Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013 Ran by 666 at 2013-10-10 12:34:37 Running from C:\Users\666\Desktop\Antywirus Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C} AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== @BIOS (x32 Version: 2.25) 7-Zip 4.65 (x32) 7-Zip 9.20 (x64 edition) (Version: 9.20.00.0) Action! (x32 Version: 1.12.2) Adobe AIR (x32 Version: 3.1.0.4880) Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117) Adobe Help Manager (x32 Version: 4.0.244) Adobe Reader XI (11.0.05) - Polish (x32 Version: 11.0.05) Aiseesoft Total Video Converter Platinum 6.3.20 (x32) Aktualizacje NVIDIA 8.3.14 (Version: 8.3.14) Any Audio Converter 4.0.1 (x32) Apple Software Update (x32 Version: 2.1.3.127) Archiwizator WinRAR (x32) Audacity 2.0.2 (x32 Version: 2.0.2) Auto Gordian Knot 2.55 (x32 Version: 2.55) AutoGreen B12.0206.1 (x32 Version: 1.00.0000) avast! Free Antivirus (x32 Version: 8.0.1497.0) AviSynth 2.5 (x32) bl (x32 Version: 1.0.0) CCleaner (Version: 3.26) CyberLink PowerCinema (x32 Version: 6.0.3316) Detektor Winampa (HKCU Version: 1.0.0.1) EaseUS Partition Master 9.2.1 Home Edition (x32) Free CUDA DVD Ripper 6 (x32) Freemake Video Converter wersja 4.0.4 (x32 Version: 4.0.4) GeForce Experience NvStream Client Components (Version: 0.1.87) Gordon's Gate Flash Driver 3.0.0.1 (x32 Version: 3.0.0.1) GTA IV Episodes from Liberty City (x32) GTA San Andreas (x32 Version: 1.00.00001) HandBrake 0.9.9.1 (x32 Version: 0.9.9.1) HyperCam 2 (Version: 2.27.01) Intel(R) Control Center (x32 Version: 1.2.1.1007) Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36279) Intel(R) Management Engine Components (x32 Version: 8.0.10.1464) Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.5.235) Intel® Trusted Connect Service Client (Version: 1.23.943.1) IrfanView (remove only) (x32 Version: 4.36) Java 7 Update 17 (64-bit) (Version: 7.0.170) Java 7 Update 40 (x32 Version: 7.0.400) Java Auto Updater (x32 Version: 2.1.9.8) JDownloader (x32) K-Lite Codec Pack 10.0.5 Full (x32 Version: 10.0.5) LAME v3.99.3 (for Windows) (x32) LemurLeap 3.0.0 (Version: 3.0.0) Łatka polonizacyjna GTA IV: The Lost and Damned v1.1 oraz GTA IV: The Ballad of Gay Tony v1.0 (x32 Version: 1.2) Max Payne 3 (x32 Version: 1.0.0.0) MediaInfo 0.7.62 (Version: 0.7.62) Microsoft .NET Framework 4.5 (Version: 4.5.50709) Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0) Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0) Microsoft Silverlight (Version: 5.1.20125.0) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053) Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000) MKVToolNix 6.3.0 (x32 Version: 6.3.0) Mozilla Firefox 24.0 (x86 pl) (x32 Version: 24.0) Mozilla Maintenance Service (x32 Version: 24.0) MSVCRT Redists (Version: 1.0) Need for Speed Most Wanted (x32) Need For Speed Underground (x32) NVIDIA CUDA Documentation 5.5 (Version: 5.5) NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1) NVIDIA Install Application (Version: 2.1002.133.902) NVIDIA Nsight Visual Studio Edition 3.1.0.13141 (Version: 3.1.0.13141) NVIDIA Oprogramowanie systemu PhysX 9.13.0725 (Version: 9.13.0725) NVIDIA PhysX (x32 Version: 9.13.0725) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2723) NVIDIA Sterownik 3D Vision 327.23 (Version: 327.23) NVIDIA Sterownik dźwięku HD 1.3.26.4 (Version: 1.3.26.4) NVIDIA Sterownik graficzny 327.23 (Version: 327.23) NVIDIA Sterownik kontrolera 3D Vision 326.01 (Version: 326.01) NVIDIA Update Components (Version: 8.3.14) NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5) Obsługa programów Apple (x32 Version: 2.3.4) ON_OFF Charge B11.1102.1 (x32 Version: 1.00.0001) Pandora Service (x32) Panel sterowania NVIDIA 327.23 (Version: 327.23) ph (x32 Version: 1.0.0) PowerISO (x32 Version: 5.4) QuickTime (x32 Version: 7.74.80.86) Realtek Ethernet Controller Driver (x32 Version: 7.49.927.2011) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6642) Rockstar Games Social Club (x32 Version: 1.1.0.6) Samsung Kies (x32 Version: 2.0.0.11032_12) SAMSUNG USB Driver for Mobile Phones (Version: 1.3.2250.0) SDFormatter (x32 Version: 3.1.0) SHIELD Streaming (Version: 1.05.28) The KMPlayer (remove only) (x32) TL-WN721N/TL-WN722N Driver (x32 Version: 1.0.0) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0) Virtual DJ Pro Full - Atomix Productions (x32) Visual Studio C++ 10.0 Runtime (x32 Version: 10.0.0) VobSub v2.23 (Remove Only) (x32) VSO Blu-ray Converter Ultimate 2 (x32 Version: 2.1.1.6) Winamp (x32 Version: 5.63 ) Windows Live ID Sign-in Assistant (Version: 6.500.3165.0) Worms Revolution (x32) Xilisoft Video Converter Ultimate (x32 Version: 7.7.2.20130619) XviD MPEG4 Video Codec (remove only) (x32) ==================== Restore Points ========================= 06-10-2013 09:52:10 Zaplanowany punkt kontrolny 10-10-2013 06:59:28 ComboFix created restore point ==================== Hosts content: ========================== 2009-07-14 04:34 - 2013-10-10 09:03 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {2A0878AB-6FC0-4003-A631-3522CAFD7807} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-03-26] (Intel Corporation) Task: {4F80C245-9874-4817-B776-C71F92B39076} - \Dealply No Task File Task: {A8B5AF3A-4B41-4037-976F-583ADE1505F7} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2013-08-30] (AVAST Software) Task: {BD188B1A-0415-4FA8-855B-43D9E8A54BEF} - \AmiUpdXp No Task File Task: {C4AE079F-DEB2-463E-8DBB-14D957F98CFE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd) Task: {D89301FD-E4AF-4F88-9A92-4D997BEAE746} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-03-26] (Intel Corporation) Task: {DA76B31A-8BFE-48BE-BE18-4320955DE02E} - \DealPlyUpdate No Task File Task: {E0027167-0595-424E-96E7-A66636335ECF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated) Task: {E17D0F08-3329-4E7F-B153-7580B6C436A9} - \DealPlyLiveUpdateTaskMachineCore No Task File Task: {FF570097-E4DC-4BAF-AFA4-F46265CA4707} - \DealPlyLiveUpdateTaskMachineUA No Task File Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Loaded Modules (whitelisted) ============= 2013-02-28 12:05 - 2006-12-11 04:14 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2013-10-10 06:56 - 2013-10-09 23:37 - 02105344 _____ () C:\Program Files\Alwil Software\Avast5\defs\13100901\algo.dll 2013-04-02 13:33 - 2011-12-06 16:19 - 01269760 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avformat-53.dll 2013-04-02 13:33 - 2011-12-06 16:19 - 02090496 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avcodec-53.dll 2013-04-02 13:33 - 2011-12-06 16:19 - 00133632 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avutil-51.dll 2013-04-08 09:03 - 2009-09-29 17:56 - 00099560 ____N () C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\CLSchRecordMonitor.dll 2013-04-08 09:03 - 2009-09-29 17:56 - 00312680 ____N () C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\CLCapEngine.dll 2013-04-08 09:03 - 2009-09-29 17:56 - 00042216 ____N () C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\CLCapSvcps.dll 2009-09-16 11:34 - 2009-09-16 11:34 - 00873768 ____N () C:\Program Files (x86)\CyberLink\PowerCinema\Kernel\CLML\CLMediaLibrary.dll 2009-09-16 11:34 - 2009-09-16 11:34 - 00013096 ____N () C:\Program Files (x86)\CyberLink\PowerCinema\Kernel\CLML\CLMLSvcPS.dll 2013-04-08 09:03 - 2009-09-29 17:56 - 00034024 ____N () C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\CLSchedps.dll 2013-04-08 09:03 - 2009-09-29 17:56 - 00116064 ____N () C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\CLSchMgr.dll 2013-04-08 09:03 - 2009-09-29 17:56 - 00460008 ____N () C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\CLTinyDB.dll 2013-02-27 15:02 - 2012-03-28 23:18 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2013-10-01 10:15 - 2013-10-01 10:15 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-10-09 12:16 - 2013-10-09 12:16 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\666\Cookies:A0BDaHWb3jCNtZdzaTfTlPW AlternateDataStreams: C:\Users\666\AppData\Local\ldJcatalVInQRb:oy7JHlxQVgMheC8EbgNXsjlr AlternateDataStreams: C:\Users\666\AppData\Local\Temporary Internet Files:zJM3FrEOx5AynHRQrsNMvHF AlternateDataStreams: C:\ProgramData\Temp:BF3D62E7 ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/10/2013 09:09:09 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/10/2013 09:08:01 AM) (Source: NvStreamSvc) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (10/10/2013 09:08:01 AM) (Source: NvStreamSvc) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (10/10/2013 08:29:59 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/10/2013 08:28:50 AM) (Source: NvStreamSvc) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (10/10/2013 08:28:50 AM) (Source: NvStreamSvc) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (10/10/2013 08:09:00 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/10/2013 08:07:40 AM) (Source: NvStreamSvc) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (10/10/2013 08:07:40 AM) (Source: NvStreamSvc) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (10/10/2013 06:56:54 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (10/10/2013 09:03:19 AM) (Source: Service Control Manager) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (10/10/2013 09:02:57 AM) (Source: Application Popup) (User: ) Description: Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (10/10/2013 09:01:30 AM) (Source: Service Control Manager) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (10/06/2013 10:10:02 AM) (Source: volsnap) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (09/30/2013 06:01:00 AM) (Source: Service Control Manager) (User: ) Description: Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu: %%1069 Error: (09/30/2013 06:01:00 AM) (Source: Service Control Manager) (User: ) Description: Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%1330 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error: (09/29/2013 00:14:29 PM) (Source: Service Control Manager) (User: ) Description: Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu: %%1069 Error: (09/29/2013 00:14:29 PM) (Source: Service Control Manager) (User: ) Description: Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%1330 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error: (09/29/2013 11:04:48 AM) (Source: Service Control Manager) (User: ) Description: Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu: %%1069 Error: (09/29/2013 11:04:48 AM) (Source: Service Control Manager) (User: ) Description: Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%1330 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Microsoft Office Sessions: ========================= Error: (10/10/2013 09:09:09 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/10/2013 09:08:01 AM) (Source: NvStreamSvc)(User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (10/10/2013 09:08:01 AM) (Source: NvStreamSvc)(User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (10/10/2013 08:29:59 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/10/2013 08:28:50 AM) (Source: NvStreamSvc)(User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (10/10/2013 08:28:50 AM) (Source: NvStreamSvc)(User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (10/10/2013 08:09:00 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/10/2013 08:07:40 AM) (Source: NvStreamSvc)(User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (10/10/2013 08:07:40 AM) (Source: NvStreamSvc)(User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (10/10/2013 06:56:54 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2013-10-10 09:02:57.724 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-10-10 09:02:57.719 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 26% Total physical RAM: 8138.16 MB Available physical RAM: 5990.01 MB Total Pagefile: 16274.51 MB Available Pagefile: 13960.82 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: (7) (Fixed) (Total:97.66 GB) (Free:47.09 GB) NTFS Drive d: (XP) (Fixed) (Total:39.06 GB) (Free:28.12 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (DORI) (Fixed) (Total:426.7 GB) (Free:167.5 GB) NTFS Drive f: (KRIS) (Fixed) (Total:1765.36 GB) (Free:229.43 GB) NTFS Drive h: (DVD_VIDEO_RECORDER) (CDROM) (Total:3.26 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 1863 GB) (Disk ID: 7B0BC5F8) Partition 1: (Not Active) - (Size=98 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=-303484108800) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: D961D961) Partition 1: (Active) - (Size=39 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=427 GB) - (Type=OF Extended) ==================== End Of Log ============================