Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:12-10-2015 Uruchomiony przez Artur (2015-10-14 15:54:24) Uruchomiony z C:\Users\Artur\Downloads Windows 7 Professional Service Pack 1 (X64) (2015-02-06 11:46:04) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-1797872797-1469522326-3676945280-500 - Administrator - Disabled) Artur (S-1-5-21-1797872797-1469522326-3676945280-1000 - Administrator - Enabled) => C:\Users\Artur Gość (S-1-5-21-1797872797-1469522326-3676945280-501 - Limited - Disabled) UpdatusUser (S-1-5-21-1797872797-1469522326-3676945280-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) µTorrent (HKU\S-1-5-21-1797872797-1469522326-3676945280-1000\...\uTorrent) (Version: 3.4.5.41162 - BitTorrent Inc.) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.241 - Adobe Systems Incorporated) Adobe Reader XI (11.0.13) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-1797872797-1469522326-3676945280-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Aktualizacje NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation) AutoCAD 2014 - English (Version: 19.1.18.0 - Autodesk) Hidden AutoCAD 2014 Language Pack - English (Version: 19.1.18.0 - Autodesk) Hidden AutoCAD Electrical 2014 - English (Version: 11.0.57.0 - Autodesk) Hidden AutoCAD Electrical 2014 Language Pack - English (Version: 11.0.57.0 - Autodesk) Hidden Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk) Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk) Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk) Autodesk AutoCAD Electrical 2014 - English (HKLM\...\AutoCAD Electrical 2014 - English) (Version: 11.0.57.0 - Autodesk) Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk) Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk) Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk) Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk) Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation) DIgSILENT License Server 5.3.2 (HKLM-x32\...\DIgSILENT License Server 5.3.2) (Version: License Server 5.3 - DIgSILENT GmbH) DIgSILENT PowerFactory 14.1 (HKLM-x32\...\DIgSILENT PowerFactory 14.1) (Version: PowerFactory 14.1.3 - DIgSILENT GmbH) DIgSILENT Preinstaller (HKLM-x32\...\DIgSILENT Preinstaller) (Version: 14.1 - ) DWGsetup 3.4 (HKLM-x32\...\DWGsetup 3.4) (Version: - PC SCHEMATIC A/S) DWGsetup 3.4 (x32 Version: 3.4 - PC|SCHEMATIC A/S) Hidden easy Soft CoDeSys Demo V2.3.5 (HKLM-x32\...\{A4E59643-353C-4B87-ABF5-0002E73C9828}) (Version: V2.3.5 - Moeller Software) e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 7.0.3 - Ministerstwo Finansow) e-Deklaracje Desktop (x32 Version: 7.0.3 - Ministerstwo Finansow) Hidden EPLAN Education 2.4 (x64) (HKLM\...\EPLAN Education 2.4 (x64)) (Version: 2.4.4.8366 - EPLAN Software & Service GmbH & Co. KG) EPLAN Education 2.4 (x64) (Version: 2.4.4.8366 - EPLAN Software & Service GmbH & Co. KG) Hidden EPLAN Help en-US 2.4 (x64) (HKLM\...\{DC47076F-F5D3-4599-9A60-7C74807BF5CD}) (Version: 2.4.4.8366 - EPLAN Software & Service GmbH & Co. KG) EPLAN License Client (HKLM-x32\...\{0100BD88-3990-431F-9175-AB60E31AFFDE}) (Version: 9.1.12.54500 - EPLAN Software & Service GmbH & Co. KG) EPLAN License Client (x64) (HKLM\...\{06400E16-27C0-412B-AB67-6A677D35C85D}) (Version: 9.1.12.54500 - EPLAN Software & Service GmbH & Co. KG) EPLAN Platform 2.4 (x64) (HKLM\...\EPLAN Platform 2.4 (x64)) (Version: 2.4.4.8366 - EPLAN Software & Service GmbH & Co. KG) EPLAN Platform 2.4 (x64) (Version: 2.4.4.8366 - EPLAN Software & Service GmbH & Co. KG) Hidden EPLAN Training Electric P8 Dokucenter PLV11 (HKLM-x32\...\EPLAN Training Electric P8 Dokucenter PLV11) (Version: - ) EPLAN Trial Education Data 2.4 (x64) (HKLM\...\EPLAN Trial Education Data 2.4 (x64)) (Version: 2.4.4.8366 - EPLAN Software & Service GmbH & Co. KG) EPLAN Trial Education Data 2.4 (x64) (Version: 2.4.4.8366 - EPLAN Software & Service GmbH & Co. KG) Hidden Europa Universalis IV - Collection version 1.9.2 (HKLM-x32\...\{77B398F2-FEE1-47B8-9868-F3C1E3147C4C}_is1) (Version: 1.9.2 - Yuzutu, Inc.) FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Hardlock Device Drivers (HKLM-x32\...\Hardlock Device Drivers) (Version: - ) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation) Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation) Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Kaspersky Anti-Virus (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden KeyShot 5 64 bit (HKLM-x32\...\KeyShot 5_64) (Version: 5.0 64 bit - Luxion ApS) LOGO!Soft Comfort V7.0 (Demo) (HKLM-x32\...\LOGO!Soft Comfort V7.0 (Demo)) (Version: 7.0.0.0 - Siemens AG) Mafia II (HKLM-x32\...\Mafia II_is1) (Version: - ) Mafia II DLC Jimmy's Vendetta (HKLM-x32\...\Mafia II DLC Jimmy's Vendetta_is1) (Version: - ) Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) MATLAB R2015a (HKLM\...\Matlab R2015a) (Version: 8.5 - MathWorks) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden NVIDIA Oprogramowanie systemu PhysX 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA Sterownik graficzny 326.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 326.49 - NVIDIA Corporation) OFICJALNE TESTY EGZAMINACYJNE NA PJ (HKLM-x32\...\OFICJALNE TESTY EGZAMINACYJNE NA PJ) (Version: - ) OFICJALNE TESTY EGZAMINACYJNE PWPW (HKLM-x32\...\OFICJALNE TESTY EGZAMINACYJNE PWPW) (Version: - ) OpenOffice 4.1.1 (HKLM-x32\...\{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation) Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software) Panel sterowania NVIDIA 326.49 (Version: 326.49 - NVIDIA Corporation) Hidden PC|SCHEMATIC Automation 40 14.0 (HKLM-x32\...\PCSCHEMATIC Automation 40) (Version: - PC|SCHEMATIC A/S) PLAY ONLINE (HKLM-x32\...\PLAY ONLINE) (Version: 21.005.11.14.264 - Huawei Technologies Co.,Ltd) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) PowerFactory SelfExtracting Installer (HKLM-x32\...\DIgSILENT SelfExtracting Installer) (Version: PowerFactory 14.1.3.0 - ) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.) Qualcomm Atheros Fast Reconnect (HKLM-x32\...\{0CA2063D-D43F-41F2-A8AC-A3C4A4C722D2}) (Version: 1.0 - QualComm Atheros) SEE Electrical V7R2 (HKLM-x32\...\{C5A09A0C-7FD8-43CF-A7FE-21C0C8314536}) (Version: 7.20.5928 - IGE+XAO) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Sid Meier's Civilization 5 (HKLM-x32\...\Sid Meier's Civilization 5_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky) SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk) Solid Edge ST7 (HKLM\...\{AB0F3228-D90C-4574-8A28-589483A68C93}) (Version: 107.00.00104 - Siemens) TESV Skyrim LE version 1.9.32.0.8 (HKLM-x32\...\TESV Skyrim LE_is1) (Version: 1.9.32.0.8 - Lyxer_Loader) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{CF394926-359E-48E1-AA25-E56B32FCB335}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version: - Microsoft) Video Web Camera (HKLM-x32\...\{12A1B519-5934-4508-ADBD-335347B0DC87}) (Version: 1.7.137.706 - Chicony Electronics Co.,Ltd.) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WinRAR 5.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) Wolfenstein - Enemy Territory (HKLM-x32\...\Wolfenstein - Enemy Territory) (Version: - ) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1797872797-1469522326-3676945280-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1797872797-1469522326-3676945280-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1797872797-1469522326-3676945280-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1797872797-1469522326-3676945280-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1797872797-1469522326-3676945280-1000_Classes\CLSID\{FE186CB0-BEDC-11D5-9B1D-0050DA438716}\localserver32 -> C:\Program Files\EPLAN\Platform\2.4.4\Bin\Eplan.exe (EPLAN Software & Service GmbH & Co. KG) ==================== Punkty Przywracania systemu ========================= UWAGA: Przywracanie systemu jest wyłączone ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2015-10-11 17:07 - 00000768 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {3A127248-2A1E-4694-87B8-F24946FEA714} - System32\Tasks\MATLAB R2015a Startup Accelerator => C:\Program Files\MATLAB\R2015a\bin\win64\MATLABStartupAccelerator.exe [2014-12-29] () Task: {49A9AB04-1AC2-451E-9291-3EA110D360E1} - System32\Tasks\Opera scheduled Autoupdate 1435776515 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-25] (Opera Software) Task: {4A2CC7A0-BDD8-47B4-B7E6-FA6D2391EB5E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {7492BA78-4AF6-4040-AB16-45D837B75DA7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-06] (Adobe Systems Incorporated) Task: {7D415718-C0E9-4662-B2F0-B762A9AB79B7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {8D5A0B82-6484-463E-A9B7-6422A6CD1AE0} - \SystemSoundsService -> Brak pliku <==== UWAGA Task: {9B223C84-F386-4775-AC40-FEB0CD5A3604} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-06] (Google Inc.) Task: {C3808C2C-36B4-412F-A0E9-3CF218E4A478} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated) Task: {D24008B8-5639-47B0-B94F-34AE16426BC7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {E4CBBAEE-4B16-4402-9F74-87038B777E51} - System32\Tasks\AQIT => Rundll32.exe "C:\Windows\SysWOW64\MFC71CHTQ.dll",MNFUK Task: {E82E02A8-8D47-44D2-AF43-5576274C9FEE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-06] (Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AQIT.job => C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\MFC71CHTQ.dll Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\MATLAB R2015a Startup Accelerator.job => C:\Program Files\MATLAB\R2015a\bin\win64\MATLABStartupAccelerator.exe ==================== Załadowane moduły (filtrowane) ============== 2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2015-06-14 21:04 - 2015-06-14 21:02 - 00246112 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe 2015-08-23 22:20 - 2015-08-23 22:23 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-02-06 15:40 - 2013-08-01 15:22 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-04-04 00:50 - 2010-06-09 18:54 - 00206208 _____ () C:\Windows\PLFSetI.exe 2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\kpcengine.2.3.dll 2011-12-06 12:09 - 2011-12-06 12:09 - 00313168 _____ () C:\DIgSILENT\License Server\tools.dll 2011-12-06 12:09 - 2011-12-06 12:09 - 00902992 _____ () C:\DIgSILENT\License Server\sv.dll 2011-12-06 12:09 - 2011-12-06 12:09 - 00064848 _____ () C:\DIgSILENT\License Server\dighlvdd.dll 2015-06-14 21:04 - 2015-06-14 21:02 - 00011362 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\mingwm10.dll 2015-06-14 21:04 - 2015-06-14 21:02 - 00043008 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\libgcc_s_dw2-1.dll 2015-06-14 21:04 - 2015-06-14 21:02 - 02415104 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtCore4.dll 2015-06-14 21:04 - 2015-06-14 21:02 - 01148416 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtNetwork4.dll 2015-06-14 21:04 - 2015-06-14 21:02 - 00384512 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QueryStrategy.dll 2015-06-14 21:04 - 2015-06-14 21:02 - 00398336 _____ () C:\ProgramData\PLAY ONLINE\OnlineUpdate\QtXml4.dll 2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pl_pl\acrotray.pol ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== EXE - Powiązania (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-1797872797-1469522326-3676945280-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Artur\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Zapora systemu Windows - funkcja włączona. ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{0C2A43CB-D9B3-4008-B628-5E66027D70D3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{A1238865-1D4E-4251-9010-684AAD89C847}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{401B1BB8-63D0-416D-9704-DD1C325B56E7}] => (Allow) C:\Program Files\KeyShot5\bin\keyshot5.exe FirewallRules: [{D3B49FAF-112F-4E7B-BCE1-411B93FD816F}] => (Allow) C:\Program Files\KeyShot5\bin\keyshot_daemon.exe FirewallRules: [{B21704E1-8220-45FA-9AF0-0B4C856433B6}] => (Allow) C:\Users\Artur\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{524B4057-9618-4932-A72D-3BBB2BB563D8}] => (Allow) C:\Users\Artur\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{B2E2C5D6-D1EC-4568-865F-428473F2AE52}C:\program files\matlab\r2015a\bin\win64\matlab.exe] => (Block) C:\program files\matlab\r2015a\bin\win64\matlab.exe FirewallRules: [UDP Query User{83091B25-F2EC-4B9D-9C44-B2902917C2F3}C:\program files\matlab\r2015a\bin\win64\matlab.exe] => (Block) C:\program files\matlab\r2015a\bin\win64\matlab.exe FirewallRules: [TCP Query User{0394A241-3072-4194-B5C5-75A7B1B9E3A1}C:\program files\eplan\platform\2.4.4\bin\eplan.exe] => (Allow) C:\program files\eplan\platform\2.4.4\bin\eplan.exe FirewallRules: [UDP Query User{2B772252-8BF8-4DCB-9005-F4DE851E182C}C:\program files\eplan\platform\2.4.4\bin\eplan.exe] => (Allow) C:\program files\eplan\platform\2.4.4\bin\eplan.exe FirewallRules: [{89032B5D-AA41-4A4D-986E-6B47AA05E634}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{9E0B6819-8C09-4495-B96C-6D4B8B176A73}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{D10F23A2-B0C0-46E1-B44D-09BF3E56FED7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{D2600171-04D8-4CB0-A2B9-9C92D49D6916}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{DAF31B49-3EC3-42CF-BDD3-8FF55EDB6FD4}] => (Allow) C:\Windows\system32\hasplms.exe FirewallRules: [{9E54E1B5-D2E0-41EB-8188-6FBBB29C4DC7}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{04C2AD4A-60A8-404D-B6EF-ACD7387B8F7A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{C7EB9460-AAAA-4287-80CB-899EB6841E07}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{83203190-BE92-485C-8203-D0F6A9C2A54C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{EDD3C3C1-AA99-4A10-A352-AF88856D4F50}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{41FB0472-8D91-4603-A85D-5C6D8A0ACB26}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{09247146-04E6-4539-BE4B-05378610D80C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{A72DC39A-B69F-41ED-8C55-599120AD4234}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{1DB15EDF-6125-408B-B392-C98F9A7B54D0}C:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Allow) C:\program files (x86)\wolfenstein - enemy territory\et.exe FirewallRules: [UDP Query User{EF99A1EF-0495-4C2F-83DE-9E33E638620C}C:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Allow) C:\program files (x86)\wolfenstein - enemy territory\et.exe FirewallRules: [TCP Query User{733FCD0E-86DB-47BA-AABF-ADAC4F56F6C6}C:\users\artur\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\artur\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{7EDE3A23-8EC2-44CD-AD27-8A8847E8D726}C:\users\artur\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\artur\appdata\local\akamai\netsession_win.exe FirewallRules: [{2208E325-38A4-40E8-9BF5-9F60B57D99F1}] => (Allow) LPort=50248 FirewallRules: [{1DD3FF5D-DCBC-4A3D-8879-6927FE53469C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{D2261533-21CB-49FB-8687-B8072ABE0A32}] => (Allow) LPort=49191 FirewallRules: [{95D7C86A-4ACE-4628-A210-56354F682D85}] => (Allow) LPort=5000 ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= Name: Kontroler PCI Simple Communications Description: Kontroler PCI Simple Communications Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: SafeNet Inc. USB Key Description: SafeNet Inc. USB Key Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: SafeNet Inc. Service: aksusb Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: SafeNet Inc. USB Key Description: SafeNet Inc. USB Key Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: SafeNet Inc. Service: aksusb Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Error: (10/14/2015 03:01:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/14/2015 03:01:21 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (10/14/2015 04:16:41 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/14/2015 02:13:24 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/14/2015 02:11:53 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (10/14/2015 01:43:55 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (10/14/2015 01:35:28 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/14/2015 01:34:10 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (10/13/2015 02:28:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/13/2015 02:27:25 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Dziennik System: ============= Error: (10/14/2015 03:01:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error: (10/14/2015 03:01:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error: (10/14/2015 08:15:27 AM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Usługa Instalator modułów systemu Windows nie została poprawnie zamknięta po odebraniu kodu sterującego przed zamknięciem. Error: (10/14/2015 02:11:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error: (10/14/2015 02:11:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error: (10/14/2015 01:34:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error: (10/14/2015 01:34:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error: (10/13/2015 02:27:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 Error: (10/13/2015 02:27:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą PLAY ONLINE. OUC. Error: (10/13/2015 02:27:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi PLAY ONLINE. OUC z powodu następującego błędu: %%1053 CodeIntegrity: =================================== Date: 2015-10-11 15:13:14.284 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix12\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-10-11 15:13:14.268 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix12\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz Procent pamięci w użyciu: 44% Całkowita pamięć fizyczna: 3766.71 MB Dostępna pamięć fizyczna: 2101.59 MB Całkowita pamięć wirtualna: 7531.62 MB Dostępna pamięć wirtualna: 5618.98 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:452.66 GB) (Free:300.51 GB) NTFS ==>[dysk z komponentami startowymi (pozyskano odczytując BCD)] ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4E4E7306) Partition 1: (Active) - (Size=452.7 GB) - (Type=07 NTFS) ==================== Koniec Addition.txt ============================