Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 21-12-2016 Uruchomiony przez Andrzej (30-12-2016 09:58:35) Uruchomiony z D:\FarbarRecoveryScanTool Windows 7 Professional Service Pack 1 (X64) (2016-09-25 07:42:24) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1434517519-2506760423-1483115134-500 - Administrator - Disabled) Andrzej (S-1-5-21-1434517519-2506760423-1483115134-1000 - Administrator - Enabled) => C:\Users\Andrzej Gość (S-1-5-21-1434517519-2506760423-1483115134-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1434517519-2506760423-1483115134-1002 - Limited - Enabled) UpdatusUser (S-1-5-21-1434517519-2506760423-1483115134-1003 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1434517519-2506760423-1483115134-1000\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated) Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated) AutoHotkey 1.1.24.01 (HKLM-x32\...\AutoHotkey) (Version: 1.1.24.01 - Lexikos) Brother MFL-Pro Suite DCP-J315W (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 2.0.0.0 - Brother Industries, Ltd.) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP) Dell System Detect (HKU\S-1-5-21-1434517519-2506760423-1483115134-1000\...\58d94f3ce2c27db0) (Version: 7.9.0.10 - Dell) Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.) Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell) Future Wars (HKLM\...\Steam App 46440) (Version: - Headup Games / Radon Labs) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games) Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Heroes of Might and Magic III HD Edition (HKLM-x32\...\SGVyb2Vzb2ZNaWdodGFuZE1hZ2ljSUlJSERFZGl0aW9u_is1) (Version: 1 - ) HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.6.4 - Hi-Rez Studios) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation) LibreOffice 5.2.3.3 (HKLM-x32\...\{30605C95-A3A0-4A08-AD58-9AE7ABA47B70}) (Version: 5.2.3.3 - The Document Foundation) Malwarebytes (wersja 3.0.5.1299) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) MTA:SA v1.5.2 (HKLM-x32\...\MTA:SA 1.5) (Version: v1.5.2 - Multi Theft Auto) NVIDIA Oprogramowanie systemu PhysX 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation) NVIDIA Sterownik graficzny 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 311.06 - NVIDIA Corporation) Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios) Panel sterowania NVIDIA 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6554 - Realtek Semiconductor Corp.) Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios) Sid Meiers Civilization VI (HKLM-x32\...\Sid Meiers Civilization VI_is1) (Version: - ) Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.) State of Decay Year-One (HKLM-x32\...\State of Decay Year-One_is1) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) The Elder Scrolls V Skyrim - Legendary Edition (HKLM-x32\...\The Elder Scrolls V Skyrim - Legendary Edition_is1) (Version: - ) uRage Reaper 3090 Gaming Mouse Driver (HKLM-x32\...\{ADCE5F0E-DB9D-4B98-8306-9D5DD593BC8A}) (Version: - ) WinRAR 5.40 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) World of Tanks (HKU\S-1-5-21-1434517519-2506760423-1483115134-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {0E159C0E-7CD2-41FA-BEE5-3C00F2FCAA29} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-25] (Adobe Systems Incorporated) Task: {0FF9BA4A-2F5B-4C86-91A8-F851D08D5429} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-29] (Google Inc.) Task: {4A763690-F5FE-4B26-8336-C05F436C79CB} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe [2016-12-25] (Adobe Systems Incorporated) Task: {4C38859F-97A9-47FD-9789-255339635D80} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated) Task: {6566CA38-1877-4183-8ADC-91807A77773D} - \Driver Booster SkipUAC (Andrzej) -> Brak pliku <==== UWAGA Task: {7BBC4025-6615-4B4D-AD1E-50C8E5550191} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-29] (Google Inc.) Task: {A1FF0FCC-CEAD-41EA-AA56-445502EF4B9A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-09-25] (AVAST Software) Task: {BAFC3BEF-1058-4795-9C25-048BE16A4C30} - \{082BAA99-0040-47ED-8E00-5A1B7455D8F1} -> Brak pliku <==== UWAGA Task: {D9A0FC9F-AE5C-4464-9458-F4D5E9BACD45} - System32\Tasks\Microsoft\Windows\Multimedia\Manager => C:\Users\Andrzej\AppData\Roaming\Adobe\Manager.exe (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) WMI_ActiveScriptEventConsumer_ASEC: <===== UWAGA ==================== Załadowane moduły (filtrowane) ============== 2016-09-25 13:10 - 2013-01-18 16:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-11-25 07:16 - 2016-11-25 07:16 - 00192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe 2016-09-28 07:50 - 2005-04-22 05:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll 2016-12-29 14:28 - 2016-12-14 12:55 - 02259232 _____ () D:\ADW\ANTI-MALWARE\PoliciesControllerImpl.dll 2016-12-29 14:28 - 2016-12-14 12:55 - 02247632 _____ () D:\ADW\ANTI-MALWARE\MwacLib.dll 2016-12-29 14:28 - 2016-12-14 12:55 - 02813904 _____ () D:\ADW\ANTI-MALWARE\arwlib.dll 2016-09-26 00:43 - 2013-03-01 08:34 - 00184320 _____ () C:\Program Files (x86)\uRage Reaper 3090 Gaming Mouse\Monitor.EXE 2016-09-26 00:43 - 2013-03-01 08:34 - 00057344 _____ () C:\Program Files (x86)\uRage Reaper 3090 Gaming Mouse\lan.dll 2016-10-14 16:26 - 2016-10-14 16:26 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9494e643d25019b25b5cf70f2ffc0778\IsdiInterop.ni.dll 2016-09-25 13:11 - 2012-02-01 15:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2016-09-25 13:05 - 2011-12-16 16:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) AlternateDataStreams: C:\ProgramData:NT [40] AlternateDataStreams: C:\ProgramData:NT2 [348] AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x64.sys [80850] AlternateDataStreams: C:\Windows\system32\drivers:x64 [364744] AlternateDataStreams: C:\Windows\system32\drivers:x86 [1176354] AlternateDataStreams: C:\Users\All Users:NT [40] AlternateDataStreams: C:\Users\All Users:NT2 [348] AlternateDataStreams: C:\ProgramData\Application Data:NT [40] AlternateDataStreams: C:\ProgramData\Application Data:NT2 [348] AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT [40] AlternateDataStreams: C:\ProgramData\Dane aplikacji:NT2 [348] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40] AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [348] AlternateDataStreams: C:\Users\Andrzej\Dane aplikacji:NT [40] AlternateDataStreams: C:\Users\Andrzej\Dane aplikacji:NT2 [348] AlternateDataStreams: C:\Users\Andrzej\AppData\Roaming:NT [40] AlternateDataStreams: C:\Users\Andrzej\AppData\Roaming:NT2 [348] ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) IE trusted site: HKU\S-1-5-21-1434517519-2506760423-1483115134-1000\...\dell.com -> dell.com ==================== Hosts - zawartość: ========================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 03:34 - 2016-12-29 14:34 - 00000888 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 v1.ff.avast.com 127.0.0.1 vlcproxy.ff.avast.com ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1434517519-2506760423-1483115134-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Andrzej\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 188.125.128.2 - 78.28.48.9 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun MSCONFIG\startupreg: Gaijin.Net Agent => "C:\Users\Andrzej\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe" MSCONFIG\startupreg: GalaxyClient => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart MSCONFIG\startupreg: Malwarebytes TrayApp => D:\ADW\ANTI-MALWARE\mbamtray.exe MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Steam => "Q:\STEAM\Main\steam.exe" -silent MSCONFIG\startupreg: World of Tanks => "Q:\WoT\World_of_Tanks\WargamingGameUpdater.exe" ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe FirewallRules: [{A03F37AC-1E8B-4134-9E97-10645C447A24}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{F78B2359-8291-460C-BBAF-3F95981A8ABD}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{FFE5EA11-ACDA-413A-A0A1-9574CFBC102D}] => C:\Users\Andrzej\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7A9DB2FB-6FE2-43E2-9CC0-AB03381B4A93}] => C:\Users\Andrzej\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7B510A45-553E-4178-ACD1-9377A82FF1F7}] => C:\Users\Andrzej\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B2533C7F-26DE-4447-9FDD-3E698CA3EFE4}] => C:\Users\Andrzej\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2F98CF27-08E7-46B4-A1FF-921481DAD7A7}] => C:\Users\Andrzej\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{83BCE269-752A-44E3-872D-B44922A609B4}] => C:\Users\Andrzej\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0CBB430D-84DF-47D6-923B-FB3669D3C498}] => Q:\STEAM\Main\Steam.exe FirewallRules: [{C40A490C-43A2-4386-AEB5-E82295A644ED}] => Q:\STEAM\Main\Steam.exe FirewallRules: [{0ED656C8-CBA0-42BA-A4E7-5A38A241094B}] => Q:\STEAM\Main\bin\steamwebhelper.exe FirewallRules: [{7D8DA305-3856-423A-A630-EB4502A227F3}] => Q:\STEAM\Main\bin\steamwebhelper.exe FirewallRules: [{F8C73616-911A-4B0B-AABE-EF9755E9CFD2}] => Q:\STEAM\Main\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{BF03AA97-0EA6-4747-ADE1-F3A466BB7DA6}] => Q:\STEAM\Main\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{EB5996F1-816C-48ED-9CEA-F99540298787}] => Q:\STEAM\Main\steamapps\common\Rust\Rust.exe FirewallRules: [{0B0D2E57-6BE0-4CF4-B8B5-B2BC1F9299DF}] => Q:\STEAM\Main\steamapps\common\Rust\Rust.exe FirewallRules: [{F1321DFA-060D-4C9A-9009-C3E98B21BDB3}] => C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{2F7A6461-CB83-407F-BF4E-0A78B4C6E7DE}] => Q:\STEAM\Main\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [{088F77B0-8F79-4228-9623-FC29C10DB673}] => Q:\STEAM\Main\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [{E56CADFB-B657-4A9B-8B9F-6F0AC3B8145F}] => Q:\WoT\World_of_Tanks\WoTLauncher.exe FirewallRules: [{BC4AC6AB-CB31-4C68-ACB0-15FE16BBB794}] => Q:\WoT\World_of_Tanks\WoTLauncher.exe FirewallRules: [{0F989B83-48F8-453A-9A41-ED7D0FC597B8}] => Q:\WoT\World_of_Tanks\worldoftanks.exe FirewallRules: [{CA679190-AD5B-4B3D-93A9-B3CF84EC7DBD}] => Q:\WoT\World_of_Tanks\worldoftanks.exe FirewallRules: [{F3B9C64A-EF21-4006-A493-CFDAF60C5E0D}] => LPort=54925 FirewallRules: [TCP Query User{A0870B3E-8336-431C-8591-CDE3D15BC539}Q:\duelofchampions\mmdoc-pdclive\launcher.exe] => Q:\duelofchampions\mmdoc-pdclive\launcher.exe FirewallRules: [UDP Query User{63A7F51A-F2A5-4878-89D2-B23C40E19F1D}Q:\duelofchampions\mmdoc-pdclive\launcher.exe] => Q:\duelofchampions\mmdoc-pdclive\launcher.exe FirewallRules: [TCP Query User{1167B068-BA0F-444D-AB5D-4BD325ED7A24}Q:\duelofchampions\mmdoc-pdclive\gamedata\game.exe] => Q:\duelofchampions\mmdoc-pdclive\gamedata\game.exe FirewallRules: [UDP Query User{F585DEF3-5712-4FA6-AF1C-81D88778EA27}Q:\duelofchampions\mmdoc-pdclive\gamedata\game.exe] => Q:\duelofchampions\mmdoc-pdclive\gamedata\game.exe FirewallRules: [TCP Query User{E326EB4C-5330-4445-BE92-C32946B38CC1}Q:\steam\main\steamapps\common\paladins\binaries\win32\paladins.exe] => Q:\steam\main\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{793D244E-E45F-4613-8027-F17C47505A93}Q:\steam\main\steamapps\common\paladins\binaries\win32\paladins.exe] => Q:\steam\main\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [TCP Query User{F52D8B4B-CBC1-438D-BD49-85960F555E8F}C:\program files (x86)\gog galaxy\games\gwent\gwent.exe] => C:\program files (x86)\gog galaxy\games\gwent\gwent.exe FirewallRules: [UDP Query User{EB7A803D-5430-4248-8562-DA22D7E1593A}C:\program files (x86)\gog galaxy\games\gwent\gwent.exe] => C:\program files (x86)\gog galaxy\games\gwent\gwent.exe FirewallRules: [TCP Query User{F35486B3-95F7-42A3-A300-9DB45154A269}Q:\civilization 6\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe] => Q:\civilization 6\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe FirewallRules: [UDP Query User{C78355B2-3E39-4DFE-A5B9-F6A7537B15CB}Q:\civilization 6\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe] => Q:\civilization 6\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe FirewallRules: [{33D319B5-9DC0-44F1-9311-706CA45385F6}] => Q:\STEAM\Main\steamapps\common\Future Wars\bin\win32\futurewars.exe FirewallRules: [{B643B45E-1B02-4785-8CBF-8FF0F1B4BA18}] => Q:\STEAM\Main\steamapps\common\Future Wars\bin\win32\futurewars.exe FirewallRules: [{B507F215-FAE4-4BF6-B3EF-05D2496E712F}] => Q:\STEAM\Main\steamapps\common\Future Wars\bin\win32\Leveleditor.exe FirewallRules: [{DFD5B4D1-A776-4A08-863D-A15239DAB51C}] => Q:\STEAM\Main\steamapps\common\Future Wars\bin\win32\Leveleditor.exe FirewallRules: [{168BE8B4-96DD-4921-90A0-7BFB97EBF999}] => Q:\STEAM\Main\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B941D500-C92F-47E0-85CF-92633341DB48}] => Q:\STEAM\Main\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{F971D9C4-2FE0-49E1-A5AE-CCBC7C1E8D2E}Q:\minikraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => Q:\minikraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{F8868AB7-19EE-4E7A-93CB-2650637A1E5B}Q:\minikraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => Q:\minikraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{7C532C2A-E1CB-4E49-BA8B-76E26614D1A1}Q:\steam\main\steamapps\common\war thunder\launcher.exe] => Q:\steam\main\steamapps\common\war thunder\launcher.exe FirewallRules: [UDP Query User{03A6C8FB-4986-4F0C-AF66-E01383B5E9B5}Q:\steam\main\steamapps\common\war thunder\launcher.exe] => Q:\steam\main\steamapps\common\war thunder\launcher.exe FirewallRules: [TCP Query User{5084179A-C5F1-4568-BCBB-F7883A252434}Q:\steam\main\steamapps\common\war thunder\win64\aces.exe] => Q:\steam\main\steamapps\common\war thunder\win64\aces.exe FirewallRules: [UDP Query User{D506E698-D127-43DD-9DF2-0CBA61AF1F6C}Q:\steam\main\steamapps\common\war thunder\win64\aces.exe] => Q:\steam\main\steamapps\common\war thunder\win64\aces.exe FirewallRules: [{7FC58664-5210-4CDD-8C97-6E3FE2DF8C37}] => C:\Windows\system32\rundll32.exe FirewallRules: [{EAD98594-675E-4A34-96E5-6DF6A2024549}] => C:\Windows\System32\rundll32.exe FirewallRules: [{C0B5E5E4-97A1-4760-A560-9DEE17D0D1BD}] => C:\Windows\System32\rundll32.exe FirewallRules: [{C476FF71-F09C-41F1-9BCE-104EAEFEB447}] => C:\Users\Andrzej\AppData\Local\Temp\is-R7BCO.tmp\download\MiniThunderPlatform.exe FirewallRules: [{1BD9409A-E450-47C7-8A53-54959FD11D38}] => C:\Program Files (x86)\Maoha\MaohaAP\MaohaWifiSvr.exe FirewallRules: [{BAF0F5E4-A739-4724-8D4D-28AF43CA98BF}] => C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{7D132D66-1D6A-45C9-8D23-03B16FBCDB9A}] => C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe FirewallRules: [{B76CCED0-ECF9-43FE-AAD5-E92F495D9FF3}] => C:\Program Files (x86)\UCBrowser\Application\Downloader\download\MiniThunderPlatform.exe FirewallRules: [{8695FBCE-01FF-4463-BE32-7C11419A8099}] => C:\Windows\System32\rundll32.exe FirewallRules: [{206A4F56-FE14-491D-AB3D-03D904AB7BFB}] => C:\Windows\System32\rundll32.exe FirewallRules: [{8FAD4DA9-B093-4419-A4CB-23BBB2F527DB}] => D:\UnhackMe\UnHackMe\Unhackme.exe FirewallRules: [{727B58C5-3153-45E4-8816-890E4FA4633F}] => D:\UnhackMe\UnHackMe\Unhackme.exe FirewallRules: [{C26504D9-DC58-4F39-92C2-91CBAD4B779C}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= 13-12-2016 15:08:21 Windows Update 15-12-2016 14:08:07 Installed Minecraft 17-12-2016 13:07:02 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 17-12-2016 13:07:18 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 17-12-2016 13:07:31 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 25-12-2016 15:17:53 Zainstalowany program DirectX 25-12-2016 18:15:48 Windows Defender Checkpoint ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Kontroler wideo Description: Kontroler wideo Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: SPC315NC Description: SPC315NC Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (12/30/2016 09:56:49 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/30/2016 09:17:50 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: mbamservice.exe, wersja: 3.1.0.388, sygnatura czasowa: 0x58320f73 Nazwa modułu powodującego błąd: mbae-api-na.dll_unloaded, wersja: 0.0.0.0, sygnatura czasowa: 0x5851a4f1 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000007feed9efcfa Identyfikator procesu powodującego błąd: 0x9f8 Godzina uruchomienia aplikacji powodującej błąd: 0x01d26274ea5db6fb Ścieżka aplikacji powodującej błąd: D:\Adw\Anti-Malware\mbamservice.exe Ścieżka modułu powodującego błąd: mbae-api-na.dll Identyfikator raportu: 73c0c9d0-ce68-11e6-9fcf-a41f7266d3c0 Error: (12/30/2016 09:17:24 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/29/2016 10:37:31 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/29/2016 04:19:23 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/29/2016 02:48:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: MassEffect.exe, wersja: 1.2.20608.0, sygnatura czasowa: 0x4a55fea1 Nazwa modułu powodującego błąd: MassEffect.exe, wersja: 1.2.20608.0, sygnatura czasowa: 0x4a55fea1 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x008b752d Identyfikator procesu powodującego błąd: 0xe7c Godzina uruchomienia aplikacji powodującej błąd: 0x01d261da2be22c2a Ścieżka aplikacji powodującej błąd: Q:\Mass Effect Trilogy\1\Mass Effect\Binaries\MassEffect.exe Ścieżka modułu powodującego błąd: Q:\Mass Effect Trilogy\1\Mass Effect\Binaries\MassEffect.exe Identyfikator raportu: 69e76e4c-cdcd-11e6-a018-a41f7266d3c0 Error: (12/29/2016 02:47:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: MassEffect.exe, wersja: 1.2.20608.0, sygnatura czasowa: 0x4a55fea1 Nazwa modułu powodującego błąd: MassEffect.exe, wersja: 1.2.20608.0, sygnatura czasowa: 0x4a55fea1 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x008b752d Identyfikator procesu powodującego błąd: 0x1508 Godzina uruchomienia aplikacji powodującej błąd: 0x01d261da29af4a54 Ścieżka aplikacji powodującej błąd: Q:\Mass Effect Trilogy\1\Mass Effect\Binaries\MassEffect.exe Ścieżka modułu powodującego błąd: Q:\Mass Effect Trilogy\1\Mass Effect\Binaries\MassEffect.exe Identyfikator raportu: 67bac633-cdcd-11e6-a018-a41f7266d3c0 Error: (12/29/2016 02:47:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: MassEffect.exe, wersja: 1.2.20608.0, sygnatura czasowa: 0x4a55fea1 Nazwa modułu powodującego błąd: MassEffect.exe, wersja: 1.2.20608.0, sygnatura czasowa: 0x4a55fea1 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x008b752d Identyfikator procesu powodującego błąd: 0x1204 Godzina uruchomienia aplikacji powodującej błąd: 0x01d261da23e6a016 Ścieżka aplikacji powodującej błąd: Q:\Mass Effect Trilogy\1\Mass Effect\Binaries\MassEffect.exe Ścieżka modułu powodującego błąd: Q:\Mass Effect Trilogy\1\Mass Effect\Binaries\MassEffect.exe Identyfikator raportu: 65348ac4-cdcd-11e6-a018-a41f7266d3c0 Error: (12/29/2016 02:36:47 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (12/29/2016 02:17:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Dziennik System: ============= Error: (12/30/2016 09:54:07 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\system32\athihvs.dll Error: (12/30/2016 09:54:07 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\system32\athihvs.dll Error: (12/30/2016 09:54:05 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: ZARZĄDZANIE NT) Description: Nastąpiło nieoczekiwane zatrzymanie modułu rozszerzalności sieci WLAN. Ścieżka modułu: C:\Windows\system32\athihvs.dll Error: (12/30/2016 09:53:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Management and Security Application User Notification Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/30/2016 09:53:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Update Service Daemon niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/30/2016 09:53:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Rapid Storage Technology niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/30/2016 09:53:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Dell Update Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/30/2016 09:53:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/30/2016 09:53:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (12/30/2016 09:53:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-3470S CPU @ 2.90GHz Procent pamięci w użyciu: 39% Całkowita pamięć fizyczna: 8063.54 MB Dostępna pamięć fizyczna: 4896.4 MB Całkowita pamięć wirtualna: 16125.26 MB Dostępna pamięć wirtualna: 12909.85 MB ==================== Dyski ================================ Drive c: (SYSTEM) (Fixed) (Total:97.66 GB) (Free:52.13 GB) NTFS Drive d: (Programy) (Fixed) (Total:367.55 GB) (Free:183.26 GB) NTFS Drive q: (Gry) (Fixed) (Total:465.87 GB) (Free:301.98 GB) NTFS ==>[system z komponentami startowymi (pozyskano odczytując dysk)] ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8367BFCD) Partition 1: (Active) - (Size=465.9 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=450 MB) - (Type=27) Partition 3: (Not Active) - (Size=367.5 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================