewallRules: [TCP Query User{743DE076-FA96-42BB-A18A-C1E5A36251EC}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe FirewallRules: [UDP Query User{05A097C1-197E-4D03-9D47-9FD6DAA1E550}C:\program files\java\jre6\bin\javaw.exe] => (Allow) C:\program files\java\jre6\bin\javaw.exe FirewallRules: [{C613029B-0D7C-41CF-ADE5-DEA28954921F}] => (Allow) LPort=50003 FirewallRules: [{89F45384-7822-4390-B4E8-DF3F5839CF02}] => (Allow) LPort=50003 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [{BF0BF06F-B590-4088-A5CE-534E8FD5F10F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{46C7CA06-57A2-4681-B8EC-647FF114F434}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{C2085DC1-394A-4048-BCE4-6A9305AFB700}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8CE61286-63D3-4AFF-9F38-50F4387280D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{B9A45F55-DBF8-463C-8AF0-1F652BE7B5A7}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe FirewallRules: [{72F04556-29A0-4CB4-B960-55E1933569AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{340DB503-949D-417B-B47F-9E428FD35FDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{AF2C883A-D505-40A2-B83B-CF501EA5B2E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{93498C53-64E1-4E88-BCDC-F6B2290C45A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{DE6D874D-9232-4E1C-BD42-58F7CEB7AEC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{BBE9D832-01EA-4107-A583-437DC3CB179B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{70DDCF2B-F325-4809-B0CA-D03CC5A64B97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{0F9BB2CD-1178-4787-8C57-C33946630B0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{BB20C9BD-08E1-4084-B998-283F23C8688E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{C033DA6D-956A-4C68-94DD-DD5DE9C37E94}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{D5D70844-56F0-4D08-BA78-C2FC99E8A43C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{1CC0A795-7753-4BD2-AC52-CF8F169FD95F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{83767B7A-37BB-4257-A215-49A12DF94E12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{371CE7F9-C5E9-4DAC-A705-5B0D79803BDE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{3FE4217A-2883-467F-B8DE-553FDD25E6BA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{DC47770F-B0F3-45F7-BAB7-DD8882E694AE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{5EEE45B9-7704-43C0-B933-F330970473D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{758D9873-5265-47BE-814E-E623B35506A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{B06ED85A-6698-4CE4-B759-1C771C742F06}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{08564EA5-79A7-4D2F-8923-9D5AC5166DB2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{3A3F5284-11A9-48FF-9190-243258714471}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{02F705BA-A7A7-46CB-8F2F-02ECFF17213F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{4A69CF0C-3BB3-4220-9A7B-4D8CDEA3B57F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{A3797FD0-3CBA-4C56-B2AB-2935006CD542}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{981EBF87-D947-4BA8-8B9F-896EA0929509}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [TCP Query User{AF59CF5B-47E7-4BD5-A118-6298D43FAA10}D:\eadm\core.exe] => (Allow) D:\eadm\core.exe FirewallRules: [UDP Query User{FB3A5B36-C359-4438-BEE5-A1F45D2AFC44}D:\eadm\core.exe] => (Allow) D:\eadm\core.exe FirewallRules: [TCP Query User{5ACB375D-94B2-4D9B-A3D7-6A3E96BC9646}D:\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) D:\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe FirewallRules: [UDP Query User{78CD087D-7453-45F8-9283-1B5D30CFB438}D:\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) D:\alice madness returns\alice2\binaries\win32\alicemadnessreturns.exe FirewallRules: [{340F7D1C-6CC3-4FAE-AD50-8A640CEE0A2B}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe FirewallRules: [{71BD876F-0942-41DF-8EC6-369DD3DEB224}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\ipsec.exe FirewallRules: [{B79B8A40-9284-4889-867E-D720E1E59156}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiWad.exe FirewallRules: [{D2A93871-FDF2-4F46-9F41-BF9EA266D0A2}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortiesnac.exe FirewallRules: [{B9A5D968-219C-4423-84B6-A217C8EC5FAF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= 15-05-2016 12:58:01 Zainstalowany program DirectX 22-05-2016 20:13:41 Zaplanowany punkt kontrolny 26-05-2016 16:38:07 Removed Java 7 Update 17 (64-bit) ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (05/26/2016 12:04:37 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (05/20/2016 04:36:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: wmprph.exe, wersja: 12.0.7600.16385, sygnatura czasowa: 0x4a5bd018 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7601.23418, sygnatura czasowa: 0x5708a857 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000048d84 Identyfikator procesu powodującego błąd: 0x1a74 Godzina uruchomienia aplikacji powodującej błąd: 0xwmprph.exe0 Ścieżka aplikacji powodującej błąd: wmprph.exe1 Ścieżka modułu powodującego błąd: wmprph.exe2 Identyfikator raportu: wmprph.exe3 Error: (05/11/2016 10:55:02 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (05/09/2016 10:46:58 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Dziennik System: ============= Error: (05/26/2016 04:46:38 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\CdRom0. Error: (05/26/2016 04:27:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą NVIDIA Streamer Service. Error: (05/26/2016 04:26:42 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: ZARZĄDZANIE NT) Description: Usługa Harmonogram zadań nie może załadować zadań podczas uruchamiania usługi. Dane dodatkowe: Wartość błędu: 2147549183. Error: (05/26/2016 12:04:27 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (05/26/2016 11:56:48 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: ZARZĄDZANIE NT) Description: Usługa Harmonogram zadań nie może załadować zadań podczas uruchamiania usługi. Dane dodatkowe: Wartość błędu: 2147549183. Error: (05/25/2016 03:43:55 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: ) Description: Oprogramowanie układowe platformy spowodowało uszkodzenie pamięci podczas poprzedniego przejścia do innego trybu zasilania systemu. Sprawdź dostępność zaktualizowanego oprogramowania układowego przeznaczonego do tego systemu. Error: (05/25/2016 02:59:47 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: ZARZĄDZANIE NT) Description: Usługa Harmonogram zadań nie może załadować zadań podczas uruchamiania usługi. Dane dodatkowe: Wartość błędu: 2147549183. Error: (05/24/2016 11:53:15 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (05/24/2016 10:32:42 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi Netman. Error: (05/24/2016 07:32:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi IPBusEnum. CodeIntegrity: =================================== Date: 2012-11-28 19:30:56.779 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\mks_vir_9\bin\mksmonfd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-11-28 19:30:56.613 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\mks_vir_9\bin\mksmonfd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-11-28 19:07:25.025 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\mks_vir_9\bin\mksmonfd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-11-28 19:07:24.843 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\mks_vir_9\bin\mksmonfd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-11-28 18:56:39.632 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\mks_vir_9\bin\mksmonfd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-11-28 18:56:39.451 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\mks_vir_9\bin\mksmonfd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz Procent pamięci w użyciu: 45% Całkowita pamięć fizyczna: 4094.49 MB Dostępna pamięć fizyczna: 2233.45 MB Całkowita pamięć wirtualna: 8187.17 MB Dostępna pamięć wirtualna: 6317.4 MB ==================== Dyski ================================ Drive c: (SYSTEM) (Fixed) (Total:98.63 GB) (Free:5.23 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] Drive d: (programy) (Fixed) (Total:196.29 GB) (Free:131.46 GB) NTFS Drive e: (mkv) (Fixed) (Total:196.29 GB) (Free:185.57 GB) NTFS Drive f: (filmy) (Fixed) (Total:196.29 GB) (Free:183.21 GB) NTFS Drive g: (zapasowy) (Fixed) (Total:244.01 GB) (Free:242.59 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0FBBCF76) Partition 1: (Active) - (Size=98.6 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=832.9 GB) - (Type=OF Extended) ==================== Koniec Addition.txt ============================