Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:04-09-2015 Uruchomiony przez Mat (2015-09-06 08:58:46) Uruchomiony z G:\ Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-2723175302-2110301571-1700152159-500 - Administrator - Disabled) Gość (S-1-5-21-2723175302-2110301571-1700152159-501 - Limited - Disabled) Mat (S-1-5-21-2723175302-2110301571-1700152159-1000 - Administrator - Enabled) => C:\Users\Mat ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-2723175302-2110301571-1700152159-1000\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.) Adobe Reader XI (11.0.07) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\{AA3B06B1-E89A-43C6-A26B-7109DB4BEE7B}) (Version: 12.0.7.148 - Adobe Systems, Inc) Aktualizacje NVIDIA 2.5.14.5 (Version: 2.5.14.5 - NVIDIA Corporation) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform) CodeStuff Starter (HKLM-x32\...\CodeStuff Starter) (Version: 5.6.2.9 - CodeStuff) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd) DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation) EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.4.0.0 - Electronic Arts) eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden ESET NOD32 Antivirus (HKLM\...\{155EC97B-FE09-4F23-BE22-F79440F1E22E}) (Version: 8.0.319.1 - ESET, spol s r. o.) ETDWare PS/2-X64 11.13.4.4_WHQL (HKLM\...\Elantech) (Version: 11.13.4.4 - ELAN Microelectronic Corp.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden inSSIDer version 4 (HKLM-x32\...\{E8AC36E6-1C21-4EBE-A5FE-AA51AE690D8B}_is1) (Version: 4 - FOR TRIAL PURPOSE ONLY) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.2.54 - Intel Corporation) Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) K-Lite Mega Codec Pack 10.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.0 - ) Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech) Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - ) Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - ) Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - ) Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) NAPIPROJEKT 1.0.6.1 (HKLM-x32\...\NAPIPROJEKT_is1) (Version: - ) NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik graficzny 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation) Panel sterowania NVIDIA 355.82 (Version: 355.82 - NVIDIA Corporation) Hidden PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.596 - Qualcomm Atheros) Qualcomm Atheros Killer Network Manager (Version: 6.1.0.596 - Qualcomm Atheros) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.70 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.) Rise of Nations: Extended Edition (HKLM-x32\...\Rise of Nations: Extended Edition_is1) (Version: - Microsoft Studios) SCM (HKLM\...\{CA85D7A7-6B45-4011-9BCC-C01F31EDE157}) (Version: 14.013.07054 - ) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.) SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH) WinRAR 5.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Wtyczka e-Deklaracje (HKLM-x32\...\{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1) (Version: 4.1.0 - Ministerstwo Finansów) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-2723175302-2110301571-1700152159-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Punkty Przywracania systemu ========================= 15-08-2015 23:09:17 Zaplanowany punkt kontrolny 24-08-2015 23:46:16 Zaplanowany punkt kontrolny 05-09-2015 17:38:29 Installed inSSIDer 4 05-09-2015 17:45:16 Removed inSSIDer 4 05-09-2015 21:12:23 Zainstalowano ESET NOD32 Antivirus ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {01E0A7A0-AAD5-4265-85C3-A3011F886F43} - System32\Tasks\{9DBB61B4-E821-41C1-BF9E-2B5FDBB68568} => pcalua.exe -a C:\Users\Mat\Desktop\dotnetfx3setup.exe -d C:\Users\Mat\Desktop Task: {01EBE678-BA63-4C71-B58B-726360A7CA04} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\Mat\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd) Task: {024125BC-5985-4E05-A256-ED7F88DCEFB0} - System32\Tasks\{C3145E1B-32DE-46FA-8828-E09447B0AF89} => pcalua.exe -a "C:\Users\Mat\Desktop\vcredist_x64 (2).exe" -d C:\Users\Mat\Desktop Task: {03A1D9F4-9E3E-460F-89AE-0D0BA8079FC9} - System32\Tasks\Installer_cr => C:\Users\Mat\AppData\Local\Installer\Installcr_24634\DCytdieamodc_amodc_setup.exe <==== UWAGA Task: {138AD851-35E5-4D37-8111-721BC0C22F43} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {5EADAC38-B08D-41ED-865C-07C819C332EF} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {D266106F-BAA9-4F8E-92D1-015690DB9138} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {D4E3C87C-C44E-45C7-B3CE-5201A037A95E} - System32\Tasks\TOC2X9lWExfLstn8hZEZsdt => C:\Users\Mat\AppData\Roaming\TOC2X9lWExfLstn8hZEZsdt.exe [2015-04-20] () <==== UWAGA Task: {DE098475-EE68-45C7-9D1A-1C57C83287D7} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-04-12] () Task: {E12A50D3-1FB1-43A4-8DDE-4679AE864C3C} - System32\Tasks\{F31E35FE-18B1-4699-BD72-50BB48979A5B} => pcalua.exe -a "C:\Users\Mat\Desktop\dotnetfx35setup (1).exe" -d C:\Users\Mat\Desktop Task: {E7C63095-AD9C-4FA3-BA7A-73860ED2872A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-15] (Adobe Systems Incorporated) Task: {E819F743-627D-4D54-B604-792E38402EAA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {F378B273-AA42-47D0-BB02-D14122D2B22D} - System32\Tasks\Installer_iwebar => C:\Users\Mat\AppData\Local\Installer\Installiwebar_11430\DCytdieamodc_amodc_setup.exe <==== UWAGA (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\TOC2X9lWExfLstn8hZEZsdt.job => C:\Users\Mat\AppData\Roaming\TOC2X9lWExfLstn8hZEZsdt.exe <==== UWAGA ==================== Załadowane moduły (filtrowane) ============== 2014-05-09 21:39 - 2015-08-25 16:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-09-05 17:11 - 2015-09-05 17:11 - 01380864 _____ () C:\Program Files (x86)\00000000-1441468542-0000-0000-448A5B4013F5\knsc8267.tmpfs 2015-09-05 17:56 - 2015-09-05 17:56 - 00227328 _____ () C:\Program Files (x86)\00000000-1441468542-0000-0000-448A5B4013F5\jnsnD05E.tmp 2014-05-29 17:08 - 2014-07-01 20:53 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2013-05-16 17:30 - 2013-05-16 17:30 - 00503296 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\BFNService.exe 2011-05-09 20:46 - 2011-05-09 20:46 - 02760192 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\QtCore4.dll 2011-05-09 20:56 - 2011-05-09 20:56 - 09856000 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\QtGui4.dll 2011-05-09 20:47 - 2011-05-09 20:47 - 00416256 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\QtXml4.dll 2013-05-16 17:30 - 2013-05-16 17:30 - 00217600 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\BFCommon.dll 2011-05-10 12:32 - 2011-05-10 12:32 - 00731648 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\qwt5.dll 2011-05-09 20:48 - 2011-05-09 20:48 - 00990720 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2015-09-05 17:56 - 2015-09-05 17:56 - 00137728 _____ () C:\Program Files (x86)\00000000-1441468542-0000-0000-448A5B4013F5\hnsdEFD2.tmp 2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () C:\Program Files\Mat\Logitech\SetPointP\Macros\MacroCore.dll 2013-05-16 17:30 - 2013-05-16 17:30 - 00554496 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe 2013-05-16 17:30 - 2013-05-16 17:30 - 00404992 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\plugins\modApplications.dll 2013-05-16 17:30 - 2013-05-16 17:30 - 00036864 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\plugins\modFeatures.dll 2013-05-16 17:30 - 2013-05-16 17:30 - 00025088 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\plugins\modFraps.dll 2013-05-16 17:30 - 2013-05-16 17:30 - 00240128 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\plugins\modGraph.dll 2013-05-16 17:30 - 2013-05-16 17:30 - 00062464 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\plugins\modlcd.dll 2013-05-16 17:30 - 2013-05-16 17:30 - 00291328 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\plugins\modNetwork.dll 2013-05-16 17:30 - 2013-05-16 17:30 - 00184832 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\plugins\modNpu.dll 2013-05-16 17:30 - 2013-05-16 17:30 - 00211456 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\plugins\modOptions.dll 2013-05-16 17:30 - 2013-05-16 17:30 - 00064000 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\plugins\modOverview.dll 2013-05-16 17:30 - 2013-05-16 17:30 - 00317440 _____ () C:\Program Files\Mat\Qualcomm Atheros\Killer Network Manager\plugins\modSystemInfo.dll 2015-03-31 22:23 - 2015-08-27 02:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2014-05-09 21:35 - 2015-08-25 20:46 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2014-04-12 19:41 - 2000-01-01 02:00 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-2723175302-2110301571-1700152159-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mat\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows - funkcja włączona. ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{273808AB-A893-4030-AD1A-CD8843DD8443}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{3390FCBF-B31C-488C-ABB4-0229CA757295}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{701BD69E-351C-4A07-99E4-070E9151EC5A}] => (Allow) C:\Users\Mat\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{76831025-E96E-4440-8E84-BBF43779F16E}] => (Allow) C:\Users\Mat\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{1A7379BD-FAEB-4B6E-9433-F524C483801B}] => (Allow) C:\Program Files\Mat\Microsoft Office\Office14\GROOVE.EXE FirewallRules: [{FD2B0652-A120-4C99-9D03-113472434A55}] => (Allow) C:\Program Files\Mat\Microsoft Office\Office14\GROOVE.EXE FirewallRules: [TCP Query User{DC3792C5-8015-447D-91AE-A610072B6C0A}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{844201A4-D2BF-4CC9-89C1-6A02BCA80150}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{9AF04C19-9F0E-4902-A85D-26FBBD7E4B59}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{38988110-7F97-47FA-BF6B-4BA662428106}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{470451A2-B3F1-4658-8100-310AB54CDBCF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{F6700C88-5ECB-4133-9AB0-9CC04AD417EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{10330199-54E1-4FF4-B4C3-968B62D95FD0}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{774890B7-7C49-438B-A982-8C4D455715DD}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{B963D94E-ABA5-4DBB-85C0-60B9AB545F2C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{FA37D9C8-9FF0-437F-81F5-C02CD4BDC79A}] => (Allow) E:\uTorrent\uTorrent finished\FIFA.15.2014.Ultimate.Team.Edition.with.Update.4.Multi15.Cracked-3DM\fifasetup\fifaconfig.exe FirewallRules: [{9D55411E-6A70-494A-959E-F18F78B9BF3E}] => (Allow) E:\uTorrent\uTorrent finished\FIFA.15.2014.Ultimate.Team.Edition.with.Update.4.Multi15.Cracked-3DM\fifasetup\fifaconfig.exe FirewallRules: [TCP Query User{E77BF904-1A10-4B96-AE91-B3EA497B9C0A}E:\games\fifa 15\fifa15.exe] => (Allow) E:\games\fifa 15\fifa15.exe FirewallRules: [UDP Query User{CCC2A713-2618-4999-B479-43E9721A15FA}E:\games\fifa 15\fifa15.exe] => (Allow) E:\games\fifa 15\fifa15.exe FirewallRules: [{9F52BAD8-241D-420B-8435-E426023E0D8A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{8B785E1A-8F08-47D4-B400-AC485BA81A3D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{D3F803DA-85E4-4F59-AE58-F274C8756BEA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{B0E73AC8-39ED-4254-A90A-0A6688061341}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8639A12D-2DC3-4348-AB6A-EC03EB62F7B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8A206902-E0F9-4F01-8F42-079A4251D530}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Urządzenie Bluetooth (sieć osobista) Description: Urządzenie Bluetooth (sieć osobista) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: BthPan Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (09/06/2015 08:55:58 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/06/2015 08:43:31 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/05/2015 10:57:09 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/05/2015 09:55:09 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/05/2015 09:45:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Dziennik System: ============= Error: (09/06/2015 08:54:36 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Menedżer sterowania usługami próbował podjąć akcję korekcyjną (Uruchom usługę ponownie) po nieoczekiwanym zakończeniu usługi Windows Search, ale ta akcja nie powiodła się przy następującym błędzie: %%1056. Error: (09/06/2015 08:54:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Instalator Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (09/06/2015 08:54:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) Dynamic Application Loader Host Interface Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (09/06/2015 08:54:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Intel(R) ME Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (09/06/2015 08:54:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (09/06/2015 08:54:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (09/06/2015 08:54:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Office Software Protection Platform niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (09/06/2015 08:54:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa buforowania czcionek platformy Windows Presentation Foundation, wersja 3.0.0.0 niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (09/06/2015 08:54:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Delete Exit niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (09/06/2015 08:54:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Qualcomm Atheros Killer Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Microsoft Office: ========================= Error: (09/06/2015 08:55:58 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/06/2015 08:43:31 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/05/2015 10:57:09 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/05/2015 09:55:09 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/05/2015 09:45:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity: =================================== Date: 2015-09-05 22:07:37.401 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-09-05 22:07:37.339 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz Procent pamięci w użyciu: 22% Całkowita pamięć fizyczna: 8112.02 MB Dostępna pamięć fizyczna: 6256.94 MB Całkowita pamięć wirtualna: 16222.23 MB Dostępna pamięć wirtualna: 14231.38 MB ==================== Dyski ================================ Drive c: (System) (Fixed) (Total:101.21 GB) (Free:21.04 GB) NTFS Drive d: (Mat) (Fixed) (Total:48.83 GB) (Free:11.52 GB) NTFS Drive e: (Dane) (Fixed) (Total:781.25 GB) (Free:582.03 GB) NTFS Drive g: () (Removable) (Total:29.8 GB) (Free:23.81 GB) FAT32 ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 926636E7) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 29.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt ============================