Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja:03-06-2016 Uruchomiony przez MATI (2016-06-04 18:46:17) Uruchomiony z C:\Users\MATI\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2014-06-15 13:20:54) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= Administrator (S-1-5-21-3673331447-2353019945-3897446612-500 - Administrator - Disabled) Gość (S-1-5-21-3673331447-2353019945-3897446612-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3673331447-2353019945-3897446612-1002 - Limited - Enabled) MATI (S-1-5-21-3673331447-2353019945-3897446612-1000 - Administrator - Enabled) => C:\Users\MATI ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{1BC4B13F-E8DC-495B-EC8F-6701438612C2}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.) ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.84.7-110328a-122721C-Lenovo - ATI Technologies, Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.4.51 - Conexant) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.3.0 - Lenovo) Energy Management (x32 Version: 6.0.3.0 - Lenovo) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation) Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7400 - Broadcom Corporation) Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.10.1209.1 - Lenovo EasyCamera) Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3603 - CyberLink Corp.) Lenovo YouCam (x32 Version: 3.1.3603 - CyberLink Corp.) Hidden Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo) Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Mozilla Firefox 35.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 pl)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla) Oprogramowanie Intel(R) PROSet/Wireless WiFi (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10003 - Realtek Semiconductor Corp.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.0.0 - Synaptics Incorporated) WinRAR 4.00 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) ==================== Niestandardowe rejestracje CLSID (filtrowane): ========================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) ==================== Zaplanowane zadania (filtrowane) ============= (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) Task: {1BEBD08B-AB03-41F9-AE84-819B97CFF61E} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2010-12-05] (CyberLink) Task: {32D5779D-2326-42B1-8A9F-35DE45BDACC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.) Task: {40D812AA-3D5A-402A-9ABE-E0999F5A4050} - System32\Tasks\{D186E58A-0998-4A79-9710-6A52BF78576F} => pcalua.exe -a C:\Users\MATI\Desktop\MinecraftZyczu.exe -d C:\Users\MATI\Desktop Task: {4699E718-F53F-484B-AEDE-59764BD6EED3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd) Task: {684ED856-914A-4D22-A20F-D1D179A12E2A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: {7622F683-AD58-4602-A164-5884A850EDCD} - System32\Tasks\{0033916F-4A46-47D3-B912-31BCAD9246A9} => pcalua.exe -a "C:\Users\MATI\Desktop\MinecraftZyczu (2).exe" -d C:\Users\MATI\Desktop Task: {B04C4103-564C-465D-BBF0-1EE14758AB25} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-09] (Adobe Systems Incorporated) Task: {DF40EE69-4123-4CB3-B113-A19B8DD9CF4B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-29] (Google Inc.) (Załączenie wejścia w fixlist spowoduje przesunięcie pliku zadania (.job). Plik uruchamiany docelowo przez zadanie nie zostanie przeniesiony.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Skróty ============================= (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) ==================== Załadowane moduły (filtrowane) ============== 2011-01-05 12:53 - 2011-01-05 12:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2014-06-15 15:30 - 2011-09-26 12:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2011-01-05 12:53 - 2011-01-05 12:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll 2014-12-06 16:06 - 2014-12-06 17:48 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-12-06 16:06 - 2014-12-06 17:48 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2015-02-09 22:54 - 2015-01-23 12:37 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-12-05 23:03 - 2014-12-05 23:03 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\17c296575fad30d021e6370dc70cf800\IsdiInterop.ni.dll 2014-06-15 15:40 - 2011-02-18 08:16 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (filtrowane) ========= (Załączenie wejścia w fixlist spowoduje usunięcie strumienia ADS.) ==================== Tryb awaryjny (filtrowane) =================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) ==================== Powiązania plików (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci.) ==================== Internet Explorer - Witryny zaufane i z ograniczeniami =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru.) ==================== Hosts - zawartość: =============================== (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Inne obszary ============================ (Obecnie brak automatycznej naprawy dla tej sekcji.) HKU\S-1-5-21-3673331447-2353019945-3897446612-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MATI\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Zapora systemu Windows [funkcja włączona] ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Obecnie brak automatycznej naprawy dla tej sekcji.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup MSCONFIG\startupreg: CCleaner => "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: Energy Management => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe MSCONFIG\startupreg: EnergyUtility => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s ==================== Reguły Zapory systemu Windows (filtrowane) =============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [{6EDD1AAC-1711-4AE5-AB77-98E5A8344C37}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{99DA2468-C9FD-465F-B91E-D565018C26DE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{E7409057-9EA6-41C8-BF09-BC4572B42882}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{77F071F7-E864-4FA6-AABA-DEF1FEC403D4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{F66375C9-03B1-4559-8A03-694C1A2C0B8A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{1CA2EF7D-F091-49DD-88E5-AA4BA4004659}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E1EE2D27-5738-43B0-BA3E-2FB1E8768FAA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B38C8286-B7B5-470B-82DE-B64D7EE16165}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Punkty Przywracania systemu ========================= 22-05-2016 16:22:47 Kopia zapasowa systemu Windows 22-05-2016 16:31:40 Installed Oracle VM VirtualBox 5.0.20 22-05-2016 17:12:33 Kopia zapasowa systemu Windows 22-05-2016 17:18:27 Operacja przywracania 04-06-2016 18:45:35 Kopia zapasowa systemu Windows ==================== Wadliwe urządzenia w Menedżerze urządzeń ============= ==================== Błędy w Dzienniku zdarzeń: ========================= Dziennik Aplikacja: ================== Dziennik System: ============= Error: (05/31/2016 07:41:08 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (05/31/2016 07:11:20 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (05/31/2016 06:53:04 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (05/31/2016 03:37:33 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (05/31/2016 03:37:29 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/31/2016 03:25:53 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} CodeIntegrity: =================================== Date: 2014-06-15 16:11:14.603 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-06-15 16:11:14.229 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Statystyki pamięci =========================== Procesor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz Procent pamięci w użyciu: 42% Całkowita pamięć fizyczna: 8135.86 MB Dostępna pamięć fizyczna: 4696.03 MB Całkowita pamięć wirtualna: 16269.9 MB Dostępna pamięć wirtualna: 12253.59 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:348.26 GB) (Free:303.6 GB) NTFS Drive d: (Nowy) (Fixed) (Total:234.37 GB) (Free:229.39 GB) NTFS Drive e: (Backup) (Fixed) (Total:101.05 GB) (Free:25.22 GB) NTFS ==================== MBR & Tablica partycji ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 7F171C80) Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=348.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=335.4 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12) ==================== Koniec Addition.txt ============================