Maksymalne obciążenie karty graficznej podczas spoczynku.

**Posty:** 7 · przez **Marw** 14 Maj 2014, 07:52

Witam.Poruszałem już ten temat w Kartach Graficznych pod tym samym tytułem,jednak po kilku dniach obserwacji postanowiłem temat przenieść tutaj.Posty z tamtego forum znajdziecie tutaj: http://forum.benchma...n/#entry1412021. Otóż stwierdziłem bardzo mocne obciążenie mojej karty graficznej podczas spoczynku i po tamtym poście poradzono mi bym przeskanował komputer programem Malwarebytes sugerując mi że mam jakiś syf w kompie lub też ktoś kopie za pomocą mojego komputera walutę.Tak też zrobiłem i przeskanowanie pomogło.Jednak po ponownym uruchomieniu karta graficzna będąc w spoczynku znowu zaczęła pracować ile tylko jej fabryka dała.Pragnę dodać że dzieje się to tak tylko wtedy jeżeli mam połączenie z internetem ale nie muszę mieć uruchomionej żadnej przeglądarki ani otwartej żadnej strony.Jeżeli tylko odetnę dostęp do internetu ( wyjmę wi-fi lub kabel z kompa) problem znika, taktowania karty spadają i chodzi sobie na najniższych obrotach. Poradziłem się znajomego informatyka i ten z kolei poradził mi by potraktować kompa programem ComboFix.Oczywiście po przeskanowaniu problem zniknął,lecz znowu po ponownym uruchomieniu kompa było to samo.Co ciekawe,jeżeli zrobię tak: Przeskanuję ComboFixem ( wtedy oczywiście jest wszystko ok)następnie odetnę dostęp do internetu,ponownie uruchomię kompa,i ponownie włożę kartę wi-fi to o dziwo jest wszystko ok!Nie wiem już co robić.Najwidoczniej ten wirus czy jakby to nie nazwać uaktywnia się przy ponownym uruchomieniu komputera ale warunkiem jest to,aby był wtedy dostęp do internetu.Jeszcze jedna uwaga: jeżeli wyłączę monitor z palca to już wtedy jest tragedia.Wiatraki na karcie chce powyrywać,temperatura 80 stopni...Moja karta to Gigabyte GTX 770, proc I5 4670K, płyta gł. Gigabyte Z87P-D3.

Wkleję jeszcze loga z ComboFixa.Zawsze usuwa to samo.Oczywiście jak ponownie uruchamiam kompa gdy odetnę dostęp do internetu i po tym przeskanuję go to program nic nie znajduje.Będę wdzięczny za wszystkie wskazówki i zdaję sobie sprawę że format jest lekarstwem na wszystko lecz chciałbym tego uniknąć.A oto log:

Kod: Zaznacz wszystko: ComboFix 14-05-07.03 - NEW1 2014-05-08 23:10:48.3.4 - x64 Microsoft Windows 7 Enterprise 6.1.7601.1.1250.48.1045.18.8080.6385 [GMT 2:00] Uruchomiony z: e:\programy\ComboFix.exe SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\NEW1\AppData\Local\Temp\RarSFX0\cudart32_55.dll c:\users\NEW1\AppData\Local\Temp\RarSFX0\klp11svc.exe c:\users\NEW1\AppData\Local\Temp\RarSFX0\pthreadVC2.dll c:\users\NEW1\AppData\Local\Temp\RarSFX0\SystemWhileIdle.exe c:\users\NEW1\AppData\Local\Temp\RarSFX2\cudart32_55.dll c:\users\NEW1\AppData\Local\Temp\RarSFX2\klp11svc.exe c:\users\NEW1\AppData\Local\Temp\RarSFX2\pthreadVC2.dll c:\users\NEW1\AppData\Local\Temp\RarSFX2\SystemWhileIdle.exe . . ((((((((((((((((((((((((( Pliki utworzone od 2014-04-08 do 2014-05-08 ))))))))))))))))))))))))))))))) . . 2014-05-08 21:16 . 2014-05-08 21:16 -------- d-----w- c:\users\wangzhisong\AppData\Local\temp 2014-05-08 21:16 . 2014-05-08 21:16 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-05-06 19:44 . 2014-05-06 19:44 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins 2014-05-05 21:20 . 2014-05-05 21:20 -------- d-----w- c:\users\NEW1\AppData\Roaming\Wireshark 2014-05-05 21:09 . 2014-05-05 21:09 -------- d-----w- c:\program files (x86)\WinPcap 2014-05-05 21:09 . 2014-05-05 21:09 -------- d-----w- c:\program files (x86)\Wireshark 2014-05-05 18:52 . 2014-05-08 19:15 119512 ----a-w- c:\windows\system32\drivers\48230029.sys 2014-05-03 18:21 . 2014-05-08 21:17 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-05-03 18:21 . 2014-05-03 18:21 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2014-05-03 18:21 . 2014-05-03 18:21 -------- d-----w- c:\programdata\Malwarebytes 2014-05-03 18:21 . 2014-04-03 07:51 63192 ----a-w- c:\windows\system32\drivers\mwac.sys 2014-05-03 18:21 . 2014-04-03 07:51 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-05-03 18:21 . 2014-04-03 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-05-03 17:46 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll 2014-05-02 10:32 . 2014-05-02 10:32 -------- d-----w- C:\Temp 2014-05-02 10:29 . 2014-05-02 10:29 -------- d-----w- c:\program files\Futuremark 2014-05-02 05:04 . 2001-09-05 02:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll 2014-05-02 05:04 . 2001-09-05 02:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll 2014-05-02 05:04 . 2001-09-05 02:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll 2014-05-02 05:04 . 2001-09-05 02:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll 2014-05-02 05:04 . 2014-05-02 05:04 -------- d-----w- C:\SWSetup 2014-05-02 05:04 . 2006-01-19 07:19 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe 2014-05-01 18:31 . 2014-03-26 21:40 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2014-05-01 18:27 . 2014-05-01 18:27 -------- d-----w- C:\NVIDIA 2014-05-01 17:35 . 2014-05-04 08:18 -------- d-----w- c:\users\NEW1\AppData\Roaming\NVIDIA 2014-05-01 17:32 . 2014-03-27 02:11 6768584 ----a-w- c:\windows\system32\nvcpl.dll 2014-05-01 17:32 . 2014-03-27 02:11 3512664 ----a-w- c:\windows\system32\nvsvc64.dll 2014-05-01 17:32 . 2014-03-27 02:11 927520 ----a-w- c:\windows\system32\nvvsvc.exe 2014-05-01 17:32 . 2014-03-27 02:11 63776 ----a-w- c:\windows\system32\nvshext.dll 2014-05-01 17:32 . 2014-03-27 02:11 386336 ----a-w- c:\windows\system32\nvmctray.dll 2014-05-01 17:32 . 2014-03-27 02:11 2558808 ----a-w- c:\windows\system32\nvsvcr.dll 2014-05-01 17:32 . 2014-03-24 10:31 3683457 ----a-w- c:\windows\system32\nvcoproc.bin 2014-04-27 12:12 . 2014-04-27 12:13 -------- d-----w- c:\users\NEW1\AppData\Roaming\DarkSoulsII 2014-04-27 12:12 . 2014-04-27 12:12 -------- d-----w- c:\users\NEW1\AppData\Roaming\Systems Cache 2014-04-20 21:24 . 2014-04-21 04:50 -------- d-----w- c:\program files (x86)\DEHR 2014-04-20 20:46 . 2014-04-20 20:52 -------- d-----w- c:\program files (x86)\dumps 2014-04-20 20:45 . 2014-04-20 20:45 -------- d-----w- c:\program files (x86)\Common Files\Steam 2014-04-20 19:26 . 2014-04-21 08:16 -------- d-----w- c:\users\NEW1\AppData\Local\dxhr 2014-04-20 19:18 . 2014-04-20 19:18 -------- d-----w- c:\users\NEW1\AppData\Local\238010 2014-04-20 13:06 . 2014-05-08 21:17 25640 ----a-w- c:\windows\gdrv.sys . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-05-02 04:07 . 2014-02-09 16:59 15648 ----a-w- c:\windows\system32\drivers\nvflash.sys 2014-05-01 18:40 . 2013-12-26 20:56 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2014-05-01 18:40 . 2013-10-13 11:28 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2014-04-15 19:28 . 2013-10-13 11:25 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2014-04-02 13:27 . 2013-10-29 06:41 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll 2014-04-02 13:27 . 2013-10-29 06:41 1225920 ----a-w- c:\windows\system32\nvspcap64.dll 2014-03-31 18:15 . 2013-10-18 08:19 25640 ----a-w- c:\windows\etdrv.sys 2014-03-27 12:45 . 2014-03-12 17:57 9697128 ----a-w- c:\windows\SysWow64\nvopencl.dll 2014-03-27 12:45 . 2014-03-12 17:57 952440 ----a-w- c:\windows\system32\nvumdshimx.dll 2014-03-27 12:45 . 2014-03-12 17:57 18493952 ----a-w- c:\windows\system32\nvwgf2umx.dll 2014-03-27 12:45 . 2014-03-12 17:57 166568 ----a-w- c:\windows\system32\nvinitx.dll 2014-03-27 12:45 . 2014-03-12 17:57 146480 ----a-w- c:\windows\SysWow64\nvinit.dll 2014-03-27 12:45 . 2014-03-12 17:57 14422856 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2014-03-27 12:45 . 2014-03-12 17:57 3106688 ----a-w- c:\windows\system32\nvapi64.dll 2014-03-27 12:45 . 2014-03-12 17:57 2728160 ----a-w- c:\windows\SysWow64\nvapi.dll 2014-03-23 09:09 . 2013-10-18 08:19 27 ----a-w- c:\windows\cli.bat 2014-03-23 09:09 . 2013-10-18 08:19 1648000 ----a-w- c:\windows\rstcli.exe 2014-03-21 19:43 . 2014-04-07 19:01 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys 2014-03-21 19:43 . 2014-04-07 19:01 33568 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll 2014-03-21 19:43 . 2013-10-29 06:39 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll 2014-03-12 18:15 . 2013-10-13 10:50 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-03-12 18:15 . 2013-10-13 10:50 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-03-04 14:35 . 2014-03-12 17:57 1885472 ----a-w- c:\windows\system32\nvdispco6433523.dll 2014-03-04 14:35 . 2014-03-12 17:57 1516488 ----a-w- c:\windows\system32\nvdispgenco6433523.dll 2014-02-25 17:31 . 2014-03-20 10:59 252704 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2014-02-25 17:27 . 2014-03-20 10:58 126752 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2014-02-25 17:27 . 2014-02-25 17:27 154912 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys 2014-02-25 17:27 . 2014-02-25 17:27 140576 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys 2014-02-25 17:27 . 2014-02-25 17:27 113952 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys 2014-02-25 17:24 . 2014-02-25 17:24 204064 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll 2014-02-09 17:10 . 2013-12-26 20:56 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-03-06 291128] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "SensorDetector"="c:\program files (x86)\GIGABYTE\EasyTune\PreSensorDetector.exe" [2013-04-09 9728] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime . R1 UsbCharger;UsbCharger;c:\windows\system32\DRIVERS\UsbCharger.sys;c:\windows\SYSNATIVE\DRIVERS\UsbCharger.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 ALSysIO;ALSysIO;c:\users\NEW1\AppData\Local\Temp\ALSysIO64.sys;c:\users\NEW1\AppData\Local\Temp\ALSysIO64.sys [x] R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x] R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe;c:\program files\BitComet\tools\BitCometService.exe [x] R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x] R3 cpuz136;cpuz136;c:\users\NEW1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys;c:\users\NEW1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x] R3 cpuz137;cpuz137;c:\windows\TEMP\cpuz137\cpuz137_x64.sys;c:\windows\TEMP\cpuz137\cpuz137_x64.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x] R3 etocdrv;etocdrv;c:\windows\system32\etocdrv.sys;c:\windows\SYSNATIVE\etocdrv.sys [x] R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x] R3 GPU-Z;GPU-Z;c:\users\NEW1\AppData\Local\Temp\GPU-Z.sys;c:\users\NEW1\AppData\Local\Temp\GPU-Z.sys [x] R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x] R3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x] R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x] R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x] R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x] R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x] R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x] S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x] S0 iusb3hcs;Sterownik przełącznika kontrolera hosta Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x] S1 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x] S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x] S3 IntcDAud;Audio dla wyświetlaczy Intel®;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 iusb3hub;Sterownik koncentratora Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] S3 iusb3xhc;Sterownik kontrolera hosta Intel® USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x] S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x] S3 netr7364;Sterownik karty RT73 USB Wireless LAN dla systemu Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x] S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x] . . --- Inne Usługi/Sterowniki w Pamięci --- . *NewlyCreated* - MBAMSWISSARMY *NewlyCreated* - MBAMWEBACCESSCONTROL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-05-01 10:02 1078088 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe . Zawartość folderu 'Zaplanowane zadania' . 2014-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11 14:21] . 2014-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11 14:21] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-22 165872] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-22 407536] "Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-22 441840] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-02-26 13423688] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-02 1225920] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-02 2201032] "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584] "System Idle"="c:\users\NEW1\AppData\Roaming\Systems Cache\IdleServ.exe" [2014-04-25 147456] "CrashHandle"="c:\users\NEW1\AppData\Local\Temp\RarSFX2\SystemWhileIdle.exe" [BU] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com mDefault_Search_URL = hxxp://www.google.com mDefault_Page_URL = hxxp://www.google.com mStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm mSearch Page = hxxp://www.google.com IE: &P&obierz &za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: Pobierz wszystko za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 . - - - - USUNIĘTO PUSTE WPISY - - - - . ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} - (no file) . . . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_USERS\S-1-5-21-2029661028-1285491316-369974877-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:a3,28,3a,7d,e5,f9,db,48,d2,c6,a9,bd,59,a8,3b,ad,7e,ee,0d,13,7f,4e,56, 6b,a8,0a,f3,b1,45,12,8c,af,2c,e6,4e,31,d0,a4,a2,04,6e,ab,ff,28,00,1e,86,fb,\ "??"=hex:88,7b,b8,6e,f7,8d,a4,88,56,af,c9,ba,1d,83,12,d5 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.12" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Czas ukończenia: 2014-05-08 23:19:52 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2014-05-08 21:19 ComboFix2.txt 2014-05-08 20:34 ComboFix3.txt 2014-05-07 17:14 . Przed: 33 924 165 632 bajtów wolnych Po: 33 808 797 696 bajtów wolnych . - - End Of File - - 18F33568AF803584A3F6158CE04C2344 A36C5E4F47E84449FF07ED3517B43A31 I NASTĘPNY: ComboFix 14-05-07.03 - NEW1 2014-05-09 20:36:29.6.4 - x64 Microsoft Windows 7 Enterprise 6.1.7601.1.1250.48.1045.18.8080.6080 [GMT 2:00] Uruchomiony z: c:\users\NEW1\Desktop\ComboFix.exe AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\NEW1\AppData\Local\Temp\RarSFX0\cudart32_55.dll c:\users\NEW1\AppData\Local\Temp\RarSFX0\klp11svc.exe c:\users\NEW1\AppData\Local\Temp\RarSFX0\pthreadVC2.dll c:\users\NEW1\AppData\Local\Temp\RarSFX0\SystemWhileIdle.exe . . ((((((((((((((((((((((((( Pliki utworzone od 2014-04-09 do 2014-05-09 ))))))))))))))))))))))))))))))) . . 2014-05-09 18:42 . 2014-05-09 18:42 -------- d-----w- c:\users\wangzhisong\AppData\Local\temp 2014-05-09 18:42 . 2014-05-09 18:42 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-05-09 18:17 . 2014-05-09 18:17 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS 2014-05-09 18:17 . 2014-05-09 18:17 -------- d-----w- c:\program files\Symantec 2014-05-09 18:17 . 2014-05-09 18:17 -------- d-----w- c:\program files\Common Files\Symantec Shared 2014-05-09 18:16 . 2014-05-09 18:16 -------- d-----w- c:\windows\system32\drivers\NISx64 2014-05-09 18:16 . 2014-05-09 18:16 -------- d-----w- c:\program files (x86)\Norton Internet Security 2014-05-09 18:15 . 2014-05-09 18:15 -------- d-----w- c:\program files (x86)\NortonInstaller 2014-05-06 19:44 . 2014-05-06 19:44 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins 2014-05-05 21:20 . 2014-05-05 21:20 -------- d-----w- c:\users\NEW1\AppData\Roaming\Wireshark 2014-05-05 21:09 . 2014-05-05 21:09 -------- d-----w- c:\program files (x86)\WinPcap 2014-05-05 21:09 . 2014-05-05 21:09 -------- d-----w- c:\program files (x86)\Wireshark 2014-05-05 18:52 . 2014-05-08 19:15 119512 ----a-w- c:\windows\system32\drivers\48230029.sys 2014-05-03 18:21 . 2014-05-09 18:14 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-05-03 18:21 . 2014-05-03 18:21 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2014-05-03 18:21 . 2014-05-03 18:21 -------- d-----w- c:\programdata\Malwarebytes 2014-05-03 18:21 . 2014-04-03 07:51 63192 ----a-w- c:\windows\system32\drivers\mwac.sys 2014-05-03 18:21 . 2014-04-03 07:51 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-05-03 18:21 . 2014-04-03 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-05-03 17:46 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll 2014-05-02 10:32 . 2014-05-02 10:32 -------- d-----w- C:\Temp 2014-05-02 10:29 . 2014-05-02 10:29 -------- d-----w- c:\program files\Futuremark 2014-05-02 05:04 . 2001-09-05 02:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll 2014-05-02 05:04 . 2001-09-05 02:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll 2014-05-02 05:04 . 2001-09-05 02:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll 2014-05-02 05:04 . 2001-09-05 02:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll 2014-05-02 05:04 . 2014-05-02 05:04 -------- d-----w- C:\SWSetup 2014-05-02 05:04 . 2006-01-19 07:19 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe 2014-05-01 18:31 . 2014-03-26 21:40 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2014-05-01 18:27 . 2014-05-01 18:27 -------- d-----w- C:\NVIDIA 2014-05-01 17:35 . 2014-05-04 08:18 -------- d-----w- c:\users\NEW1\AppData\Roaming\NVIDIA 2014-05-01 17:32 . 2014-03-27 02:11 6768584 ----a-w- c:\windows\system32\nvcpl.dll 2014-05-01 17:32 . 2014-03-27 02:11 3512664 ----a-w- c:\windows\system32\nvsvc64.dll 2014-05-01 17:32 . 2014-03-27 02:11 927520 ----a-w- c:\windows\system32\nvvsvc.exe 2014-05-01 17:32 . 2014-03-27 02:11 63776 ----a-w- c:\windows\system32\nvshext.dll 2014-05-01 17:32 . 2014-03-27 02:11 386336 ----a-w- c:\windows\system32\nvmctray.dll 2014-05-01 17:32 . 2014-03-27 02:11 2558808 ----a-w- c:\windows\system32\nvsvcr.dll 2014-05-01 17:32 . 2014-03-24 10:31 3683457 ----a-w- c:\windows\system32\nvcoproc.bin 2014-04-27 12:12 . 2014-04-27 12:13 -------- d-----w- c:\users\NEW1\AppData\Roaming\DarkSoulsII 2014-04-27 12:12 . 2014-04-27 12:12 -------- d-----w- c:\users\NEW1\AppData\Roaming\Systems Cache 2014-04-20 21:24 . 2014-04-21 04:50 -------- d-----w- c:\program files (x86)\DEHR 2014-04-20 20:46 . 2014-04-20 20:52 -------- d-----w- c:\program files (x86)\dumps 2014-04-20 20:45 . 2014-04-20 20:45 -------- d-----w- c:\program files (x86)\Common Files\Steam 2014-04-20 19:26 . 2014-04-21 08:16 -------- d-----w- c:\users\NEW1\AppData\Local\dxhr 2014-04-20 19:18 . 2014-04-20 19:18 -------- d-----w- c:\users\NEW1\AppData\Local\238010 2014-04-20 13:06 . 2014-05-09 18:13 25640 ----a-w- c:\windows\gdrv.sys . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-05-02 04:07 . 2014-02-09 16:59 15648 ----a-w- c:\windows\system32\drivers\nvflash.sys 2014-05-01 18:40 . 2013-12-26 20:56 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2014-05-01 18:40 . 2013-10-13 11:28 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2014-04-15 19:28 . 2013-10-13 11:25 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2014-04-02 13:27 . 2013-10-29 06:41 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll 2014-04-02 13:27 . 2013-10-29 06:41 1225920 ----a-w- c:\windows\system32\nvspcap64.dll 2014-03-31 18:15 . 2013-10-18 08:19 25640 ----a-w- c:\windows\etdrv.sys 2014-03-27 12:45 . 2014-03-12 17:57 9697128 ----a-w- c:\windows\SysWow64\nvopencl.dll 2014-03-27 12:45 . 2014-03-12 17:57 952440 ----a-w- c:\windows\system32\nvumdshimx.dll 2014-03-27 12:45 . 2014-03-12 17:57 18493952 ----a-w- c:\windows\system32\nvwgf2umx.dll 2014-03-27 12:45 . 2014-03-12 17:57 166568 ----a-w- c:\windows\system32\nvinitx.dll 2014-03-27 12:45 . 2014-03-12 17:57 146480 ----a-w- c:\windows\SysWow64\nvinit.dll 2014-03-27 12:45 . 2014-03-12 17:57 14422856 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2014-03-27 12:45 . 2014-03-12 17:57 3106688 ----a-w- c:\windows\system32\nvapi64.dll 2014-03-27 12:45 . 2014-03-12 17:57 2728160 ----a-w- c:\windows\SysWow64\nvapi.dll 2014-03-23 09:09 . 2013-10-18 08:19 27 ----a-w- c:\windows\cli.bat 2014-03-23 09:09 . 2013-10-18 08:19 1648000 ----a-w- c:\windows\rstcli.exe 2014-03-21 19:43 . 2014-04-07 19:01 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys 2014-03-21 19:43 . 2014-04-07 19:01 33568 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll 2014-03-21 19:43 . 2013-10-29 06:39 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll 2014-03-12 18:15 . 2013-10-13 10:50 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-03-12 18:15 . 2013-10-13 10:50 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-03-04 14:35 . 2014-03-12 17:57 1885472 ----a-w- c:\windows\system32\nvdispco6433523.dll 2014-03-04 14:35 . 2014-03-12 17:57 1516488 ----a-w- c:\windows\system32\nvdispgenco6433523.dll 2014-02-25 17:31 . 2014-03-20 10:59 252704 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2014-02-25 17:27 . 2014-03-20 10:58 126752 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2014-02-25 17:27 . 2014-02-25 17:27 154912 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys 2014-02-25 17:27 . 2014-02-25 17:27 140576 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys 2014-02-25 17:27 . 2014-02-25 17:27 113952 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys 2014-02-25 17:24 . 2014-02-25 17:24 204064 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll 2014-02-09 17:10 . 2013-12-26 20:56 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-03-06 291128] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime . 2;2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [x] R1 UsbCharger;UsbCharger;c:\windows\system32\DRIVERS\UsbCharger.sys;c:\windows\SYSNATIVE\DRIVERS\UsbCharger.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 ALSysIO;ALSysIO;c:\users\NEW1\AppData\Local\Temp\ALSysIO64.sys;c:\users\NEW1\AppData\Local\Temp\ALSysIO64.sys [x] R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x] R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe;c:\program files\BitComet\tools\BitCometService.exe [x] R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x] R3 cpuz136;cpuz136;c:\users\NEW1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys;c:\users\NEW1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x] R3 cpuz137;cpuz137;c:\windows\TEMP\cpuz137\cpuz137_x64.sys;c:\windows\TEMP\cpuz137\cpuz137_x64.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x] R3 etocdrv;etocdrv;c:\windows\system32\etocdrv.sys;c:\windows\SYSNATIVE\etocdrv.sys [x] R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x] R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x] R3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x] R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x] R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x] R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x] R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x] R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x] S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x] S0 iusb3hcs;Sterownik przełącznika kontrolera hosta Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1400000.088\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1400000.088\SYMDS64.SYS [x] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1400000.088\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1400000.088\SYMEFA64.SYS [x] S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140409.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [x] S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1400000.088\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1400000.088\ccSetx64.sys [x] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140508.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140508.001\IDSvia64.sys [x] S1 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1400000.088\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1400000.088\Ironx64.SYS [x] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\NISx64\1400000.088\SYMNETS.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1400000.088\SYMNETS.SYS [x] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x] S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x] S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe [x] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x] S3 IntcDAud;Audio dla wyświetlaczy Intel®;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 iusb3hub;Sterownik koncentratora Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] S3 iusb3xhc;Sterownik kontrolera hosta Intel® USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x] S3 netr7364;Sterownik karty RT73 USB Wireless LAN dla systemu Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x] S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-05-01 10:02 1078088 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe . Zawartość folderu 'Zaplanowane zadania' . 2014-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11 14:21] . 2014-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11 14:21] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-22 165872] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-22 407536] "Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-22 441840] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-02-26 13423688] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-02 1225920] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-02 2201032] "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584] "System Idle"="c:\users\NEW1\AppData\Roaming\Systems Cache\IdleServ.exe" [2014-04-25 147456] "CrashHandle"="c:\users\NEW1\AppData\Local\Temp\RarSFX0\SystemWhileIdle.exe" [BU] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com mDefault_Search_URL = hxxp://www.google.com mDefault_Page_URL = hxxp://www.google.com mStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm mSearch Page = hxxp://www.google.com IE: &P&obierz &za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: Pobierz wszystko za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 . - - - - USUNIĘTO PUSTE WPISY - - - - . ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS] "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\20.0.0.136\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\20.0.0.136\diMaster.dll\" /prefetch:1" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_USERS\S-1-5-21-2029661028-1285491316-369974877-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:a3,28,3a,7d,e5,f9,db,48,d2,c6,a9,bd,59,a8,3b,ad,7e,ee,0d,13,7f,4e,56, 6b,a8,0a,f3,b1,45,12,8c,af,2c,e6,4e,31,d0,a4,a2,04,6e,ab,ff,28,00,1e,86,fb,\ "??"=hex:88,7b,b8,6e,f7,8d,a4,88,56,af,c9,ba,1d,83,12,d5 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.12" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Czas ukończenia: 2014-05-09 20:46:31 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2014-05-09 18:46 ComboFix2.txt 2014-05-08 21:19 ComboFix3.txt 2014-05-08 20:34 ComboFix4.txt 2014-05-07 17:14 . Przed: 32 178 868 224 bajtów wolnych Po: 32 122 474 496 bajtów wolnych . - - End Of File - - 3AA5731CC5B61772AB73FAFEDBCE2F91 A36C5E4F47E84449FF07ED3517B43A31

**Posty:** 2183 · przez **NieWiem** 14 Maj 2014, 08:11

1. Informatykowi powiedz że jest debilem, niech sobie mózg przeskanuje ComboFixem. Może nie wstanie po restarcie.
2. Rzeczywiście, Twój komputer kopie walutę.
3. Popraw link bo nie działa, chętnie się dowiem co tam wcześniej było grzebane.

Pobierz FRST w wersji zgodnej z Twoim systemem - 64bit.
Zapisz na pulpicie, uruchom, kliknij scan.
Wygeneruje dwa logi. Obydwa proszę załączyć na forum.

**Posty:** 7 · przez **Marw** 14 Maj 2014, 08:46

Dzięki za zainteresowanie.Poprawiony mam nadzieję link: http://forum.benchmark.pl/topic/129294-obci%C4%85%C5%BCenie-gigabyte-gtx-a-770-przez-kart%C4%99-sieciow%C4%85-rt73-usb-wireless-lan/#entry1421733 Przeskanowałem,a oto logi:

Kod: Zaznacz wszystko: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01 Ran by NEW1 (administrator) on KMAREK on 14-05-2014 08:37:14 Running from E:\Programy Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe () C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (PixArt Imaging Incorporation) C:\Windows\Pixart\Pac7302\Monitor.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (techPowerUp (http://www.techpowerup.com)) C:\Users\NEW1\Desktop\Nowy folder\GPU-Z.0.7.8.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-26] (Realtek Semiconductor) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation) HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation) HKLM\...\Run: [System Idle] => C:\Users\NEW1\AppData\Roaming\Systems Cache\IdleServ.exe [147456 2014-04-25] (Microsoft) HKLM\...\Run: [CrashHandle] => C:\Users\NEW1\AppData\Local\Temp\RarSFX0\SystemWhileIdle.exe <===== ATTENTION HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2029661028-1285491316-369974877-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) HKU\S-1-5-21-2029661028-1285491316-369974877-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation) AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-03-27] (NVIDIA Corporation) AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-03-27] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 FireFox: ======== FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF [2014-05-09] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ [] Chrome: ======= CHR HomePage: CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.) CHR Extension: (Norton Identity Safe for Google Chrome™) - C:\Users\NEW1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2014-05-12] CHR Extension: (YouTube) - C:\Users\NEW1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-02] CHR Extension: (Szukaj w Google) - C:\Users\NEW1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-02] CHR Extension: (AdBlock Premium) - C:\Users\NEW1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2013-11-02] CHR Extension: (Google Wallet) - C:\Users\NEW1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-02] CHR Extension: (Gmail) - C:\Users\NEW1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-02] CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\Exts\Chrome.crx [2014-05-12] ==================== Services (Whitelisted) ================= S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (http://www.BitComet.com) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-02-28] (Futuremark) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-09] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) ==================== Drivers (Whitelisted) ==================== R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] () R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-04-09] (Symantec Corporation) R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-11] (Disc Soft Ltd) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-05-09] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-05-09] (Symantec Corporation) S3 etocdrv; C:\Windows\system32\etocdrv.sys [14928 2013-04-09] (Giga-Byte Technology CO., LTD.) R3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] () R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation) R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140513.002\IDSvia64.sys [525016 2014-05-08] (Symantec Corporation) R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [88280 2014-04-03] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-14] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation) R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140513.018\ENG64.SYS [126040 2014-05-09] (Symantec Corporation) R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140513.018\EX64.SYS [2099288 2014-05-09] (Symantec Corporation) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation) S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (PixArt Imaging Inc.) S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1528976 2013-03-05] (Realtek Semiconductor Corporation ) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-10-28] (Duplex Secure Ltd.) R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1405000.01C\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1405000.01C\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\NISx64\1405000.01C\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NISx64\1405000.01C\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-05-11] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation) S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21072 2013-03-27] () S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113952 2014-02-25] (Oracle Corporation) U3 a1j3k7rt; C:\Windows\System32\Drivers\a1j3k7rt.sys [0 ] (Intel Corporation) S3 ALSysIO; \??\C:\Users\NEW1\AppData\Local\Temp\ALSysIO64.sys [X] S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X] R3 GPU-Z; \??\C:\Users\NEW1\AppData\Local\Temp\GPU-Z.sys [X] S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X] S3 motccgp; system32\DRIVERS\motccgp.sys [X] S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X] S3 motmodem; system32\DRIVERS\motmodem.sys [X] S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X] S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X] S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-14 08:37 - 2014-05-14 08:37 - 00000000 ____D () C:\FRST 2014-05-14 08:01 - 2014-05-14 08:01 - 00000906 _____ () C:\Users\NEW1\Desktop\adwcleaner.lnk 2014-05-14 07:25 - 2014-05-14 07:25 - 00028063 _____ () C:\ComboFix.txt 2014-05-12 20:29 - 2014-05-12 20:29 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security 2014-05-12 20:02 - 2014-05-12 20:09 - 00000097 _____ () C:\Users\NEW1\Desktop\Nowy dokument tekstowy.txt 2014-05-12 00:45 - 2014-05-12 11:05 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0 2014-05-11 21:57 - 2014-05-11 22:20 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys 2014-05-11 17:16 - 2014-05-11 17:16 - 00000691 _____ () C:\Users\Public\Desktop\3DMark.lnk 2014-05-11 17:10 - 2014-05-11 17:10 - 00297936 _____ () C:\Windows\Minidump\051114-20420-01.dmp 2014-05-11 15:04 - 2014-05-11 15:04 - 00001607 _____ () C:\Users\NEW1\Desktop\EasyTune — skrót.lnk 2014-05-11 14:32 - 2014-05-11 18:31 - 00000000 ____D () C:\Users\NEW1\Documents\3DMark 2014-05-09 21:42 - 2014-05-09 21:42 - 00002751 _____ () C:\Users\Public\Desktop\GIGABYTE OC_GURU.lnk 2014-05-09 21:35 - 2014-05-09 21:35 - 00002989 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk 2014-05-09 21:35 - 2014-05-09 21:35 - 00000000 ____D () C:\Intel 2014-05-09 20:17 - 2014-05-12 20:29 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration 2014-05-09 20:17 - 2014-05-12 20:29 - 00002507 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk 2014-05-09 20:17 - 2014-05-11 16:19 - 00177312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 2014-05-09 20:17 - 2014-05-11 16:19 - 00007631 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT 2014-05-09 20:17 - 2014-05-09 20:17 - 00000000 ____D () C:\Program Files\Symantec 2014-05-09 20:17 - 2014-05-09 20:17 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared 2014-05-09 20:16 - 2014-05-12 20:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security 2014-05-09 20:16 - 2014-05-12 20:29 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64 2014-05-09 20:16 - 2014-05-09 20:16 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security 2014-05-09 06:55 - 2014-05-14 07:17 - 05200050 ____R (Swearware) C:\Users\NEW1\Desktop\ComboFix.exe 2014-05-08 23:20 - 2014-05-11 06:54 - 00000000 ____D () C:\Users\NEW1\Desktop\Logi Combofix 2014-05-07 19:03 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-05-07 19:03 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-05-07 19:03 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-05-07 19:03 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-05-07 19:03 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-05-07 19:03 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-05-07 19:03 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-05-07 19:03 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-05-07 19:01 - 2014-05-14 07:25 - 00000000 ____D () C:\Qoobox 2014-05-07 19:01 - 2014-05-07 19:13 - 00000000 ____D () C:\Windows\erdnt 2014-05-07 17:20 - 2014-05-07 17:20 - 00000539 _____ () C:\Users\Public\Desktop\Outlast Whistleblower.lnk 2014-05-06 21:49 - 2014-05-06 21:49 - 00000591 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk 2014-05-06 21:49 - 2014-05-06 21:49 - 00000591 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4.lnk 2014-05-06 21:44 - 2014-05-06 21:44 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2014-05-05 23:20 - 2014-05-05 23:20 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\Wireshark 2014-05-05 23:09 - 2014-05-05 23:09 - 00001736 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk 2014-05-05 23:09 - 2014-05-05 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap 2014-05-05 23:09 - 2014-05-05 23:09 - 00000000 ____D () C:\Program Files (x86)\Wireshark 2014-05-05 23:09 - 2014-05-05 23:09 - 00000000 ____D () C:\Program Files (x86)\WinPcap 2014-05-05 23:06 - 2014-05-05 23:06 - 22150416 _____ (Wireshark development team) C:\Users\NEW1\Desktop\Wireshark-win32-1.10.7.exe 2014-05-05 20:52 - 2014-05-08 21:15 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-05-03 20:21 - 2014-05-14 08:33 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-03 20:21 - 2014-05-03 20:21 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-05-03 20:21 - 2014-05-03 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-05-03 20:21 - 2014-05-03 20:21 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-03 20:21 - 2014-05-03 20:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-05-03 20:21 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-03 20:21 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-03 20:21 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-03 19:46 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-05-03 12:35 - 2014-05-03 12:35 - 00297912 _____ () C:\Windows\Minidump\050314-10155-01.dmp 2014-05-02 12:32 - 2014-05-11 22:38 - 00000022 _____ () C:\Windows\GPU-Z.INI 2014-05-02 12:29 - 2014-05-11 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark 2014-05-02 12:29 - 2014-05-11 17:11 - 00000000 ____D () C:\Program Files\Futuremark 2014-05-02 12:29 - 2014-05-02 12:29 - 00001233 _____ () C:\Users\Public\Desktop\3DMark 11.lnk 2014-05-02 07:04 - 2014-05-02 07:05 - 00000245 _____ () C:\Windows\bcmwl.log 2014-05-02 07:04 - 2014-05-02 07:04 - 00000090 _____ () C:\bcmwl5.log 2014-05-02 07:04 - 2014-05-02 07:04 - 00000000 ____D () C:\SWSetup 2014-05-01 20:31 - 2014-03-26 23:40 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-05-01 20:28 - 2014-03-27 14:45 - 31270856 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 25257416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 23785416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 17467048 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 15964736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 13158232 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-05-01 20:28 - 2014-03-27 14:45 - 11644392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 11598560 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 09734744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 03139928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 02949976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 02785056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 02413344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433750.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 01539416 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433750.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00894752 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00891168 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00864600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00859592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00836544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00491864 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00415008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00336672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-05-01 20:27 - 2014-05-01 20:27 - 00000000 ____D () C:\NVIDIA 2014-05-01 19:35 - 2014-05-04 10:18 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\NVIDIA 2014-05-01 19:32 - 2014-03-27 04:11 - 06768584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2014-05-01 19:32 - 2014-03-27 04:11 - 03512664 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2014-05-01 19:32 - 2014-03-27 04:11 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2014-05-01 19:32 - 2014-03-27 04:11 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2014-05-01 19:32 - 2014-03-27 04:11 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2014-05-01 19:32 - 2014-03-27 04:11 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2014-05-01 19:32 - 2014-03-24 12:31 - 03683457 _____ () C:\Windows\system32\nvcoproc.bin 2014-05-01 19:30 - 2014-05-01 19:30 - 00553568 _____ () C:\Windows\Minidump\050114-9874-01.dmp 2014-04-28 20:14 - 2014-04-28 20:14 - 00298216 _____ () C:\Windows\Minidump\042814-10670-01.dmp 2014-04-28 20:12 - 2014-04-28 20:13 - 00298216 _____ () C:\Windows\Minidump\042814-20482-01.dmp 2014-04-27 14:34 - 2014-04-27 14:34 - 00001150 _____ () C:\Users\NEW1\Desktop\Continue WinZip Installation.lnk 2014-04-27 14:12 - 2014-04-27 14:13 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\DarkSoulsII 2014-04-27 14:12 - 2014-04-27 14:12 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\Systems Cache 2014-04-20 23:24 - 2014-04-21 06:50 - 00000000 ____D () C:\Program Files (x86)\DEHR 2014-04-20 23:21 - 2014-04-20 23:21 - 00001338 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deus.Ex.Human.Revolution.Directors.Cut.lnk 2014-04-20 22:46 - 2014-04-20 22:52 - 00000000 ____D () C:\Program Files (x86)\dumps 2014-04-20 21:26 - 2014-04-21 10:16 - 00000000 ____D () C:\Users\NEW1\AppData\Local\dxhr 2014-04-20 21:18 - 2014-04-20 21:18 - 00000000 ____D () C:\Users\NEW1\AppData\Local\238010 2014-04-20 15:06 - 2014-05-11 17:43 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys ==================== One Month Modified Files and Folders ======= 2014-05-14 08:37 - 2014-05-14 08:37 - 00000000 ____D () C:\FRST 2014-05-14 08:36 - 2013-10-11 16:17 - 01730304 _____ () C:\Windows\WindowsUpdate.log 2014-05-14 08:33 - 2014-05-03 20:21 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-14 08:33 - 2013-10-29 08:30 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-05-14 08:33 - 2013-10-11 16:21 - 00001040 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-14 08:33 - 2010-11-21 05:47 - 01704626 _____ () C:\Windows\PFRO.log 2014-05-14 08:33 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-14 08:33 - 2009-07-14 06:51 - 00141383 _____ () C:\Windows\setupact.log 2014-05-14 08:03 - 2013-10-11 16:21 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-14 08:01 - 2014-05-14 08:01 - 00000906 _____ () C:\Users\NEW1\Desktop\adwcleaner.lnk 2014-05-14 07:59 - 2013-10-13 19:51 - 00000000 ____D () C:\AdwCleaner 2014-05-14 07:25 - 2014-05-14 07:25 - 00028063 _____ () C:\ComboFix.txt 2014-05-14 07:25 - 2014-05-07 19:01 - 00000000 ____D () C:\Qoobox 2014-05-14 07:23 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-05-14 07:17 - 2014-05-09 06:55 - 05200050 ____R (Swearware) C:\Users\NEW1\Desktop\ComboFix.exe 2014-05-14 07:16 - 2009-07-14 06:45 - 00021776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-14 07:16 - 2009-07-14 06:45 - 00021776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-12 20:29 - 2014-05-12 20:29 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security 2014-05-12 20:29 - 2014-05-09 20:17 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration 2014-05-12 20:29 - 2014-05-09 20:17 - 00002507 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk 2014-05-12 20:29 - 2014-05-09 20:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security 2014-05-12 20:29 - 2014-05-09 20:16 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64 2014-05-12 20:09 - 2014-05-12 20:02 - 00000097 _____ () C:\Users\NEW1\Desktop\Nowy dokument tekstowy.txt 2014-05-12 11:05 - 2014-05-12 00:45 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0 2014-05-11 22:39 - 2011-02-04 20:14 - 00738980 _____ () C:\Windows\system32\perfh015.dat 2014-05-11 22:39 - 2011-02-04 20:14 - 00155166 _____ () C:\Windows\system32\perfc015.dat 2014-05-11 22:39 - 2009-07-14 07:13 - 01666834 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-11 22:38 - 2014-05-02 12:32 - 00000022 _____ () C:\Windows\GPU-Z.INI 2014-05-11 22:35 - 2013-10-13 20:19 - 00000000 ____D () C:\Program Files\CDBurnerXP 2014-05-11 22:24 - 2013-10-13 20:19 - 00001754 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk 2014-05-11 22:24 - 2013-10-13 20:19 - 00001698 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk 2014-05-11 22:20 - 2014-05-11 21:57 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys 2014-05-11 22:06 - 2013-10-16 20:28 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\vlc 2014-05-11 21:57 - 2013-10-28 22:06 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite 2014-05-11 18:31 - 2014-05-11 14:32 - 00000000 ____D () C:\Users\NEW1\Documents\3DMark 2014-05-11 17:47 - 2013-11-02 17:59 - 00000000 ____D () C:\ProgramData\Package Cache 2014-05-11 17:44 - 2013-10-18 10:19 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys 2014-05-11 17:43 - 2014-04-20 15:06 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys 2014-05-11 17:18 - 2013-10-13 09:15 - 00000000 ____D () C:\Users\NEW1\AppData\Local\Futuremark 2014-05-11 17:16 - 2014-05-11 17:16 - 00000691 _____ () C:\Users\Public\Desktop\3DMark.lnk 2014-05-11 17:16 - 2014-05-02 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark 2014-05-11 17:16 - 2013-10-11 22:09 - 00614470 _____ () C:\Windows\DirectX.log 2014-05-11 17:16 - 2013-10-11 16:25 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-05-11 17:13 - 2013-10-31 08:11 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\BitComet 2014-05-11 17:11 - 2014-05-02 12:29 - 00000000 ____D () C:\Program Files\Futuremark 2014-05-11 17:10 - 2014-05-11 17:10 - 00297936 _____ () C:\Windows\Minidump\051114-20420-01.dmp 2014-05-11 17:10 - 2013-10-11 19:59 - 819054379 _____ () C:\Windows\MEMORY.DMP 2014-05-11 17:10 - 2013-10-11 19:59 - 00000000 ____D () C:\Windows\Minidump 2014-05-11 16:19 - 2014-05-09 20:17 - 00177312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 2014-05-11 16:19 - 2014-05-09 20:17 - 00007631 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT 2014-05-11 15:04 - 2014-05-11 15:04 - 00001607 _____ () C:\Users\NEW1\Desktop\EasyTune — skrót.lnk 2014-05-11 14:26 - 2014-03-19 22:14 - 00000000 ____D () C:\Users\NEW1\AppData\Local\CrashDumps 2014-05-11 06:58 - 2013-10-11 16:21 - 00004040 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-11 06:58 - 2013-10-11 16:21 - 00003788 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-11 06:54 - 2014-05-08 23:20 - 00000000 ____D () C:\Users\NEW1\Desktop\Logi Combofix 2014-05-11 06:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing 2014-05-09 21:42 - 2014-05-09 21:42 - 00002751 _____ () C:\Users\Public\Desktop\GIGABYTE OC_GURU.lnk 2014-05-09 21:42 - 2013-10-11 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE 2014-05-09 21:42 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-09 21:35 - 2014-05-09 21:35 - 00002989 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk 2014-05-09 21:35 - 2014-05-09 21:35 - 00000000 ____D () C:\Intel 2014-05-09 21:35 - 2013-10-11 16:31 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE 2014-05-09 20:17 - 2014-05-09 20:17 - 00000000 ____D () C:\Program Files\Symantec 2014-05-09 20:17 - 2014-05-09 20:17 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared 2014-05-09 20:16 - 2014-05-09 20:16 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security 2014-05-09 20:16 - 2013-10-13 14:30 - 00000000 ____D () C:\ProgramData\Norton 2014-05-08 21:15 - 2014-05-05 20:52 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-05-07 21:43 - 2013-10-11 20:24 - 00000000 ____D () C:\ProgramData\Origin 2014-05-07 21:00 - 2013-11-27 00:43 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-05-07 19:14 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-05-07 19:13 - 2014-05-07 19:01 - 00000000 ____D () C:\Windows\erdnt 2014-05-07 18:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Globalization 2014-05-07 17:20 - 2014-05-07 17:20 - 00000539 _____ () C:\Users\Public\Desktop\Outlast Whistleblower.lnk 2014-05-07 06:47 - 2013-10-16 21:55 - 00000000 ____D () C:\Program Files (x86)\Motorola 2014-05-07 00:44 - 2014-03-20 13:02 - 00000000 ____D () C:\Users\NEW1\.VirtualBox 2014-05-07 00:38 - 2014-03-20 12:50 - 00000000 ___RD () C:\Users\NEW1\Desktop\Dawid 2014-05-06 21:49 - 2014-05-06 21:49 - 00000591 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk 2014-05-06 21:49 - 2014-05-06 21:49 - 00000591 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4.lnk 2014-05-06 21:44 - 2014-05-06 21:44 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2014-05-06 21:44 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-05-06 20:47 - 2013-10-13 09:16 - 00000000 ____D () C:\Users\NEW1\Documents\3DMark 11 2014-05-06 20:20 - 2009-07-14 07:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-05-05 23:20 - 2014-05-05 23:20 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\Wireshark 2014-05-05 23:09 - 2014-05-05 23:09 - 00001736 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk 2014-05-05 23:09 - 2014-05-05 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap 2014-05-05 23:09 - 2014-05-05 23:09 - 00000000 ____D () C:\Program Files (x86)\Wireshark 2014-05-05 23:09 - 2014-05-05 23:09 - 00000000 ____D () C:\Program Files (x86)\WinPcap 2014-05-05 23:06 - 2014-05-05 23:06 - 22150416 _____ (Wireshark development team) C:\Users\NEW1\Desktop\Wireshark-win32-1.10.7.exe 2014-05-05 22:37 - 2013-10-11 17:13 - 00000000 ____D () C:\Windows\Panther 2014-05-05 22:06 - 2014-03-08 12:31 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\Bioshock 2014-05-05 21:38 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker 2014-05-04 10:18 - 2014-05-01 19:35 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\NVIDIA 2014-05-03 20:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PLA 2014-05-03 20:21 - 2014-05-03 20:21 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-05-03 20:21 - 2014-05-03 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-05-03 20:21 - 2014-05-03 20:21 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-03 20:21 - 2014-05-03 20:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-05-03 19:48 - 2013-10-11 16:17 - 00000000 ____D () C:\Users\NEW1 2014-05-03 12:57 - 2013-10-12 21:45 - 00000000 ____D () C:\Users\NEW1\AppData\Local\SKIDROW 2014-05-03 12:35 - 2014-05-03 12:35 - 00297912 _____ () C:\Windows\Minidump\050314-10155-01.dmp 2014-05-02 12:31 - 2013-10-13 09:11 - 00000000 ____D () C:\Program Files (x86)\Futuremark 2014-05-02 12:29 - 2014-05-02 12:29 - 00001233 _____ () C:\Users\Public\Desktop\3DMark 11.lnk 2014-05-02 10:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-05-02 07:05 - 2014-05-02 07:04 - 00000245 _____ () C:\Windows\bcmwl.log 2014-05-02 07:04 - 2014-05-02 07:04 - 00000090 _____ () C:\bcmwl5.log 2014-05-02 07:04 - 2014-05-02 07:04 - 00000000 ____D () C:\SWSetup 2014-05-02 06:07 - 2014-02-09 18:59 - 00167424 _____ () C:\Users\NEW1\Documents\GK104.rom 2014-05-02 06:07 - 2014-02-09 18:59 - 00015648 _____ () C:\Windows\system32\Drivers\nvflash.sys 2014-05-01 21:56 - 2014-01-08 00:17 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-05-01 20:40 - 2013-12-26 22:56 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-05-01 20:40 - 2013-10-13 13:28 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2014-05-01 20:31 - 2013-10-29 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-05-01 20:31 - 2013-10-11 16:38 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-05-01 20:27 - 2014-05-01 20:27 - 00000000 ____D () C:\NVIDIA 2014-05-01 19:32 - 2013-10-11 16:37 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-05-01 19:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help 2014-05-01 19:31 - 2013-10-29 08:39 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-05-01 19:30 - 2014-05-01 19:30 - 00553568 _____ () C:\Windows\Minidump\050114-9874-01.dmp 2014-05-01 18:32 - 2014-02-24 20:56 - 00000000 ____D () C:\Program Files (x86)\OCCTPT 2014-05-01 12:55 - 2014-01-04 18:53 - 00007600 _____ () C:\Users\NEW1\AppData\Local\Resmon.ResmonCfg 2014-05-01 12:04 - 2013-11-02 07:48 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-04-28 20:14 - 2014-04-28 20:14 - 00298216 _____ () C:\Windows\Minidump\042814-10670-01.dmp 2014-04-28 20:13 - 2014-04-28 20:12 - 00298216 _____ () C:\Windows\Minidump\042814-20482-01.dmp 2014-04-27 14:34 - 2014-04-27 14:34 - 00001150 _____ () C:\Users\NEW1\Desktop\Continue WinZip Installation.lnk 2014-04-27 14:13 - 2014-04-27 14:12 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\DarkSoulsII 2014-04-27 14:12 - 2014-04-27 14:12 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\Systems Cache 2014-04-23 00:11 - 2014-03-20 13:03 - 00000000 ____D () C:\Users\NEW1\VirtualBox VMs 2014-04-21 12:38 - 2010-11-21 08:30 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-04-21 12:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-04-21 10:16 - 2014-04-20 21:26 - 00000000 ____D () C:\Users\NEW1\AppData\Local\dxhr 2014-04-21 06:50 - 2014-04-20 23:24 - 00000000 ____D () C:\Program Files (x86)\DEHR 2014-04-20 23:21 - 2014-04-20 23:21 - 00001338 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deus.Ex.Human.Revolution.Directors.Cut.lnk 2014-04-20 22:52 - 2014-04-20 22:46 - 00000000 ____D () C:\Program Files (x86)\dumps 2014-04-20 21:18 - 2014-04-20 21:18 - 00000000 ____D () C:\Users\NEW1\AppData\Local\238010 2014-04-20 15:40 - 2013-10-13 13:27 - 00000000 ____D () C:\Users\NEW1\Documents\My Games 2014-04-19 21:46 - 2013-10-11 16:19 - 00000010 _____ () C:\Windows\GSetup.ini 2014-04-15 21:28 - 2013-10-13 13:25 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-04-14 20:19 - 2013-10-18 09:47 - 00000000 ____D () C:\Users\NEW1\Desktop\Nowy folder ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-12 20:53 ==================== End Of Log ============================

Kod: Zaznacz wszystko: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2014 01 Ran by NEW1 at 2014-05-14 08:37:35 Running from E:\Programy Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Installed Programs ====================== 3DMark (HKLM-x32\...\{F1A6C690-C12C-4E7A-B4BD-958678215418}) (Version: 1.0 - Futuremark) 3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark) 3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.) Aktualizacje NVIDIA 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden Aliens - Colonial Marines (HKLM-x32\...\Aliens - Colonial Marines_is1) (Version: - ) App Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.14.0110 - Gigabyte) APP Center (x32 Version: 1.14.0110 - Gigabyte) Hidden Assassin's Creed III (HKLM-x32\...\Assassin's Creed III_is1) (Version: Assassin's Creed III - ) Assassin's Creed IV Black Flag wersja 1.0 (HKLM-x32\...\Assassin's Creed IV Black Flag_is1) (Version: 1.0 - Ubisoft) Batman Arkham Origins Update 2 (HKLM-x32\...\QmF0bWFuQXJraGFtT3JpZ2lucw==_is1) (Version: 1 - ) Battlefield 4 Update 1 (HKLM-x32\...\QmF0dGxlZmllbGQ0_is1) (Version: 1 - ) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.0 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) BitComet 1.36 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.36 - CometNetwork) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP) CWK (Czasowy Wyłącznik Komputera) (HKLM-x32\...\CWK) (Version: 2.52.3.43 - Damian Pasternak) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd) Deluxe Ski Jump 4 (HKLM-x32\...\Deluxe Ski Jump 4_is1) (Version: 1.3.0 - Mediamond Tmi) EasyTune B13.0410.2 (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.00.0000 - GIGABYTE) EasyTune B13.0410.2 (x32 Version: 1.00.0000 - GIGABYTE) Hidden ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) EZSetupN B13.0410.2 (HKLM-x32\...\InstallShield_{9EAB60B6-70FE-4EC7-8DF4-54773E4EAC05}) (Version: 1.00.0000 - GIGABYTE) EZSetupN B13.0410.2 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.02 - Ubisoft) Fraps (HKLM-x32\...\Fraps) (Version: - ) Futuremark SystemInfo (HKLM-x32\...\{EF7EA37B-C009-4D53-AE2A-FF7C6AEC35CE}) (Version: 4.26.386 - Futuremark) GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.42.0000 - GIGABYTE Technology Co.,Ltd.) GIGABYTE OC_GURU II (x32 Version: 1.42.0000 - GIGABYTE Technology Co.,Ltd.) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden GRID 2 Update v1.0.85.8679 Incl. DLC (HKLM-x32\...\R1JJRDI=_is1) (Version: 1 - ) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3071 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation) Intel(R) Rapid Storage Technology (Version: 12.0.0.1083 - Intel Corporation) Hidden Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.100 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden Java 7 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417040FF}) (Version: 7.0.400 - Oracle) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Lara Croft and the Guardian of Light 1.03 (HKLM-x32\...\Lara Croft and the Guardian of Light_is1) (Version: 1.03 - Square Enix) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden LibreOffice 4.1.2.3 (HKLM-x32\...\{DD3CB916-F91A-41B9-B276-CAC090E91021}) (Version: 4.1.2.3 - The Document Foundation) Lost Planet 3 (HKLM-x32\...\Lost Planet 3_is1) (Version: - Capcom) Mafia II (HKLM-x32\...\Mafia II_is1) (Version: - ) Malwarebytes Anti-Malware wersja 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation) Metro: Last Light (c) Deep Silver version 1 (HKLM-x32\...\TWV0cm9MYXN0TGlnaHQ=_is1) (Version: 1 - ) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden Need for Speed Rivals (HKLM-x32\...\Need for Speed Rivals_is1) (Version: Need for Speed Rivals - ) Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.5.0.28 - Symantec Corporation) NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA ShadowPlay 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Sterownik 3D Vision 337.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.50 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 337.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.50 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 337.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.50 - NVIDIA Corporation) NVIDIA Update Core (Version: 12.4.55 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.22 (Version: 1.2.22 - NVIDIA Corporation) Hidden Obsługa programów Apple (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) ON_OFF Charge 2 B13.0403.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) ON_OFF Charge 2 B13.0403.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden ON_OFF Charge B13.0403.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) Oracle VM VirtualBox 4.3.8 (HKLM\...\{5D328A41-BFF8-4B78-B45E-5BEE1D133EF5}) (Version: 4.3.8 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.) Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - ) Panel sterowania NVIDIA 337.50 (Version: 337.50 - NVIDIA Corporation) Hidden Pinball FX2 (HKLM-x32\...\Pinball FX2_is1) (Version: - ) QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6849 - Realtek Semiconductor Corp.) S.T.A.L.K.E.R. Cień Czarnobyla (HKLM-x32\...\S.T.A.L.K.E.R. Cień Czarnobyla_is1) (Version: S.T.A.L.K.E.R. Cień Czarnobyla - ) S.T.A.L.K.E.R. Czyste Niebo (HKLM-x32\...\S.T.A.L.K.E.R. Czyste Niebo_is1) (Version: S.T.A.L.K.E.R. Czyste Niebo - ) S.T.A.L.K.E.R. Zew Prypeci (HKLM-x32\...\S.T.A.L.K.E.R. Zew Prypeci_is1) (Version: S.T.A.L.K.E.R. Zew Prypeci - ) Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden Skijumping 2007 (HKLM-x32\...\Skijumping 2007_0001) (Version: - ) Skype™ 6.11 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.11.102 - Skype Technologies S.A.) Sniper Ghost Warrior 2 (HKLM-x32\...\Sniper Ghost Warrior 2_is1) (Version: - ) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) Thief, âĺđńč˙ 1.1.0.0 (HKLM-x32\...\Thief_is1) (Version: 1.1.0.0 - RePack by SEYTER) TP-LINK TL-WN725N_TL-WN723N Driver (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK) VGA USB Camera (HKLM-x32\...\{F0B2D11F-E4D9-4C17-A195-B8BADEAE9C40}) (Version: 1.2.0.0 - ) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR 5.00 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) Wireshark 1.10.7 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.7 - The Wireshark developer community, http://www.wireshark.org) Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2013.2 - URSoft, Inc.) <==== ATTENTION ==================== Restore Points ========================= 12-05-2014 19:00:25 Zaplanowany punkt kontrolny 14-05-2014 05:18:08 ComboFix created restore point ==================== Hosts content: ========================== 2009-07-14 04:34 - 2014-05-12 19:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {02D33FD7-FAF0-423F-A59D-CD304CB4279C} - \Object Browser-chromeinstaller No Task File <==== ATTENTION Task: {1E321208-F952-4BBF-AC3D-59F59AA60FCC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11] (Google Inc.) Task: {4E6C7F28-E98E-438C-AF53-3FF02DAD38D6} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe [2014-04-29] (Symantec Corporation) Task: {4F37FBF4-120E-4A09-B7E6-1D59BDBBCA68} - \Object Browser-updater No Task File <==== ATTENTION Task: {6CD97988-9321-459F-B042-69C785ADAF30} - \Object Browser-enabler No Task File <==== ATTENTION Task: {73D5E31E-C6C4-403A-B9C4-0EA13064302B} - System32\Tasks\Usługa aktualizacji oprogramowania InstallShield => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16] (InstallShield Software Corporation) Task: {86A6930E-C2BF-491B-BCF6-C51042726036} - \Object Browser-codedownloader No Task File <==== ATTENTION Task: {8994DA04-87A8-4B42-90A0-1871FD276F4A} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation) Task: {99BA18CD-FE24-45AC-AFCE-DA06EAB28643} - \Program aktualizacji online firmy InstallShield Software. No Task File <==== ATTENTION Task: {9FE61CD4-30F1-469B-96D5-619AFD514FEF} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {A836959A-D403-420F-B435-93146485E62E} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation) Task: {A9B8F507-EECC-46AB-9ACA-5AB4C0F96D4B} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation) Task: {ABFD8813-1CA5-40BB-B574-5F3FA20E2265} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11] (Google Inc.) Task: {E1D8091C-C129-4659-B1F9-D4A00BDBFE8A} - \GoforFilesUpdate No Task File <==== ATTENTION Task: {FE0C02ED-4658-438D-A1CF-15C2A14CB840} - \FoxTab No Task File <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-05-01 19:32 - 2014-03-27 04:11 - 00118728 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-12-26 22:56 - 2014-02-09 19:10 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2013-10-11 16:26 - 2013-03-19 15:25 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-05-01 12:04 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll 2014-05-01 12:04 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll 2014-05-01 12:04 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll 2014-05-01 12:04 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll 2014-05-01 12:04 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll 2014-05-01 12:04 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll 2013-10-11 16:25 - 2013-03-12 13:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll 2012-02-22 17:46 - 2012-02-22 17:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll 2012-01-05 23:40 - 2012-01-05 23:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll 2014-05-12 09:34 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.5.0.28\wincfi39.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: CrashHandle => C:\Users\NEW1\AppData\Local\Temp\RarSFX24\SystemWhileIdle.exe MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/14/2014 08:35:07 AM) (Source: WinMgmt) (User: ) (EventID: 10) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/14/2014 08:33:54 AM) (Source: Application Error) (User: ) (EventID: 1000) Description: Nazwa aplikacji powodującej błąd: IdleServ.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x53384b19 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18229, sygnatura czasowa: 0x51fb1677 Kod wyjątku: 0xe053534f Przesunięcie błędu: 0x000000000000940d Identyfikator procesu powodującego błąd: 0x%9 Godzina uruchomienia aplikacji powodującej błąd: 0xIdleServ.exe0 Ścieżka aplikacji powodującej błąd: IdleServ.exe1 Ścieżka modułu powodującego błąd: IdleServ.exe2 Identyfikator raportu: IdleServ.exe3 Error: (05/14/2014 07:10:16 AM) (Source: WinMgmt) (User: ) (EventID: 10) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/14/2014 07:09:05 AM) (Source: Application Error) (User: ) (EventID: 1000) Description: Nazwa aplikacji powodującej błąd: IdleServ.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x53384b19 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18229, sygnatura czasowa: 0x51fb1677 Kod wyjątku: 0xe053534f Przesunięcie błędu: 0x000000000000940d Identyfikator procesu powodującego błąd: 0x%9 Godzina uruchomienia aplikacji powodującej błąd: 0xIdleServ.exe0 Ścieżka aplikacji powodującej błąd: IdleServ.exe1 Ścieżka modułu powodującego błąd: IdleServ.exe2 Identyfikator raportu: IdleServ.exe3 Error: (05/12/2014 07:57:51 PM) (Source: WinMgmt) (User: ) (EventID: 10) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/12/2014 07:41:53 PM) (Source: WinMgmt) (User: ) (EventID: 10) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/12/2014 07:40:43 PM) (Source: Application Error) (User: ) (EventID: 1000) Description: Nazwa aplikacji powodującej błąd: IdleServ.exe, wersja: 1.0.0.0, sygnatura czasowa: 0x53384b19 Nazwa modułu powodującego błąd: KERNELBASE.dll, wersja: 6.1.7601.18229, sygnatura czasowa: 0x51fb1677 Kod wyjątku: 0xe053534f Przesunięcie błędu: 0x000000000000940d Identyfikator procesu powodującego błąd: 0x%9 Godzina uruchomienia aplikacji powodującej błąd: 0xIdleServ.exe0 Ścieżka aplikacji powodującej błąd: IdleServ.exe1 Ścieżka modułu powodującego błąd: IdleServ.exe2 Identyfikator raportu: IdleServ.exe3 Error: (05/12/2014 09:36:22 AM) (Source: NvStreamSvc) (User: ) (EventID: 1) Description: NvStreamSvcNvVAD initialization failed [6] Error: (05/12/2014 09:36:22 AM) (Source: NvStreamSvc) (User: ) (EventID: 1) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (05/12/2014 09:36:22 AM) (Source: NvStreamSvc) (User: ) (EventID: 1) Description: NvStreamSvcNvVAD endpoint registration failed [0] System errors: ============= Error: (05/14/2014 08:33:36 AM) (Source: Service Control Manager) (User: ) (EventID: 7026) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: UsbCharger Error: (05/14/2014 07:23:34 AM) (Source: Service Control Manager) (User: ) (EventID: 7030) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (05/14/2014 07:20:55 AM) (Source: Service Control Manager) (User: ) (EventID: 7030) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (05/14/2014 07:08:52 AM) (Source: Service Control Manager) (User: ) (EventID: 7026) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: UsbCharger Error: (05/12/2014 08:53:08 PM) (Source: volsnap) (User: ) (EventID: 36) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (05/12/2014 07:56:12 PM) (Source: Service Control Manager) (User: ) (EventID: 7026) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: UsbCharger Error: (05/12/2014 07:55:24 PM) (Source: Service Control Manager) (User: ) (EventID: 7030) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (05/12/2014 07:55:01 PM) (Source: Service Control Manager) (User: ) (EventID: 7030) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (05/12/2014 07:55:00 PM) (Source: Application Popup) (User: ) (EventID: 1060) Description: Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (05/12/2014 07:55:00 PM) (Source: Application Popup) (User: ) (EventID: 1060) Description: Ładowanie sterownika \??\C:\ComboFix\catchme.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Microsoft Office Sessions: ========================= Error: (05/14/2014 08:35:07 AM) (Source: WinMgmt) (User: ) (EventID: 10) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/14/2014 08:33:54 AM) (Source: Application Error) (User: ) (EventID: 1000) Description: IdleServ.exe1.0.0.053384b19KERNELBASE.dll6.1.7601.1822951fb1677e053534f000000000000940d Error: (05/14/2014 07:10:16 AM) (Source: WinMgmt) (User: ) (EventID: 10) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/14/2014 07:09:05 AM) (Source: Application Error) (User: ) (EventID: 1000) Description: IdleServ.exe1.0.0.053384b19KERNELBASE.dll6.1.7601.1822951fb1677e053534f000000000000940d Error: (05/12/2014 07:57:51 PM) (Source: WinMgmt) (User: ) (EventID: 10) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/12/2014 07:41:53 PM) (Source: WinMgmt) (User: ) (EventID: 10) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/12/2014 07:40:43 PM) (Source: Application Error) (User: ) (EventID: 1000) Description: IdleServ.exe1.0.0.053384b19KERNELBASE.dll6.1.7601.1822951fb1677e053534f000000000000940d Error: (05/12/2014 09:36:22 AM) (Source: NvStreamSvc) (User: ) (EventID: 1) Description: NvStreamSvcNvVAD initialization failed [6] Error: (05/12/2014 09:36:22 AM) (Source: NvStreamSvc) (User: ) (EventID: 1) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (05/12/2014 09:36:22 AM) (Source: NvStreamSvc) (User: ) (EventID: 1) Description: NvStreamSvcNvVAD endpoint registration failed [0] CodeIntegrity Errors: =================================== Date: 2014-05-12 19:55:00.934 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-05-12 19:55:00.934 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-05-12 19:55:00.903 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-05-12 19:55:00.903 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-05-12 07:49:33.007 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-05-12 07:49:32.991 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-05-12 07:49:32.976 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-05-12 07:49:32.960 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-05-11 15:21:05.573 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-05-11 15:21:05.558 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 27% Total physical RAM: 8080 MB Available physical RAM: 5842.7 MB Total Pagefile: 16158.18 MB Available Pagefile: 13715.71 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: (SYSTEM) (Fixed) (Total:150.16 GB) (Free:30.61 GB) NTFS Drive d: (DANE1) (Fixed) (Total:390.62 GB) (Free:152.28 GB) NTFS Drive e: (DANE2) (Fixed) (Total:390.62 GB) (Free:21.25 GB) NTFS Drive g: (KRD10) (CDROM) (Total:0.37 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 926B25E0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=150 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=391 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=391 GB) - (Type=07 NTFS) ==================== End Of Log ============================

Dodano Dzisiaj, 09:17:
Dodam tylko że ComboFix w jakiś sposób działa usuwając to coś, bo zaraz po przeskanowaniu wszystko jest w porządku.Karta dostaje znowu kopa w spoczynku gdy albo wyłączę kompa i go włączę lub ponownie uruchomię.Z tym że jeżeli przed wyłączeniem komputera odłączę się od netu i podłączę się z powrotem dopiero po uruchomieniu to też jest wszystko ok.Karta szaleje gdy uruchomię ponownie kompa BĘDĄC CAŁY CZAS PODŁĄCZONYM DO NETU.Oczywiście przeskanowanie ComboFixem znowu pomoże.Wziąłem się na sposób i przed wyłączeniem kompa lub jego ponownym uruchomieniem wyjmuję kartę wi-fi i wkładam ją dopiero jak komputer się uruchomi.Wtedy jest wszystko w porządku.Na kablu jest tak samo.

**Posty:** 2183 · przez **NieWiem** 14 Maj 2014, 11:10

Rzeczony BitCoin miner ma ciągle widoczne jego składniki w systemie i dociąga konieczne do jego działania pliki z netu po każdym restarcie i usuwaniu. Ponadto poniżej do poczytania:
Słów parę o programie ComboFix

Otwórz notatnik i wklej do niego zawartość ramki:

Kod: Zaznacz wszystko: File:: c:\users\NEW1\AppData\Roaming\Systems Cache\IdleServ.exe Folder:: C:\Users\NEW1\AppData\Local\Temp\RarSFX* Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "System Idle"=- "CrashHandle"=- DirLook:: C:\Users\NEW1\AppData\Roaming\Systems Cache Reboot::

Plik zapisz jako CFScript.txt
Przeciągnij i upuść ten plik na ikonę ComboFixa - to uruchomi proces.
Przeklej wynikowy raport.

**Posty:** 7 · przez **Marw** 15 Maj 2014, 07:43

Zrobiłem tak jak pisałeś i oto log:

Kod: Zaznacz wszystko: ComboFix 14-05-13.01 - NEW1 2014-05-15 7:29.12.4 - x64 Microsoft Windows 7 Enterprise 6.1.7601.1.1250.48.1045.18.8080.5732 [GMT 2:00] Uruchomiony z: c:\users\NEW1\Desktop\ComboFix.exe Użyto następujących komend :: c:\users\NEW1\Desktop\CFScript.txt AV: Norton Internet Security *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} FW: Norton Internet Security *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} SP: Norton Internet Security *Disabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\users\NEW1\AppData\Roaming\Systems Cache\IdleServ.exe" . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\NEW1\AppData\Roaming\Systems Cache\IdleServ.exe . . ((((((((((((((((((((((((( Pliki utworzone od 2014-04-15 do 2014-05-15 ))))))))))))))))))))))))))))))) . . 2014-05-15 05:35 . 2014-05-15 05:35 -------- d-----w- c:\users\wangzhisong\AppData\Local\temp 2014-05-15 05:35 . 2014-05-15 05:35 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-05-14 06:37 . 2014-05-14 06:37 -------- d-----w- C:\FRST 2014-05-11 22:45 . 2014-05-12 09:05 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0 2014-05-11 19:57 . 2014-05-11 20:20 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2014-05-09 19:35 . 2014-05-09 19:35 -------- d-----w- C:\Intel 2014-05-09 18:17 . 2014-05-11 14:19 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS 2014-05-09 18:17 . 2014-05-09 18:17 -------- d-----w- c:\program files\Symantec 2014-05-09 18:17 . 2014-05-09 18:17 -------- d-----w- c:\program files\Common Files\Symantec Shared 2014-05-09 18:16 . 2014-05-12 18:29 -------- d-----w- c:\windows\system32\drivers\NISx64 2014-05-09 18:16 . 2014-05-09 18:16 -------- d-----w- c:\program files (x86)\Norton Internet Security 2014-05-09 18:15 . 2014-05-09 18:15 -------- d-----w- c:\program files (x86)\NortonInstaller 2014-05-06 19:44 . 2014-05-06 19:44 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins 2014-05-05 21:20 . 2014-05-05 21:20 -------- d-----w- c:\users\NEW1\AppData\Roaming\Wireshark 2014-05-05 21:09 . 2014-05-05 21:09 -------- d-----w- c:\program files (x86)\WinPcap 2014-05-05 21:09 . 2014-05-05 21:09 -------- d-----w- c:\program files (x86)\Wireshark 2014-05-05 18:52 . 2014-05-08 19:15 119512 ----a-w- c:\windows\system32\drivers\48230029.sys 2014-05-03 18:21 . 2014-05-15 05:36 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-05-03 18:21 . 2014-05-03 18:21 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2014-05-03 18:21 . 2014-05-03 18:21 -------- d-----w- c:\programdata\Malwarebytes 2014-05-03 18:21 . 2014-04-03 07:51 63192 ----a-w- c:\windows\system32\drivers\mwac.sys 2014-05-03 18:21 . 2014-04-03 07:51 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-05-03 18:21 . 2014-04-03 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-05-03 17:46 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll 2014-05-02 10:32 . 2014-05-02 10:32 -------- d-----w- C:\Temp 2014-05-02 10:29 . 2014-05-11 15:11 -------- d-----w- c:\program files\Futuremark 2014-05-02 05:04 . 2001-09-05 02:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll 2014-05-02 05:04 . 2001-09-05 02:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll 2014-05-02 05:04 . 2001-09-05 02:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll 2014-05-02 05:04 . 2001-09-05 02:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll 2014-05-02 05:04 . 2014-05-02 05:04 -------- d-----w- C:\SWSetup 2014-05-02 05:04 . 2006-01-19 07:19 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe 2014-05-01 18:31 . 2014-03-26 21:40 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2014-05-01 18:27 . 2014-05-01 18:27 -------- d-----w- C:\NVIDIA 2014-05-01 17:35 . 2014-05-04 08:18 -------- d-----w- c:\users\NEW1\AppData\Roaming\NVIDIA 2014-05-01 17:32 . 2014-03-27 02:11 6768584 ----a-w- c:\windows\system32\nvcpl.dll 2014-05-01 17:32 . 2014-03-27 02:11 3512664 ----a-w- c:\windows\system32\nvsvc64.dll 2014-05-01 17:32 . 2014-03-27 02:11 927520 ----a-w- c:\windows\system32\nvvsvc.exe 2014-05-01 17:32 . 2014-03-27 02:11 63776 ----a-w- c:\windows\system32\nvshext.dll 2014-05-01 17:32 . 2014-03-27 02:11 386336 ----a-w- c:\windows\system32\nvmctray.dll 2014-05-01 17:32 . 2014-03-27 02:11 2558808 ----a-w- c:\windows\system32\nvsvcr.dll 2014-05-01 17:32 . 2014-03-24 10:31 3683457 ----a-w- c:\windows\system32\nvcoproc.bin 2014-04-27 12:12 . 2014-04-27 12:13 -------- d-----w- c:\users\NEW1\AppData\Roaming\DarkSoulsII 2014-04-27 12:12 . 2014-05-15 05:34 -------- d-----w- c:\users\NEW1\AppData\Roaming\Systems Cache 2014-04-20 21:24 . 2014-04-21 04:50 -------- d-----w- c:\program files (x86)\DEHR 2014-04-20 20:46 . 2014-04-20 20:52 -------- d-----w- c:\program files (x86)\dumps 2014-04-20 20:45 . 2014-04-20 20:45 -------- d-----w- c:\program files (x86)\Common Files\Steam 2014-04-20 19:26 . 2014-04-21 08:16 -------- d-----w- c:\users\NEW1\AppData\Local\dxhr 2014-04-20 19:18 . 2014-04-20 19:18 -------- d-----w- c:\users\NEW1\AppData\Local\238010 2014-04-20 13:06 . 2014-05-11 15:43 25640 ----a-w- c:\windows\gdrv.sys . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-05-11 15:44 . 2013-10-18 08:19 25640 ----a-w- c:\windows\etdrv.sys 2014-05-02 04:07 . 2014-02-09 16:59 15648 ----a-w- c:\windows\system32\drivers\nvflash.sys 2014-05-01 18:40 . 2013-12-26 20:56 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2014-05-01 18:40 . 2013-10-13 11:28 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2014-04-15 19:28 . 2013-10-13 11:25 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2014-04-02 13:27 . 2013-10-29 06:41 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll 2014-04-02 13:27 . 2013-10-29 06:41 1225920 ----a-w- c:\windows\system32\nvspcap64.dll 2014-03-27 12:45 . 2014-03-12 17:57 9697128 ----a-w- c:\windows\SysWow64\nvopencl.dll 2014-03-27 12:45 . 2014-03-12 17:57 952440 ----a-w- c:\windows\system32\nvumdshimx.dll 2014-03-27 12:45 . 2014-03-12 17:57 18493952 ----a-w- c:\windows\system32\nvwgf2umx.dll 2014-03-27 12:45 . 2014-03-12 17:57 166568 ----a-w- c:\windows\system32\nvinitx.dll 2014-03-27 12:45 . 2014-03-12 17:57 146480 ----a-w- c:\windows\SysWow64\nvinit.dll 2014-03-27 12:45 . 2014-03-12 17:57 14422856 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2014-03-27 12:45 . 2014-03-12 17:57 3106688 ----a-w- c:\windows\system32\nvapi64.dll 2014-03-27 12:45 . 2014-03-12 17:57 2728160 ----a-w- c:\windows\SysWow64\nvapi.dll 2014-03-23 09:09 . 2013-10-18 08:19 27 ----a-w- c:\windows\cli.bat 2014-03-23 09:09 . 2013-10-18 08:19 1648000 ----a-w- c:\windows\rstcli.exe 2014-03-21 19:43 . 2014-04-07 19:01 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys 2014-03-21 19:43 . 2014-04-07 19:01 33568 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll 2014-03-21 19:43 . 2013-10-29 06:39 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll 2014-03-12 18:15 . 2013-10-13 10:50 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-03-12 18:15 . 2013-10-13 10:50 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-03-04 14:35 . 2014-03-12 17:57 1885472 ----a-w- c:\windows\system32\nvdispco6433523.dll 2014-03-04 14:35 . 2014-03-12 17:57 1516488 ----a-w- c:\windows\system32\nvdispgenco6433523.dll 2014-02-25 17:31 . 2014-03-20 10:59 252704 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2014-02-25 17:27 . 2014-03-20 10:58 126752 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2014-02-25 17:27 . 2014-02-25 17:27 154912 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys 2014-02-25 17:27 . 2014-02-25 17:27 140576 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys 2014-02-25 17:27 . 2014-02-25 17:27 113952 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys 2014-02-25 17:24 . 2014-02-25 17:24 204064 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll . . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of c:\users\NEW1\AppData\Roaming\Systems Cache ---- . . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352] "ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-03-06 291128] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ GIGABYTE OC_GURU.lnk - c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe [2013-5-3 21946368] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime . R1 UsbCharger;UsbCharger;c:\windows\system32\DRIVERS\UsbCharger.sys;c:\windows\SYSNATIVE\DRIVERS\UsbCharger.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x] R2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [x] R2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [x] R3 ALSysIO;ALSysIO;c:\users\NEW1\AppData\Local\Temp\ALSysIO64.sys;c:\users\NEW1\AppData\Local\Temp\ALSysIO64.sys [x] R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x] R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe;c:\program files\BitComet\tools\BitCometService.exe [x] R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x] R3 cpuz137;cpuz137;c:\windows\TEMP\cpuz137\cpuz137_x64.sys;c:\windows\TEMP\cpuz137\cpuz137_x64.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x] R3 etocdrv;etocdrv;c:\windows\system32\etocdrv.sys;c:\windows\SYSNATIVE\etocdrv.sys [x] R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x] R3 GPU-Z;GPU-Z;c:\users\NEW1\AppData\Local\Temp\GPU-Z.sys;c:\users\NEW1\AppData\Local\Temp\GPU-Z.sys [x] R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x] R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x] R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x] R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x] R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x] R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x] R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x] S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x] S0 iusb3hcs;Sterownik przełącznika kontrolera hosta Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1405000.01C\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\SYMDS64.SYS [x] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1405000.01C\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\SYMEFA64.SYS [x] S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140409.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [x] S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\ccSetx64.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140513.002\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140513.002\IDSvia64.sys [x] S1 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1405000.01C\Ironx64.SYS [x] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1405000.01C\SYMNETS.SYS [x] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x] S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x] S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x] S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x] S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x] S3 IntcDAud;Audio dla wyświetlaczy Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 iusb3hub;Sterownik koncentratora Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] S3 iusb3xhc;Sterownik kontrolera hosta Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x] S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x] S3 netr7364;Sterownik karty RT73 USB Wireless LAN dla systemu Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x] S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x] . . --- Inne Usługi/Sterowniki w Pamięci --- . *NewlyCreated* - MBAMSWISSARMY . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2014-05-01 10:02 1078088 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe . Zawartość folderu 'Zaplanowane zadania' . 2014-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11 14:21] . 2014-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11 14:21] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-22 165872] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-22 407536] "Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-22 441840] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-02-26 13423688] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-02 1225920] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-02 2201032] "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com mDefault_Search_URL = hxxp://www.google.com mDefault_Page_URL = hxxp://www.google.com mStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm mSearch Page = hxxp://www.google.com IE: &P&obierz &za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: Pobierz wszystko za pomocą BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 . - - - - USUNIĘTO PUSTE WPISY - - - - . ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS] "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\20.5.0.28\diMaster.dll\" /prefetch:1" . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_USERS\S-1-5-21-2029661028-1285491316-369974877-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:a3,28,3a,7d,e5,f9,db,48,d2,c6,a9,bd,59,a8,3b,ad,7e,ee,0d,13,7f,4e,56, 6b,a8,0a,f3,b1,45,12,8c,af,2c,e6,4e,31,d0,a4,a2,04,6e,ab,ff,28,00,1e,86,fb,\ "??"=hex:88,7b,b8,6e,f7,8d,a4,88,56,af,c9,ba,1d,83,12,d5 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.12" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Pozostałe uruchomione procesy ------------------------ . c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe . ************************************************************************** . Czas ukończenia: 2014-05-15 07:38:48 - komputer został uruchomiony ponownie ComboFix-quarantined-files.txt 2014-05-15 05:38 ComboFix2.txt 2014-05-14 05:25 ComboFix3.txt 2014-05-12 17:59 ComboFix4.txt 2014-05-12 05:53 ComboFix5.txt 2014-05-15 05:28 . Przed: 32 827 674 624 bajtów wolnych Po: 32 591 982 592 bajtów wolnych . - - End Of File - - 6B36AF08DFC97FCC0825EED155CE5559 A36C5E4F47E84449FF07ED3517B43A31

Dodano Dzisiaj, 07:52:
No wydaje się że teraz już jest wszystko w porządku!Uruchomiłem ponownie kompa bez odcinania się od internetu i grafika pracuje sobie spokojnie z najniższymi taktowaniami jakie są tylko możliwe:)Sprawdzę jeszcze wszystko dokładnie po paru uruchomieniach i napiszę a narazie wielkie dzięki.

Dodano Dzisiaj, 08:16:
Jest w porządku:)Jeszcze raz wielkie podziękowania.Poczytałem o ComboFixie i człowiek ma rację...Nie wiem teraz czy mam go odinstalować czy mogę go mieć na pulpicie?I w jaki sposób mógł mi się ten syf zainstalować.Nie mam 15 lat i generalnie widzę co robię (ale chyba nie do końca).Jak się ustrzec przed podobnymi zdarzeniami?

**Posty:** 2183 · przez **NieWiem** 16 Maj 2014, 09:16

To jeszcze nie koniec roboty.

Proszę wkleić nowy raport z FRST.

**Posty:** 7 · przez **Marw** 16 Maj 2014, 19:49

Przeskanowałem ale wygenerował się tylko jeden log:

Kod: Zaznacz wszystko: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-05-2014 Ran by NEW1 (administrator) on KMAREK on 16-05-2014 19:47:19 Running from E:\Programy Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Polish Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe () C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (PixArt Imaging Incorporation) C:\Windows\Pixart\Pac7302\Monitor.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13423688 2013-02-26] (Realtek Semiconductor) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation) HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2029661028-1285491316-369974877-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation) AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-03-27] (NVIDIA Corporation) AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-03-27] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) FireFox: ======== FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF [2014-05-09] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ [] Chrome: ======= CHR HomePage: CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.) CHR Extension: (Norton Identity Safe for Google Chrome™) - C:\Users\NEW1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2014-05-12] CHR Extension: (YouTube) - C:\Users\NEW1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-02] CHR Extension: (Szukaj w Google) - C:\Users\NEW1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-02] CHR Extension: (AdBlock Premium) - C:\Users\NEW1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2013-11-02] CHR Extension: (Google Wallet) - C:\Users\NEW1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-02] CHR Extension: (Gmail) - C:\Users\NEW1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-02] CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\Exts\Chrome.crx [2014-05-12] ==================== Services (Whitelisted) ================= S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (http://www.BitComet.com) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-02-28] (Futuremark) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [223088 2011-03-25] () R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-09] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) ==================== Drivers (Whitelisted) ==================== R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] () R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-04-09] (Symantec Corporation) R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-05-09] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-05-09] (Symantec Corporation) S3 etocdrv; C:\Windows\system32\etocdrv.sys [14928 2013-04-09] (Giga-Byte Technology CO., LTD.) R3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] () R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation) R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140515.001\IDSvia64.sys [525016 2014-05-08] (Symantec Corporation) R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [88280 2014-04-03] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-16] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation) R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140516.002\ENG64.SYS [126040 2014-05-09] (Symantec Corporation) R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140516.002\EX64.SYS [2099288 2014-05-09] (Symantec Corporation) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (PixArt Imaging Inc.) S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1528976 2013-03-05] (Realtek Semiconductor Corporation ) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-10-28] (Duplex Secure Ltd.) R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1405000.01C\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1405000.01C\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\NISx64\1405000.01C\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NISx64\1405000.01C\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-05-11] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation) S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21072 2013-03-27] () S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113952 2014-02-25] (Oracle Corporation) S3 ALSysIO; \??\C:\Users\NEW1\AppData\Local\Temp\ALSysIO64.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X] S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-16 19:41 - 2014-05-16 19:41 - 00425149 _____ () C:\Users\NEW1\Desktop\microPDA5.0a.apk 2014-05-16 19:23 - 2014-05-16 19:23 - 00003422 _____ () C:\Windows\System32\Tasks\MotoHelper Update 2014-05-16 19:23 - 2014-05-16 19:23 - 00003410 _____ () C:\Windows\System32\Tasks\MotoHelper MUM 2014-05-16 19:23 - 2014-05-16 19:23 - 00003404 _____ () C:\Windows\System32\Tasks\MotoHelper Routing 2014-05-16 19:23 - 2014-05-16 19:23 - 00003230 _____ () C:\Windows\System32\Tasks\MotoHelper Initial Update 2014-05-16 19:23 - 2014-05-16 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola 2014-05-16 19:23 - 2014-05-16 19:23 - 00000000 ____D () C:\Program Files\Motorola Inc 2014-05-15 19:58 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2014-05-15 19:58 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-05-15 07:38 - 2014-05-15 07:38 - 00028809 _____ () C:\ComboFix.txt 2014-05-14 08:37 - 2014-05-16 19:47 - 00000000 ____D () C:\FRST 2014-05-14 08:01 - 2014-05-14 08:01 - 00000906 _____ () C:\Users\NEW1\Desktop\adwcleaner.lnk 2014-05-12 20:29 - 2014-05-12 20:29 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security 2014-05-12 20:02 - 2014-05-12 20:09 - 00000097 _____ () C:\Users\NEW1\Desktop\Nowy dokument tekstowy.txt 2014-05-12 00:45 - 2014-05-12 11:05 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0 2014-05-11 17:16 - 2014-05-11 17:16 - 00000691 _____ () C:\Users\Public\Desktop\3DMark.lnk 2014-05-11 17:10 - 2014-05-11 17:10 - 00297936 _____ () C:\Windows\Minidump\051114-20420-01.dmp 2014-05-11 15:04 - 2014-05-11 15:04 - 00001607 _____ () C:\Users\NEW1\Desktop\EasyTune — skrót.lnk 2014-05-11 14:32 - 2014-05-15 08:05 - 00000000 ____D () C:\Users\NEW1\Documents\3DMark 2014-05-09 21:42 - 2014-05-09 21:42 - 00002751 _____ () C:\Users\Public\Desktop\GIGABYTE OC_GURU.lnk 2014-05-09 21:35 - 2014-05-09 21:35 - 00002989 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk 2014-05-09 21:35 - 2014-05-09 21:35 - 00000000 ____D () C:\Intel 2014-05-09 20:17 - 2014-05-12 20:29 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration 2014-05-09 20:17 - 2014-05-12 20:29 - 00002507 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk 2014-05-09 20:17 - 2014-05-11 16:19 - 00177312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 2014-05-09 20:17 - 2014-05-11 16:19 - 00007631 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT 2014-05-09 20:17 - 2014-05-09 20:17 - 00000000 ____D () C:\Program Files\Symantec 2014-05-09 20:17 - 2014-05-09 20:17 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared 2014-05-09 20:16 - 2014-05-12 20:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security 2014-05-09 20:16 - 2014-05-12 20:29 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64 2014-05-09 20:16 - 2014-05-09 20:16 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security 2014-05-09 06:55 - 2014-05-14 07:17 - 05200050 ____R (Swearware) C:\Users\NEW1\Desktop\ComboFix.exe 2014-05-08 23:20 - 2014-05-11 06:54 - 00000000 ____D () C:\Users\NEW1\Desktop\Logi Combofix 2014-05-07 19:03 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-05-07 19:03 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-05-07 19:03 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-05-07 19:03 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-05-07 19:03 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-05-07 19:03 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-05-07 19:03 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-05-07 19:03 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-05-07 19:01 - 2014-05-15 07:38 - 00000000 ____D () C:\Qoobox 2014-05-07 19:01 - 2014-05-07 19:13 - 00000000 ____D () C:\Windows\erdnt 2014-05-07 17:20 - 2014-05-07 17:20 - 00000539 _____ () C:\Users\Public\Desktop\Outlast Whistleblower.lnk 2014-05-05 23:20 - 2014-05-05 23:20 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\Wireshark 2014-05-05 23:09 - 2014-05-05 23:09 - 00001736 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk 2014-05-05 23:09 - 2014-05-05 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap 2014-05-05 23:09 - 2014-05-05 23:09 - 00000000 ____D () C:\Program Files (x86)\Wireshark 2014-05-05 23:09 - 2014-05-05 23:09 - 00000000 ____D () C:\Program Files (x86)\WinPcap 2014-05-05 23:06 - 2014-05-05 23:06 - 22150416 _____ (Wireshark development team) C:\Users\NEW1\Desktop\Wireshark-win32-1.10.7.exe 2014-05-05 20:52 - 2014-05-16 07:48 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-05-03 20:21 - 2014-05-16 19:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-03 20:21 - 2014-05-03 20:21 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-05-03 20:21 - 2014-05-03 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-05-03 20:21 - 2014-05-03 20:21 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-03 20:21 - 2014-05-03 20:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-05-03 20:21 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-03 20:21 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-03 20:21 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-03 19:46 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-05-03 12:35 - 2014-05-03 12:35 - 00297912 _____ () C:\Windows\Minidump\050314-10155-01.dmp 2014-05-02 12:32 - 2014-05-15 07:58 - 00000022 _____ () C:\Windows\GPU-Z.INI 2014-05-02 12:29 - 2014-05-11 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark 2014-05-02 12:29 - 2014-05-11 17:11 - 00000000 ____D () C:\Program Files\Futuremark 2014-05-02 12:29 - 2014-05-02 12:29 - 00001233 _____ () C:\Users\Public\Desktop\3DMark 11.lnk 2014-05-02 07:04 - 2014-05-02 07:05 - 00000245 _____ () C:\Windows\bcmwl.log 2014-05-02 07:04 - 2014-05-02 07:04 - 00000090 _____ () C:\bcmwl5.log 2014-05-02 07:04 - 2014-05-02 07:04 - 00000000 ____D () C:\SWSetup 2014-05-01 20:31 - 2014-03-26 23:40 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-05-01 20:28 - 2014-03-27 14:45 - 31270856 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 25257416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 23785416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 17467048 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 15964736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 13158232 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-05-01 20:28 - 2014-03-27 14:45 - 11644392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 11598560 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 09734744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 03139928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 02949976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 02785056 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 02413344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433750.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 01539416 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433750.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00894752 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00891168 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00864600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00859592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00836544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00491864 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00415008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00336672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2014-05-01 20:28 - 2014-03-27 14:45 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-05-01 20:27 - 2014-05-01 20:27 - 00000000 ____D () C:\NVIDIA 2014-05-01 19:35 - 2014-05-04 10:18 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\NVIDIA 2014-05-01 19:32 - 2014-03-27 04:11 - 06768584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2014-05-01 19:32 - 2014-03-27 04:11 - 03512664 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2014-05-01 19:32 - 2014-03-27 04:11 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2014-05-01 19:32 - 2014-03-27 04:11 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2014-05-01 19:32 - 2014-03-27 04:11 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2014-05-01 19:32 - 2014-03-27 04:11 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2014-05-01 19:32 - 2014-03-24 12:31 - 03683457 _____ () C:\Windows\system32\nvcoproc.bin 2014-05-01 19:30 - 2014-05-01 19:30 - 00553568 _____ () C:\Windows\Minidump\050114-9874-01.dmp 2014-04-28 20:14 - 2014-04-28 20:14 - 00298216 _____ () C:\Windows\Minidump\042814-10670-01.dmp 2014-04-28 20:12 - 2014-04-28 20:13 - 00298216 _____ () C:\Windows\Minidump\042814-20482-01.dmp 2014-04-27 14:34 - 2014-04-27 14:34 - 00001150 _____ () C:\Users\NEW1\Desktop\Continue WinZip Installation.lnk 2014-04-27 14:12 - 2014-05-15 07:34 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\Systems Cache 2014-04-27 14:12 - 2014-04-27 14:13 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\DarkSoulsII 2014-04-20 23:24 - 2014-04-21 06:50 - 00000000 ____D () C:\Program Files (x86)\DEHR 2014-04-20 23:21 - 2014-04-20 23:21 - 00001338 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deus.Ex.Human.Revolution.Directors.Cut.lnk 2014-04-20 22:46 - 2014-04-20 22:52 - 00000000 ____D () C:\Program Files (x86)\dumps 2014-04-20 21:26 - 2014-04-21 10:16 - 00000000 ____D () C:\Users\NEW1\AppData\Local\dxhr 2014-04-20 21:18 - 2014-04-20 21:18 - 00000000 ____D () C:\Users\NEW1\AppData\Local\238010 2014-04-20 15:06 - 2014-05-11 17:43 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys ==================== One Month Modified Files and Folders ======= 2014-05-16 19:47 - 2014-05-14 08:37 - 00000000 ____D () C:\FRST 2014-05-16 19:41 - 2014-05-16 19:41 - 00425149 _____ () C:\Users\NEW1\Desktop\microPDA5.0a.apk 2014-05-16 19:38 - 2013-10-28 22:06 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite 2014-05-16 19:37 - 2014-03-19 22:14 - 00000000 ____D () C:\Users\NEW1\AppData\Local\CrashDumps 2014-05-16 19:35 - 2011-02-04 20:14 - 00738980 _____ () C:\Windows\system32\perfh015.dat 2014-05-16 19:35 - 2011-02-04 20:14 - 00155166 _____ () C:\Windows\system32\perfc015.dat 2014-05-16 19:35 - 2009-07-14 07:13 - 01666834 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-16 19:34 - 2009-07-14 06:51 - 00149444 _____ () C:\Windows\setupact.log 2014-05-16 19:26 - 2014-05-03 20:21 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-16 19:25 - 2009-07-14 06:45 - 00021776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-16 19:25 - 2009-07-14 06:45 - 00021776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-16 19:23 - 2014-05-16 19:23 - 00003422 _____ () C:\Windows\System32\Tasks\MotoHelper Update 2014-05-16 19:23 - 2014-05-16 19:23 - 00003410 _____ () C:\Windows\System32\Tasks\MotoHelper MUM 2014-05-16 19:23 - 2014-05-16 19:23 - 00003404 _____ () C:\Windows\System32\Tasks\MotoHelper Routing 2014-05-16 19:23 - 2014-05-16 19:23 - 00003230 _____ () C:\Windows\System32\Tasks\MotoHelper Initial Update 2014-05-16 19:23 - 2014-05-16 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola 2014-05-16 19:23 - 2014-05-16 19:23 - 00000000 ____D () C:\Program Files\Motorola Inc 2014-05-16 19:23 - 2013-10-16 21:55 - 00000000 ____D () C:\Program Files (x86)\Motorola 2014-05-16 19:21 - 2013-10-11 16:17 - 01762664 _____ () C:\Windows\WindowsUpdate.log 2014-05-16 19:18 - 2013-10-29 08:30 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-05-16 19:18 - 2013-10-11 16:21 - 00001040 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-16 19:18 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-16 08:03 - 2013-10-11 16:21 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-16 07:48 - 2014-05-05 20:52 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-05-16 07:47 - 2010-11-21 05:47 - 01705730 _____ () C:\Windows\PFRO.log 2014-05-15 20:20 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-05-15 20:15 - 2013-10-11 20:24 - 00000000 ____D () C:\ProgramData\Origin 2014-05-15 20:14 - 2013-11-27 00:43 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-05-15 08:05 - 2014-05-11 14:32 - 00000000 ____D () C:\Users\NEW1\Documents\3DMark 2014-05-15 07:58 - 2014-05-02 12:32 - 00000022 _____ () C:\Windows\GPU-Z.INI 2014-05-15 07:38 - 2014-05-15 07:38 - 00028809 _____ () C:\ComboFix.txt 2014-05-15 07:38 - 2014-05-07 19:01 - 00000000 ____D () C:\Qoobox 2014-05-15 07:36 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-05-15 07:34 - 2014-04-27 14:12 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\Systems Cache 2014-05-14 08:01 - 2014-05-14 08:01 - 00000906 _____ () C:\Users\NEW1\Desktop\adwcleaner.lnk 2014-05-14 07:59 - 2013-10-13 19:51 - 00000000 ____D () C:\AdwCleaner 2014-05-14 07:17 - 2014-05-09 06:55 - 05200050 ____R (Swearware) C:\Users\NEW1\Desktop\ComboFix.exe 2014-05-12 20:29 - 2014-05-12 20:29 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security 2014-05-12 20:29 - 2014-05-09 20:17 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration 2014-05-12 20:29 - 2014-05-09 20:17 - 00002507 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk 2014-05-12 20:29 - 2014-05-09 20:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security 2014-05-12 20:29 - 2014-05-09 20:16 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64 2014-05-12 20:09 - 2014-05-12 20:02 - 00000097 _____ () C:\Users\NEW1\Desktop\Nowy dokument tekstowy.txt 2014-05-12 11:05 - 2014-05-12 00:45 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0 2014-05-11 22:35 - 2013-10-13 20:19 - 00000000 ____D () C:\Program Files\CDBurnerXP 2014-05-11 22:24 - 2013-10-13 20:19 - 00001754 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk 2014-05-11 22:24 - 2013-10-13 20:19 - 00001698 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk 2014-05-11 22:06 - 2013-10-16 20:28 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\vlc 2014-05-11 17:47 - 2013-11-02 17:59 - 00000000 ____D () C:\ProgramData\Package Cache 2014-05-11 17:44 - 2013-10-18 10:19 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\etdrv.sys 2014-05-11 17:43 - 2014-04-20 15:06 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys 2014-05-11 17:18 - 2013-10-13 09:15 - 00000000 ____D () C:\Users\NEW1\AppData\Local\Futuremark 2014-05-11 17:16 - 2014-05-11 17:16 - 00000691 _____ () C:\Users\Public\Desktop\3DMark.lnk 2014-05-11 17:16 - 2014-05-02 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark 2014-05-11 17:16 - 2013-10-11 22:09 - 00614470 _____ () C:\Windows\DirectX.log 2014-05-11 17:16 - 2013-10-11 16:25 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-05-11 17:13 - 2013-10-31 08:11 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\BitComet 2014-05-11 17:11 - 2014-05-02 12:29 - 00000000 ____D () C:\Program Files\Futuremark 2014-05-11 17:10 - 2014-05-11 17:10 - 00297936 _____ () C:\Windows\Minidump\051114-20420-01.dmp 2014-05-11 17:10 - 2013-10-11 19:59 - 819054379 _____ () C:\Windows\MEMORY.DMP 2014-05-11 17:10 - 2013-10-11 19:59 - 00000000 ____D () C:\Windows\Minidump 2014-05-11 16:19 - 2014-05-09 20:17 - 00177312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 2014-05-11 16:19 - 2014-05-09 20:17 - 00007631 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT 2014-05-11 15:04 - 2014-05-11 15:04 - 00001607 _____ () C:\Users\NEW1\Desktop\EasyTune — skrót.lnk 2014-05-11 06:58 - 2013-10-11 16:21 - 00004040 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-11 06:58 - 2013-10-11 16:21 - 00003788 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-11 06:54 - 2014-05-08 23:20 - 00000000 ____D () C:\Users\NEW1\Desktop\Logi Combofix 2014-05-11 06:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing 2014-05-09 21:42 - 2014-05-09 21:42 - 00002751 _____ () C:\Users\Public\Desktop\GIGABYTE OC_GURU.lnk 2014-05-09 21:42 - 2013-10-11 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE 2014-05-09 21:42 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-09 21:35 - 2014-05-09 21:35 - 00002989 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk 2014-05-09 21:35 - 2014-05-09 21:35 - 00000000 ____D () C:\Intel 2014-05-09 21:35 - 2013-10-11 16:31 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE 2014-05-09 20:17 - 2014-05-09 20:17 - 00000000 ____D () C:\Program Files\Symantec 2014-05-09 20:17 - 2014-05-09 20:17 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared 2014-05-09 20:16 - 2014-05-09 20:16 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security 2014-05-09 20:16 - 2013-10-13 14:30 - 00000000 ____D () C:\ProgramData\Norton 2014-05-07 19:14 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-05-07 19:13 - 2014-05-07 19:01 - 00000000 ____D () C:\Windows\erdnt 2014-05-07 18:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Globalization 2014-05-07 17:20 - 2014-05-07 17:20 - 00000539 _____ () C:\Users\Public\Desktop\Outlast Whistleblower.lnk 2014-05-07 00:44 - 2014-03-20 13:02 - 00000000 ____D () C:\Users\NEW1\.VirtualBox 2014-05-07 00:38 - 2014-03-20 12:50 - 00000000 ___RD () C:\Users\NEW1\Desktop\Dawid 2014-05-06 20:47 - 2013-10-13 09:16 - 00000000 ____D () C:\Users\NEW1\Documents\3DMark 11 2014-05-06 20:20 - 2009-07-14 07:08 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-05-05 23:20 - 2014-05-05 23:20 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\Wireshark 2014-05-05 23:09 - 2014-05-05 23:09 - 00001736 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk 2014-05-05 23:09 - 2014-05-05 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap 2014-05-05 23:09 - 2014-05-05 23:09 - 00000000 ____D () C:\Program Files (x86)\Wireshark 2014-05-05 23:09 - 2014-05-05 23:09 - 00000000 ____D () C:\Program Files (x86)\WinPcap 2014-05-05 23:06 - 2014-05-05 23:06 - 22150416 _____ (Wireshark development team) C:\Users\NEW1\Desktop\Wireshark-win32-1.10.7.exe 2014-05-05 22:37 - 2013-10-11 17:13 - 00000000 ____D () C:\Windows\Panther 2014-05-05 22:06 - 2014-03-08 12:31 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\Bioshock 2014-05-05 21:38 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker 2014-05-04 10:18 - 2014-05-01 19:35 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\NVIDIA 2014-05-03 20:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PLA 2014-05-03 20:21 - 2014-05-03 20:21 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-05-03 20:21 - 2014-05-03 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-05-03 20:21 - 2014-05-03 20:21 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-03 20:21 - 2014-05-03 20:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-05-03 19:48 - 2013-10-11 16:17 - 00000000 ____D () C:\Users\NEW1 2014-05-03 12:57 - 2013-10-12 21:45 - 00000000 ____D () C:\Users\NEW1\AppData\Local\SKIDROW 2014-05-03 12:35 - 2014-05-03 12:35 - 00297912 _____ () C:\Windows\Minidump\050314-10155-01.dmp 2014-05-02 12:31 - 2013-10-13 09:11 - 00000000 ____D () C:\Program Files (x86)\Futuremark 2014-05-02 12:29 - 2014-05-02 12:29 - 00001233 _____ () C:\Users\Public\Desktop\3DMark 11.lnk 2014-05-02 10:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-05-02 07:05 - 2014-05-02 07:04 - 00000245 _____ () C:\Windows\bcmwl.log 2014-05-02 07:04 - 2014-05-02 07:04 - 00000090 _____ () C:\bcmwl5.log 2014-05-02 07:04 - 2014-05-02 07:04 - 00000000 ____D () C:\SWSetup 2014-05-02 06:07 - 2014-02-09 18:59 - 00167424 _____ () C:\Users\NEW1\Documents\GK104.rom 2014-05-02 06:07 - 2014-02-09 18:59 - 00015648 _____ () C:\Windows\system32\Drivers\nvflash.sys 2014-05-01 21:56 - 2014-01-08 00:17 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-05-01 20:40 - 2013-12-26 22:56 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-05-01 20:40 - 2013-10-13 13:28 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr 2014-05-01 20:31 - 2013-10-29 08:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-05-01 20:31 - 2013-10-11 16:38 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-05-01 20:27 - 2014-05-01 20:27 - 00000000 ____D () C:\NVIDIA 2014-05-01 19:32 - 2013-10-11 16:37 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-05-01 19:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help 2014-05-01 19:31 - 2013-10-29 08:39 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-05-01 19:30 - 2014-05-01 19:30 - 00553568 _____ () C:\Windows\Minidump\050114-9874-01.dmp 2014-05-01 18:32 - 2014-02-24 20:56 - 00000000 ____D () C:\Program Files (x86)\OCCTPT 2014-05-01 12:55 - 2014-01-04 18:53 - 00007600 _____ () C:\Users\NEW1\AppData\Local\Resmon.ResmonCfg 2014-05-01 12:04 - 2013-11-02 07:48 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-04-30 20:29 - 2013-10-29 08:41 - 01225920 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2014-04-30 20:29 - 2013-10-29 08:41 - 01081112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2014-04-28 20:14 - 2014-04-28 20:14 - 00298216 _____ () C:\Windows\Minidump\042814-10670-01.dmp 2014-04-28 20:13 - 2014-04-28 20:12 - 00298216 _____ () C:\Windows\Minidump\042814-20482-01.dmp 2014-04-27 14:34 - 2014-04-27 14:34 - 00001150 _____ () C:\Users\NEW1\Desktop\Continue WinZip Installation.lnk 2014-04-27 14:13 - 2014-04-27 14:12 - 00000000 ____D () C:\Users\NEW1\AppData\Roaming\DarkSoulsII 2014-04-23 00:11 - 2014-03-20 13:03 - 00000000 ____D () C:\Users\NEW1\VirtualBox VMs 2014-04-21 12:38 - 2010-11-21 08:30 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-04-21 12:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-04-21 10:16 - 2014-04-20 21:26 - 00000000 ____D () C:\Users\NEW1\AppData\Local\dxhr 2014-04-21 06:50 - 2014-04-20 23:24 - 00000000 ____D () C:\Program Files (x86)\DEHR 2014-04-20 23:21 - 2014-04-20 23:21 - 00001338 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deus.Ex.Human.Revolution.Directors.Cut.lnk 2014-04-20 22:52 - 2014-04-20 22:46 - 00000000 ____D () C:\Program Files (x86)\dumps 2014-04-20 21:18 - 2014-04-20 21:18 - 00000000 ____D () C:\Users\NEW1\AppData\Local\238010 2014-04-20 15:40 - 2013-10-13 13:27 - 00000000 ____D () C:\Users\NEW1\Documents\My Games 2014-04-19 21:46 - 2013-10-11 16:19 - 00000010 _____ () C:\Windows\GSetup.ini Some content of TEMP: ==================== C:\Users\NEW1\AppData\Local\Temp\MotoHelper_2.0.49_Driver_5.0.0.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-12 20:53 ==================== End Of Log ============================

**Posty:** 2183 · przez **NieWiem** 16 Maj 2014, 19:53

Pobierz AdwCleaner.
Uruchom i wciśnij Scan.
Kiedy skończy wciśnij Clean i zgodź się na restart.
Wyświetlony po restarcie raport załącz.

Pobierz Junkware Removal Tool.
Uruchom i poczekaj cierpliwie.
Uwaga: na czas pracy programu należy wyłączyć programy z rezydentną ochroną (AV, AS), ponieważ "ubijają" one składniki JRT.
Po ukończeniu pojawi się raport - załącz go w odpowiedzi.

**Posty:** 7 · przez **Marw** 16 Maj 2014, 20:05

AdwCleaner log:

Kod: Zaznacz wszystko: # AdwCleaner v3.208 - Log utworzony 16/05/2014 o 20:01:48 # Aktualizacja 11/05/2014 przez Xplode # System operacyjny : Windows 7 Enterprise Service Pack 1 (64 bits) # Użytkownik : NEW1 - KMAREK # Ścieżka : E:\Programy\adwcleaner (1).exe # Opcja : Usuń ***** [ Usługi ] ***** ***** [ Pliki / Foldery ] ***** ***** [ Skróty ] ***** ***** [ Rejestr ] ***** Klucz Usunięto : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec ***** [ Przeglądarki internetowe ] ***** -\\ Internet Explorer v10.0.9200.16720 -\\ Google Chrome v34.0.1847.131 [ Plik : C:\Users\NEW1\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [2690 octets] - [13/10/2013 19:51:33] AdwCleaner[R10].txt - [1946 octets] - [07/05/2014 16:24:24] AdwCleaner[R11].txt - [1973 octets] - [07/05/2014 16:29:13] AdwCleaner[R12].txt - [2034 octets] - [07/05/2014 16:31:12] AdwCleaner[R13].txt - [2155 octets] - [07/05/2014 16:35:04] AdwCleaner[R14].txt - [2210 octets] - [14/05/2014 07:58:35] AdwCleaner[R15].txt - [2339 octets] - [16/05/2014 19:59:59] AdwCleaner[R1].txt - [3852 octets] - [01/11/2013 10:06:11] AdwCleaner[R2].txt - [8288 octets] - [05/01/2014 00:31:01] AdwCleaner[R3].txt - [1132 octets] - [06/01/2014 19:33:01] AdwCleaner[R4].txt - [7376 octets] - [08/01/2014 12:10:24] AdwCleaner[R5].txt - [1706 octets] - [08/01/2014 12:12:45] AdwCleaner[R6].txt - [1576 octets] - [08/01/2014 12:14:37] AdwCleaner[R7].txt - [1696 octets] - [08/01/2014 12:16:35] AdwCleaner[R8].txt - [3531 octets] - [03/05/2014 19:46:39] AdwCleaner[R9].txt - [1885 octets] - [05/05/2014 23:05:00] AdwCleaner[S0].txt - [2315 octets] - [13/10/2013 19:51:55] AdwCleaner[S10].txt - [1714 octets] - [16/05/2014 20:01:48] AdwCleaner[S1].txt - [3564 octets] - [01/11/2013 10:06:27] AdwCleaner[S2].txt - [5275 octets] - [05/01/2014 00:31:32] AdwCleaner[S3].txt - [1191 octets] - [06/01/2014 19:34:06] AdwCleaner[S4].txt - [4985 octets] - [08/01/2014 12:11:09] AdwCleaner[S5].txt - [1758 octets] - [08/01/2014 12:13:09] AdwCleaner[S6].txt - [1632 octets] - [08/01/2014 12:15:06] AdwCleaner[S7].txt - [3387 octets] - [03/05/2014 19:48:59] AdwCleaner[S8].txt - [2000 octets] - [07/05/2014 16:25:57] AdwCleaner[S9].txt - [2092 octets] - [07/05/2014 16:32:43] ########## EOF - C:\AdwCleaner\AdwCleaner[S10].txt - [2315 octets] ##########

Dodano Dzisiaj, 20:15:
JRT log:

Kod: Zaznacz wszystko: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Enterprise x64 Ran by NEW1 on 2014-05-16 at 20:07:12,77 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2029661028-1285491316-369974877-1000\Software\sweetim Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 2014-05-16 at 20:14:03,93 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

**Posty:** 2183 · przez **NieWiem** 16 Maj 2014, 20:45

No i chyba tyle.

Pobierz DelFix na pulpit.
Uruchom jako administrator.
Zaznacz opcje:

Remove disinfection tools
Create registry backup
Purge system restore

Kliknij Run i przedstaw raport po działaniu programu.
Delfix powinien posprzątać po wszystkim.

**Posty:** 7 · przez **Marw** 16 Maj 2014, 20:52

DelFix log:

Kod: Zaznacz wszystko: # DelFix v10.7 - Logfile created 16/05/2014 at 20:51:23 # Updated 27/04/2014 by Xplode # Username : NEW1 - KMAREK # Operating System : Windows 7 Enterprise Service Pack 1 (64 bits) ~ Removing disinfection tools ... Deleted : C:\Qoobox Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\ComboFix.txt Deleted : C:\Users\NEW1\Desktop\adwcleaner.lnk Deleted : C:\Users\NEW1\Desktop\ComboFix.exe Deleted : C:\Users\NEW1\Desktop\JRT.txt Deleted : C:\Windows\grep.exe Deleted : C:\Windows\PEV.exe Deleted : C:\Windows\NIRCMD.exe Deleted : C:\Windows\MBR.exe Deleted : C:\Windows\SED.exe Deleted : C:\Windows\SWREG.exe Deleted : C:\Windows\SWSC.exe Deleted : C:\Windows\SWXCACLS.exe Deleted : C:\Windows\Zip.exe Deleted : HKLM\SOFTWARE\AdwCleaner Deleted : HKLM\SOFTWARE\Swearware Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #232 [Zaplanowany punkt kontrolny | 05/12/2014 19:00:25] Deleted : RP #233 [ComboFix created restore point | 05/14/2014 05:18:08] Deleted : RP #234 [Zainstalowany program DirectX | 05/15/2014 17:59:32] Deleted : RP #235 [Przed deinstalacja Battlefield 4 Update 1 | 05/15/2014 18:15:55] Deleted : RP #236 [Przed deinstalacja Battlefield 4 Update 1 | 05/15/2014 18:18:59] Deleted : RP #237 [Przed deinstalacja Battlefield 4™ | 05/15/2014 18:20:43] Deleted : RP #238 [Przed deinstalacja Battlelog Web Plugins | 05/15/2014 18:22:37] Deleted : RP #239 [Przed deinstalacja DAEMON Tools Lite | 05/16/2014 17:37:53] New restore point created ! ########## - EOF - ##########

**Posty:** 2183 · przez **NieWiem** 17 Maj 2014, 01:08

Byłoby tyle.

Jeszcze jakieś problemy?

**Posty:** 7 · przez **Marw** 17 Maj 2014, 21:08

Nie dzięki serdeczne

Wszystko jest w porządku.Jeżeli będę miał kiedykolwiek jakieś problemy z kompem na pewno napiszę na tym forum. Fajnie że jeszcze są ludzie tacy jak Ty,którzy swoją wiedzą pomagają innym.Dzięki

**Posty:** 2183 · przez **NieWiem** 17 Maj 2014, 21:13

Nie ma za co :ok:

**Posty:** 1 · przez **Emisariusz** 05 Kwi 2015, 12:25

Witam,

Mam identyczny problem dlatego podklejam się pod temat. Starałem się wykonać podobne kroki co wcześniej opisane jednak problem powraca

Bardzo proszę o pomoc! obstawiam, że ta koparka bitcoin wzięła się z utorrenta (http://www.ibtimes.co.uk/how-remove-utorrent-epicscale-bitcoin-miner-windows-pc-1490965) jednak ja "epicscale.exe" nigdzie u siebie nie znalazłem... Jeżeli jakieś jeszcze logi są potrzebne proszę pisać

edit: problem zaczyna się po ok. 20 minutach od rozpoczęcia pracy komputera

Poniżej wklejam logi z FRST:

Kod: Zaznacz wszystko: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Wiktor (administrator) on WIKTOR-DESKTOP on 05-04-2015 12:18:57 Running from I:\ Loaded Profiles: Wiktor (Available profiles: Wiktor) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Polski (Polska) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (AMD) C:\Windows\System32\atieclxx.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\AsusWSPanel.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe (ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe () C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\AsusWSService.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe () C:\Users\Wiktor\AppData\Roaming\vlc\CODEXi\Steam Client (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Cm108Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2015-02-08] (Realtek Semiconductor) HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters). HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\AsusWSPanel.exe [5558056 2015-02-13] (ASUS Cloud Corporation) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-03-20] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-584033481-1012264687-3606139169-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd) HKU\S-1-5-21-584033481-1012264687-3606139169-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation) HKU\S-1-5-21-584033481-1012264687-3606139169-1000\...\Run: [Napisy24Update] => C:\Program Files (x86)\Napisy24\Napisy24Update.exe [2790344 2015-03-12] (Napisy24.pl) HKU\S-1-5-21-584033481-1012264687-3606139169-1000\...\Run: [Napisy24.pl] => C:\Program Files (x86)\Napisy24\Napisy24.exe [4737992 2015-03-09] (Napisy24.pl) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{71ACF663-CC95-429F-8C5C-0A1DC4EE8E78}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.0.496\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll () ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll () ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-584033481-1012264687-3606139169-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-584033481-1012264687-3606139169-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-584033481-1012264687-3606139169-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-15] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 62.179.1.63 62.179.1.62 FireFox: ======== FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB) FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com [2015-04-05] () FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-04-05] () FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-05] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation) FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com FF Extension: Blokowanie niebezpiecznych stron internetowych - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\content_blocker@kaspersky.com [2015-04-05] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com FF Extension: Klawiatura wirtualna - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-04-05] Chrome: ======= CHR HomePage: Default -> CHR Profile: C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-05] CHR Extension: (Google Docs) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-05] CHR Extension: (Google Drive) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-05] CHR Extension: (YouTube) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-05] CHR Extension: (Recently Closed Tabs [FVD]) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdmacmopjaoijgapmfhbggpijooeadm [2015-04-05] CHR Extension: (Google Search) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-05] CHR Extension: (VK Music Downloader) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpokhfcmgpipfplgbkiecbpcmplgniam [2015-04-05] CHR Extension: (Kaspersky Protection) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-04-05] CHR Extension: (New York theme) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnjoilngpclpbpopnnfbjelpbpamign [2015-04-05] CHR Extension: (Listango Bookmark Manager) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmbdkkenkdllkpiognpnmlaglmojagnh [2015-04-05] CHR Extension: (Google Sheets) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-05] CHR Extension: (AdBlock) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-05] CHR Extension: (Hola Better Internet) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-04-05] CHR Extension: (Google Calendar (by Google)) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2015-04-05] CHR Extension: (Save to Google Drive) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2015-04-05] CHR Extension: (DotVPN - Free and Secure VPN) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpiecbcckbofpmkkkdibbllpinceiihk [2015-04-05] CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2015-04-05] CHR Extension: (Weather forecast Widget [FVD] ) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfgbknfcldbddnkmjkoodkfafghifinp [2015-04-05] CHR Extension: (Google Wallet) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-05] CHR Extension: (Better History) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb [2015-04-05] CHR Extension: (Gmail) - C:\Users\Wiktor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05] CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found] CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [193400 2014-12-23] (Kaspersky Lab ZAO) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2014-12-10] (Futuremark) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2015-03-31] (Intel Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-03] () R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [386560 2014-12-10] (Qualcomm Atheros) [File not signed] R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-02-12] (Western Digital Technologies, Inc.) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [302968 2015-02-12] (Western Digital Technologies, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.) R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [98480 2014-11-18] (Qualcomm Atheros, Inc.) R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-08] (REALiX(tm)) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.) R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [56008 2015-04-05] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [151240 2014-11-28] (Kaspersky Lab ZAO) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [245960 2014-10-22] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [842440 2015-04-05] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [30920 2014-10-30] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [57032 2014-10-09] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77000 2014-11-22] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [181960 2014-11-10] (Kaspersky Lab ZAO) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [File not signed] R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] () R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-02-01] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2015-02-01] (Acronis International GmbH) R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-02-01] (Acronis International GmbH) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X] S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-05 11:53 - 2015-04-05 11:59 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-05 11:53 - 2015-04-05 11:58 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-05 11:53 - 2015-04-05 11:54 - 00003411 _____ () C:\Windows\WindowsUpdate.log 2015-04-05 11:53 - 2015-04-05 11:53 - 00004044 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-04-05 11:53 - 2015-04-05 11:53 - 00003792 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-04-05 11:53 - 2015-04-05 11:53 - 00002267 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-04-05 11:53 - 2015-04-05 11:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-04-05 11:53 - 2015-04-05 11:53 - 00000000 ____D () C:\Program Files (x86)\Google 2015-04-05 11:49 - 2015-04-05 11:49 - 00000000 __SHD () C:\Users\Wiktor\AppData\Local\EmieUserList 2015-04-05 11:49 - 2015-04-05 11:49 - 00000000 __SHD () C:\Users\Wiktor\AppData\Local\EmieSiteList 2015-04-05 11:49 - 2015-04-05 11:49 - 00000000 __SHD () C:\Users\Wiktor\AppData\Local\EmieBrowserModeList 2015-04-05 11:46 - 2015-04-05 11:46 - 00002417 _____ () C:\Users\Wiktor\Desktop\JRT.txt 2015-04-05 11:44 - 2015-04-05 11:44 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-WIKTOR-DESKTOP-Windows-7-Professional-(64-bit).dat 2015-04-05 11:44 - 2015-04-05 11:44 - 00000000 ____D () C:\RegBackup 2015-04-05 11:24 - 2015-04-05 11:24 - 00040413 _____ () C:\ComboFix.txt 2015-04-05 01:13 - 2015-04-05 01:15 - 00000000 ____D () C:\Users\Wiktor\AppData\Roaming\qBittorrent 2015-04-05 01:13 - 2015-04-05 01:13 - 00000000 ____D () C:\Users\Wiktor\AppData\Local\qBittorrent 2015-04-05 01:13 - 2015-04-05 01:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent 2015-04-05 01:13 - 2015-04-05 01:13 - 00000000 ____D () C:\Program Files (x86)\qBittorrent 2015-04-05 00:37 - 2015-04-05 11:50 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2015-04-05 00:37 - 2015-04-05 00:38 - 00842440 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2015-04-05 00:37 - 2015-04-05 00:37 - 00000000 ____D () C:\Windows\ELAMBKUP 2015-04-05 00:37 - 2015-04-05 00:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2015-04-05 00:37 - 2015-04-05 00:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab 2015-04-05 00:37 - 2014-10-22 21:13 - 00245960 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys 2015-04-05 00:37 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2015-04-04 21:34 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2015-04-04 21:34 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2015-04-04 21:34 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-04-04 21:34 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-04-04 21:34 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-04-04 21:34 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2015-04-04 21:34 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2015-04-04 21:34 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2015-04-04 21:33 - 2015-04-05 11:24 - 00000000 ____D () C:\Qoobox 2015-04-04 21:33 - 2015-04-04 21:39 - 00000000 ____D () C:\Windows\erdnt 2015-04-04 20:27 - 2015-04-04 20:27 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll 2015-04-04 20:27 - 2015-04-04 20:27 - 00074000 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll 2015-04-04 19:54 - 2015-04-04 19:54 - 00000385 _____ () C:\Windows\system32\user_gensett.xml 2015-04-04 19:54 - 2015-04-04 19:54 - 00000385 _____ () C:\Users\Wiktor\AppData\Roaminguser_gensett.xml 2015-04-04 19:53 - 2015-04-04 19:53 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf 2015-04-04 19:53 - 2015-04-04 19:53 - 00000000 ____D () C:\ProgramData\BDLogging 2015-04-04 19:53 - 2014-12-02 16:37 - 00074000 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll 2015-04-04 19:53 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll 2015-04-04 19:52 - 2015-04-05 00:36 - 00000000 ____D () C:\Program Files\Bitdefender 2015-04-04 19:52 - 2015-04-04 20:27 - 00033360 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll 2015-04-04 19:52 - 2015-04-04 19:52 - 00000000 ____D () C:\Users\Wiktor\AppData\Roaming\QuickScan 2015-04-04 19:49 - 2015-04-05 00:23 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender 2015-04-04 19:43 - 2015-04-05 12:18 - 00000000 ____D () C:\FRST 2015-04-04 19:18 - 2015-04-04 19:19 - 00000000 ____D () C:\AdwCleaner 2015-04-04 18:19 - 2015-04-04 18:19 - 00053392 _____ () C:\Windows\SysWOW64\CCCInstall_201504041819219295.log 2015-04-04 18:19 - 2015-04-04 18:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2015-04-04 18:19 - 2015-04-04 18:19 - 00000000 ____D () C:\ProgramData\ATI 2015-04-04 18:19 - 2015-04-04 18:19 - 00000000 ____D () C:\Program Files (x86)\AMD AVT 2015-04-04 18:19 - 2015-04-04 18:19 - 00000000 ____D () C:\Program Files (x86)\AMD 2015-04-04 18:17 - 2015-04-04 18:17 - 00000000 ____D () C:\AMD 2015-04-04 18:13 - 2015-04-04 18:13 - 00055516 _____ () C:\Windows\SysWOW64\CCCInstall_201504041813282991.log 2015-04-04 17:57 - 2015-04-04 17:57 - 00000000 ___SD () C:\Windows\SysWOW64\GWX 2015-04-04 17:57 - 2015-04-04 17:57 - 00000000 ___SD () C:\Windows\system32\GWX 2015-04-04 12:01 - 2015-04-04 12:01 - 00000640 _____ () C:\Users\Public\Desktop\Diablo III.lnk 2015-04-04 12:01 - 2015-04-04 12:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III 2015-04-04 10:15 - 2015-04-04 10:15 - 02517756 _____ () C:\Windows\SysWOW64\x11modTahitiglg2tc16768w256l4.bin 2015-04-04 00:43 - 2015-04-04 00:43 - 00000000 ____D () C:\Users\Wiktor\AppData\Local\UnrealEngineLauncher 2015-04-02 21:43 - 2015-04-02 21:43 - 00003072 _____ () C:\Windows\System32\Tasks\Steam_x64-S-2-106-91 2015-04-02 12:25 - 2015-04-02 12:25 - 00000000 ____D () C:\Users\Wiktor\Documents\Telltale Games 2015-04-02 12:25 - 2015-04-02 12:25 - 00000000 ____D () C:\ProgramData\REVOLT 2015-04-02 12:22 - 2015-04-02 12:22 - 00000836 _____ () C:\Users\Wiktor\Desktop\Play Game of Thrones Telltale.lnk 2015-04-01 23:11 - 2015-04-05 00:43 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk 2015-04-01 23:11 - 2015-04-05 00:43 - 00000000 ____D () C:\ProgramData\Skype 2015-04-01 23:11 - 2015-04-05 00:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-04-01 23:11 - 2015-04-02 19:58 - 00000000 ____D () C:\Users\Wiktor\AppData\Roaming\Skype 2015-04-01 23:11 - 2015-04-01 23:11 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-04-01 23:11 - 2015-04-01 23:11 - 00000000 ____D () C:\Users\Wiktor\Tracing 2015-04-01 23:11 - 2015-04-01 23:11 - 00000000 ____D () C:\Users\Wiktor\AppData\Local\Skype 2015-04-01 23:10 - 2015-04-01 23:10 - 00003156 _____ () C:\Windows\System32\Tasks\{BE2AAD1B-307B-4307-82F1-9B1C65D24F9D} 2015-03-31 19:02 - 2015-03-31 19:02 - 24802928 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 06067760 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 04782296 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 01402336 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 01399240 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 01369088 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 01063936 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00623616 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00392592 _____ () C:\Windows\system32\igfxTray.exe 2015-03-31 19:02 - 2015-03-31 19:02 - 00385024 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00372224 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00279952 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe 2015-03-31 19:02 - 2015-03-31 19:02 - 00255488 _____ () C:\Windows\system32\igfxCPL.cpl 2015-03-31 19:02 - 2015-03-31 19:02 - 00249232 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe 2015-03-31 19:02 - 2015-03-31 19:02 - 00229888 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00218512 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2015-03-31 19:02 - 2015-03-31 19:02 - 00213504 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00211656 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00183296 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4156.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00178672 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00178176 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00086528 _____ () C:\Windows\system32\igfxCUIServicePS.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00082432 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00069632 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00059904 _____ ( ) C:\Windows\system32\igfxDHLib.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00036616 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00035328 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00010752 _____ ( ) C:\Windows\system32\igfxDILib.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLib.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLib.dll 2015-03-31 19:02 - 2015-03-31 19:02 - 00004016 _____ () C:\Windows\system32\iglhxs64.vp 2015-03-31 19:01 - 2015-03-31 19:01 - 24003648 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 17761872 _____ () C:\Windows\system32\igd11dxva64.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 17285440 _____ () C:\Windows\SysWOW64\igd11dxva32.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 15982080 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 10853888 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 09396160 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 08605632 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 06021437 _____ () C:\Windows\system32\igdclbif.bin 2015-03-31 19:01 - 2015-03-31 19:01 - 04877240 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys 2015-03-31 19:01 - 2015-03-31 19:01 - 03550208 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 03320320 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 00636016 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 00515488 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 00398848 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 00350208 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 00282696 _____ (Intel Corporation) C:\Windows\system32\igd10idpp64.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 00263120 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10idpp32.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 00227328 _____ () C:\Windows\system32\igdde64.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 00187392 _____ () C:\Windows\SysWOW64\igdde32.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 00169984 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll 2015-03-31 19:01 - 2015-03-31 19:01 - 00152064 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll 2015-03-31 19:00 - 2015-03-31 19:00 - 09504256 _____ (Intel Corporation) C:\Windows\system32\ig75icd64.dll 2015-03-31 19:00 - 2015-03-31 19:00 - 07484416 _____ (Intel Corporation) C:\Windows\SysWOW64\ig75icd32.dll 2015-03-31 19:00 - 2015-03-31 19:00 - 01131008 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll 2015-03-31 19:00 - 2015-03-31 19:00 - 01029008 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe 2015-03-31 19:00 - 2015-03-31 19:00 - 01025936 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe 2015-03-31 19:00 - 2015-03-31 19:00 - 00448912 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe 2015-03-31 19:00 - 2015-03-31 19:00 - 00339344 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe 2015-03-31 19:00 - 2015-03-31 19:00 - 00338832 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe 2015-03-31 19:00 - 2015-03-31 19:00 - 00157072 _____ (Intel Corporation) C:\Windows\system32\difx64.exe 2015-03-25 09:32 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-03-25 09:32 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-03-25 09:32 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-03-25 09:32 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-03-25 09:32 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-03-25 09:32 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-03-25 09:32 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-03-25 09:32 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-03-20 06:49 - 2015-03-20 06:49 - 00102128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll 2015-03-20 06:49 - 2015-03-20 06:49 - 00096448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll 2015-03-20 06:48 - 2015-03-20 06:48 - 11083488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll 2015-03-20 06:48 - 2015-03-20 06:48 - 09406112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll 2015-03-20 06:48 - 2015-03-20 06:48 - 07559840 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll 2015-03-20 06:48 - 2015-03-20 06:48 - 07077264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll 2015-03-20 06:48 - 2015-03-20 06:48 - 01357168 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll 2015-03-20 06:48 - 2015-03-20 06:48 - 01133664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll 2015-03-20 06:48 - 2015-03-20 06:48 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll 2015-03-20 06:48 - 2015-03-20 06:48 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll 2015-03-20 06:48 - 2015-03-20 06:48 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll 2015-03-20 06:48 - 2015-03-20 06:48 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll 2015-03-20 06:48 - 2015-03-20 06:48 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll 2015-03-20 06:48 - 2015-03-20 06:48 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll 2015-03-20 06:48 - 2015-03-20 06:48 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll 2015-03-20 06:48 - 2015-03-20 06:48 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll 2015-03-20 06:48 - 2015-03-20 06:48 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll 2015-03-20 06:48 - 2015-03-20 06:48 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll 2015-03-20 06:47 - 2015-03-20 06:47 - 08381280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll 2015-03-20 06:47 - 2015-03-20 06:47 - 08368872 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll 2015-03-20 06:45 - 2015-03-20 06:45 - 00294600 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys 2015-03-20 06:43 - 2015-03-20 06:43 - 19338752 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys 2015-03-20 06:22 - 2015-03-20 06:22 - 00235008 _____ () C:\Windows\system32\clinfo.exe 2015-03-20 06:21 - 2015-03-20 06:21 - 47902208 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll 2015-03-20 06:21 - 2015-03-20 06:21 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll 2015-03-20 06:21 - 2015-03-20 06:21 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll 2015-03-20 06:21 - 2015-03-20 06:21 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll 2015-03-20 06:21 - 2015-03-20 06:21 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll 2015-03-20 06:17 - 2015-03-20 06:17 - 40989696 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll 2015-03-20 06:13 - 2015-03-20 06:13 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-03-20 06:13 - 2015-03-20 06:13 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-03-20 04:52 - 2015-03-20 04:52 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll 2015-03-20 04:48 - 2015-03-20 04:48 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll 2015-03-20 04:48 - 2015-03-20 04:48 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll 2015-03-20 04:47 - 2015-03-20 04:47 - 05837312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll 2015-03-20 04:32 - 2015-03-20 04:32 - 23626752 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll 2015-03-20 04:32 - 2015-03-20 04:32 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll 2015-03-20 04:28 - 2015-03-20 04:28 - 00639088 _____ () C:\Windows\SysWOW64\atiapfxx.blb 2015-03-20 04:28 - 2015-03-20 04:28 - 00639088 _____ () C:\Windows\system32\atiapfxx.blb 2015-03-20 04:27 - 2015-03-20 04:27 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll 2015-03-20 04:27 - 2015-03-20 04:27 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe 2015-03-20 04:27 - 2015-03-20 04:27 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll 2015-03-20 04:27 - 2015-03-20 04:27 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll 2015-03-20 04:27 - 2015-03-20 04:27 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll 2015-03-20 04:27 - 2015-03-20 04:27 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll 2015-03-20 04:23 - 2015-03-20 04:23 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll 2015-03-20 04:18 - 2015-03-20 04:18 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll 2015-03-20 04:18 - 2015-03-20 04:18 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll 2015-03-20 04:11 - 2015-03-20 04:11 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll 2015-03-20 04:10 - 2015-03-20 04:10 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll 2015-03-20 04:09 - 2015-03-20 04:09 - 00776192 _____ (AMD) C:\Windows\system32\atieclxx.exe 2015-03-20 04:09 - 2015-03-20 04:09 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll 2015-03-20 04:09 - 2015-03-20 04:09 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll 2015-03-20 04:08 - 2015-03-20 04:08 - 00246272 _____ (AMD) C:\Windows\system32\atiesrxx.exe 2015-03-20 04:07 - 2015-03-20 04:07 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll 2015-03-20 04:06 - 2015-03-20 04:06 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap 2015-03-20 03:55 - 2015-03-20 03:55 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap 2015-03-20 03:51 - 2015-03-20 03:51 - 00846848 _____ (AMD) C:\Windows\system32\coinst_14.50.dll 2015-03-20 03:45 - 2015-03-20 03:45 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll 2015-03-20 03:45 - 2015-03-20 03:45 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll 2015-03-20 03:44 - 2015-03-20 03:44 - 01218560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll 2015-03-20 03:44 - 2015-03-20 03:44 - 00905728 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll 2015-03-20 03:44 - 2015-03-20 03:44 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll 2015-03-20 03:44 - 2015-03-20 03:44 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll 2015-03-20 03:44 - 2015-03-20 03:44 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll 2015-03-20 03:44 - 2015-03-20 03:44 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll 2015-03-20 03:44 - 2015-03-20 03:44 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll 2015-03-20 03:43 - 2015-03-20 03:43 - 00591872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys 2015-03-20 03:36 - 2015-03-20 03:36 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll 2015-03-20 00:39 - 2015-03-20 00:39 - 00051200 _____ () C:\Windows\system32\kdbsdk64.dll 2015-03-20 00:31 - 2015-03-20 00:31 - 00038912 _____ () C:\Windows\SysWOW64\kdbsdk32.dll 2015-03-16 19:51 - 2015-03-16 19:51 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-03-16 19:51 - 2015-03-16 19:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-03-16 19:51 - 2015-03-16 19:51 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2015-03-16 19:51 - 2015-03-16 19:51 - 00000000 ____D () C:\Windows\system32\Macromed 2015-03-14 11:18 - 2015-03-14 11:18 - 00000000 ___SH () C:\Users\Wiktor\AppData\Local\LumaEmu 2015-03-14 11:18 - 2015-03-14 11:18 - 00000000 ____D () C:\Users\Wiktor\Documents\Colossal Order 2015-03-14 11:18 - 2015-03-14 11:18 - 00000000 ____D () C:\Users\Wiktor\AppData\Roaming\Colossal Order 2015-03-14 11:18 - 2015-03-14 11:18 - 00000000 ____D () C:\Users\Wiktor\AppData\Roaming\.mono 2015-03-14 11:18 - 2015-03-14 11:18 - 00000000 ____D () C:\Users\Wiktor\AppData\Local\LumaEmu_SteamCloud 2015-03-14 11:18 - 2015-03-14 11:18 - 00000000 ____D () C:\Users\Wiktor\AppData\Local\Colossal Order 2015-03-14 11:18 - 2015-03-14 11:18 - 00000000 ____D () C:\ProgramData\.mono 2015-03-14 11:16 - 2015-03-14 11:16 - 00000618 _____ () C:\Users\Wiktor\Desktop\Cities Skylines.lnk 2015-03-14 11:16 - 2015-03-14 11:16 - 00000000 ____D () C:\Users\Wiktor\AppData\Roaming\Cities Skylines 2015-03-14 11:16 - 2015-03-14 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Gamblers 2015-03-12 19:07 - 2015-03-12 19:07 - 00000000 ____D () C:\Users\Wiktor\AppData\Roaming\EurekaLog 2015-03-10 23:43 - 2015-03-06 07:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-03-10 23:43 - 2015-03-06 07:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-03-10 23:43 - 2015-03-06 07:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-03-10 23:43 - 2015-03-06 07:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-03-10 23:43 - 2015-03-06 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-03-10 23:43 - 2015-03-06 07:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-03-10 23:43 - 2015-03-06 07:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-03-10 23:43 - 2015-03-06 07:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-03-10 23:43 - 2015-03-06 07:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-03-10 23:43 - 2015-03-06 07:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-03-10 23:43 - 2015-03-06 07:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-03-10 23:43 - 2015-03-06 07:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-03-10 23:43 - 2015-03-06 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-03-10 23:43 - 2015-03-06 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-03-10 23:43 - 2015-03-06 07:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-03-10 23:43 - 2015-03-06 07:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-03-10 23:43 - 2015-03-06 07:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-03-10 23:43 - 2015-03-06 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-03-10 23:43 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-03-10 23:43 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-03-10 23:43 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-03-10 23:43 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-03-10 23:43 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-03-10 23:43 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-03-10 23:43 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-03-10 23:43 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-03-10 23:43 - 2015-03-06 07:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-03-10 23:43 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-03-10 23:43 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-03-10 23:43 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-03-10 23:43 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-03-10 23:43 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-03-10 23:43 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-03-10 23:43 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-03-10 23:43 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-03-10 23:43 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-03-10 23:43 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-03-10 23:43 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-03-10 23:43 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-03-10 23:43 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-03-10 23:43 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-03-10 23:43 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-03-10 23:43 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-03-10 23:43 - 2015-02-03 05:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-03-10 23:43 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-03-10 23:43 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-03-10 23:43 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-03-10 23:43 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-03-10 23:43 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-03-10 23:43 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-03-10 23:43 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-03-10 23:43 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-03-10 23:43 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-03-10 23:43 - 2015-02-03 05:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-03-10 23:43 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2015-03-10 23:43 - 2015-02-03 05:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-03-10 23:43 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2015-03-10 23:43 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-03-10 23:43 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2015-03-10 23:43 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2015-03-10 23:43 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2015-03-10 23:43 - 2015-02-03 05:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-03-10 23:43 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2015-03-10 23:43 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2015-03-10 23:43 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-03-10 23:43 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-03-10 23:43 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-03-10 23:43 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-03-10 23:43 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-03-10 23:43 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-03-10 23:43 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2015-03-10 23:43 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2015-03-10 23:43 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2015-03-10 23:43 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-03-10 23:43 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-03-10 23:43 - 2015-01-31 05:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-03-10 23:43 - 2015-01-31 05:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2015-03-10 23:43 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-03-10 23:43 - 2015-01-31 01:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2015-03-10 23:43 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-10 23:43 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-03-10 23:43 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-03-10 23:43 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-03-10 23:43 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2015-03-10 23:42 - 2015-02-26 05:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-03-10 23:42 - 2015-02-24 05:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-03-10 23:42 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-03-10 23:42 - 2015-02-21 03:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-03-10 23:42 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-03-10 23:42 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-03-10 23:42 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-03-10 23:42 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-03-10 23:42 - 2015-02-21 01:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-03-10 23:42 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-03-10 23:42 - 2015-02-20 05:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-03-10 23:42 - 2015-02-20 05:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-03-10 23:42 - 2015-02-20 04:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-03-10 23:42 - 2015-02-20 04:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-03-10 23:42 - 2015-02-20 04:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-03-10 23:42 - 2015-02-20 04:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-03-10 23:42 - 2015-02-20 04:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-03-10 23:42 - 2015-02-20 04:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-03-10 23:42 - 2015-02-20 04:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-03-10 23:42 - 2015-02-20 04:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-03-10 23:42 - 2015-02-20 04:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-03-10 23:42 - 2015-02-20 04:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-03-10 23:42 - 2015-02-20 04:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-03-10 23:42 - 2015-02-20 04:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-03-10 23:42 - 2015-02-20 04:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-10 23:42 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-03-10 23:42 - 2015-02-20 04:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-03-10 23:42 - 2015-02-20 04:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-10 23:42 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-03-10 23:42 - 2015-02-20 04:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-03-10 23:42 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-03-10 23:42 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-03-10 23:42 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-03-10 23:42 - 2015-02-20 04:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-03-10 23:42 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-03-10 23:42 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-03-10 23:42 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-03-10 23:42 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-03-10 23:42 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-03-10 23:42 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-03-10 23:42 - 2015-02-20 03:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-03-10 23:42 - 2015-02-20 03:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-03-10 23:42 - 2015-02-20 03:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-03-10 23:42 - 2015-02-20 03:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-03-10 23:42 - 2015-02-20 03:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-03-10 23:42 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-03-10 23:42 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-03-10 23:42 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-03-10 23:42 - 2015-02-20 03:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-03-10 23:42 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-03-10 23:42 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-03-10 23:42 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-03-10 23:42 - 2015-02-20 03:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-03-10 23:42 - 2015-02-20 03:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-03-10 23:42 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-03-10 23:42 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-03-10 23:42 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-03-10 23:42 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-10 23:42 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-03-10 23:42 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-03-06 12:06 - 2015-03-06 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-05 12:14 - 2015-02-08 18:02 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2015-04-05 11:58 - 2009-07-14 06:45 - 00015184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-04-05 11:58 - 2009-07-14 06:45 - 00015184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-04-05 11:56 - 2009-07-14 19:55 - 00740422 _____ () C:\Windows\system32\perfh015.dat 2015-04-05 11:56 - 2009-07-14 19:55 - 00155996 _____ () C:\Windows\system32\perfc015.dat 2015-04-05 11:56 - 2009-07-14 07:13 - 01670518 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-04-05 11:53 - 2015-01-31 20:44 - 00000000 ____D () C:\Users\Wiktor\AppData\Local\Google 2015-04-05 11:53 - 2015-01-31 20:44 - 00000000 ____D () C:\Users\Wiktor\AppData\Local\Deployment 2015-04-05 11:51 - 2015-02-08 19:14 - 00002888 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Wiktor) 2015-04-05 11:50 - 2015-02-13 18:48 - 00000000 ____D () C:\Users\Wiktor\AppData\Roaming\ASUS WebStorage 2015-04-05 11:50 - 2015-02-01 02:56 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat 2015-04-05 11:50 - 2015-02-01 00:11 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-04-05 11:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-04-05 11:44 - 2015-02-01 12:41 - 00000000 ____D () C:\Users\Wiktor\Documents\Pliki programu Outlook 2015-04-05 11:24 - 2015-01-31 20:44 - 00000000 ____D () C:\Users\Wiktor\AppData\Local\Apps\2.0 2015-04-05 11:23 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2015-04-05 00:38 - 2014-08-19 12:31 - 00056008 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kldisk.sys 2015-04-05 00:17 - 2015-01-31 23:49 - 00000000 ____D () C:\Users\Wiktor\AppData\Local\Battle.net 2015-04-04 19:57 - 2009-07-14 07:08 - 00032592 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-04-04 19:52 - 2015-01-31 23:54 - 00001912 _____ () C:\Windows\epplauncher.mif 2015-04-04 18:19 - 2015-02-06 18:33 - 00000000 ____D () C:\ProgramData\Napisy24 2015-04-04 18:19 - 2015-01-31 22:25 - 00000000 ____D () C:\ProgramData\AMD 2015-04-04 18:18 - 2015-01-31 22:24 - 00000000 ____D () C:\Program Files\AMD 2015-04-04 18:18 - 2015-01-31 20:54 - 00000000 ____D () C:\ProgramData\Package Cache 2015-04-04 18:16 - 2015-01-31 22:25 - 00000401 _____ () C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2015-04-04 18:16 - 2015-01-31 20:54 - 00000000 ____D () C:\Program Files\ATI 2015-04-04 00:43 - 2015-03-03 21:25 - 00000000 ____D () C:\ProgramData\Epic 2015-04-03 22:25 - 2015-01-31 23:49 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2015-04-02 21:43 - 2015-02-09 20:32 - 00000000 ____D () C:\Users\Wiktor\AppData\Roaming\vlc 2015-04-02 15:02 - 2015-02-09 17:15 - 00000000 ____D () C:\Users\Wiktor\AppData\Roaming\AIMP3 2015-04-01 23:11 - 2015-01-31 20:30 - 00000000 ____D () C:\Users\Wiktor 2015-04-01 20:27 - 2015-02-08 19:14 - 00002150 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk 2015-03-31 19:02 - 2014-10-03 18:36 - 02024960 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll 2015-03-31 19:02 - 2014-10-03 18:36 - 00695808 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll 2015-03-31 19:02 - 2014-10-03 18:36 - 00344976 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe 2015-03-31 19:02 - 2014-10-03 18:36 - 00314256 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe 2015-03-31 19:02 - 2014-10-03 18:36 - 00304128 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll 2015-03-31 19:02 - 2014-10-03 18:36 - 00278528 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll 2015-03-25 22:37 - 2015-01-31 20:55 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-03-25 22:37 - 2015-01-31 20:55 - 00000000 ____D () C:\Windows\system32\appraiser 2015-03-14 02:06 - 2015-02-03 20:28 - 00000000 ____D () C:\Users\Wiktor\AppData\Roaming\TS3Client 2015-03-12 19:04 - 2015-02-06 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Napisy24 2015-03-12 19:04 - 2015-02-06 18:33 - 00000000 ____D () C:\Program Files (x86)\Napisy24 2015-03-11 04:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2015-03-11 04:23 - 2009-07-14 06:45 - 00433424 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-11 04:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-03-11 04:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2015-03-11 04:07 - 2015-02-01 00:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-03-11 04:07 - 2015-02-01 00:00 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-03-11 04:03 - 2015-01-31 20:39 - 00000000 ____D () C:\Windows\system32\MRT 2015-03-11 04:03 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini 2015-03-11 04:01 - 2015-01-31 20:39 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-03-06 12:06 - 2015-02-09 17:15 - 00000911 _____ () C:\Users\Public\Desktop\AIMP3.lnk 2015-03-06 12:06 - 2015-02-09 17:15 - 00000000 ____D () C:\Program Files (x86)\AIMP3 ==================== Files in the root of some directories ======= 2015-01-31 20:33 - 2015-01-31 20:33 - 0000000 _____ () C:\Users\Wiktor\AppData\Local\Driver_LOM_8161Present.flag 2015-03-14 11:18 - 2015-03-14 11:18 - 0000000 ___SH () C:\Users\Wiktor\AppData\Local\LumaEmu ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-04 21:05 ==================== End Of Log ============================

Kod: Zaznacz wszystko: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015 Ran by Wiktor at 2015-04-05 12:19:08 Running from I:\ Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886} AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acronis True Image 2014 (HKLM-x32\...\{2E840B9E-51A0-4D4C-ACD0-CA53C560C443}) (Version: 17.0.4515 - Acronis) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) AIDA64 Extreme v5.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.00 - FinalWire Ltd.) AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1483, 27.02.2015 - AIMP DevTeam) AMD Catalyst Install Manager (HKLM\...\{D5F6C841-F86E-A085-069E-BFED547EA411}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB) CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform) Cities Skylines (HKLM-x32\...\Cities Skylines_R.G. Gamblers_is1) (Version: - R.G. Gamblers, Fanfar) Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CWK (Czasowy Wyłącznik Komputera) (HKLM-x32\...\CWK) (Version: 2.52.3.43 - Damian Pasternak) Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Dragonball Xenoverse (HKLM-x32\...\Dragonball Xenoverse_is1) (Version: - ) Driver Booster 2.2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.2 - IObit) Epic Games Launcher (HKLM\...\{325AC861-EDAF-440B-97DD-259906E216D3}) (Version: 1.1.24.0 - Epic Games, Inc.) Futuremark SystemInfo (HKLM-x32\...\{2FE4C157-30AD-47F3-9D93-D9A2AFF25D3F}) (Version: 4.33.485.0 - Futuremark) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Homeworld Remastered Collection (HKLM-x32\...\Homeworld Remastered Collection_is1) (Version: - ) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation) Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab) Kaspersky Anti-Virus (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden K-Lite Codec Pack 10.9.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.5 - ) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com) MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Napisy24 (HKLM-x32\...\{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 0.97 - Napisy24.pl) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.53.2 - Black Tree Gaming) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) qBittorrent 3.1.12 (HKLM-x32\...\qBittorrent) (Version: 3.1.12 - The qBittorrent project) Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.49.1393 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer E220x Drivers (Version: 1.1.49.1393 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer Performance Suite (HKLM-x32\...\{FE6786D7-4CAD-47D9-9221-3782B0052992}) (Version: 1.1.49.1393 - Qualcomm Atheros) Qualcomm Atheros Network Manager (Version: 1.1.49.1393 - Qualcomm Atheros) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.) Screamer Radio (HKU\S-1-5-21-584033481-1012264687-3606139169-1000\...\b39d22cba7231314) (Version: 0.9.5514.38272 - Screamer Radio) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) Sleeping Dogs: Definitive Edition (HKLM-x32\...\Steam App 307690) (Version: - United Front Games) Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version: - Raven Software) Star Wars: The Force Unleashed Ultimate Sith Edition (HKLM-x32\...\Steam App 32430) (Version: - LucasArts) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) UltraISO wersja V9.6.2 (HKLM-x32\...\UltraISO_is1) (Version: V9.6.2 - ) USB PnP Sound Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version: - ) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WD Drive Utilities (HKLM-x32\...\{41FB33E8-F7B7-4DAD-97F6-A5FB5C13CE3B}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.) WD Quick View (HKLM-x32\...\{9BA1D614-A32B-4BED-885B-07D14E40FEA3}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.) WD Security (HKLM-x32\...\{91D4CB50-2839-4436-A272-1215AD05592C}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.) WD SmartWare (HKLM\...\{8654631E-A33F-4BBD-A32C-A605E8D00F8C}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.) WD SmartWare Installer (HKLM-x32\...\{647175e1-9944-4a82-bac1-102c95f0a99a}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.) WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.0.496 - ASUS Cloud Corporation) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR 5.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-584033481-1012264687-3606139169-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 04-04-2015 18:18:48 Instalacja pakietu sterownika urządzenia: Advanced Micro Devices, Inc. Karty graficzne ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2015-04-05 01:30 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {09E710FB-DB37-499A-B13F-12F7DF8C374B} - System32\Tasks\Steam_x64-S-2-106-91 => C:\Users\Wiktor\AppData\Roaming\vlc\CODEXi\Steam Client [2015-04-02] () <==== ATTENTION Task: {32592F96-5512-43FD-80AC-4716692C157D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-05] (Google Inc.) Task: {3CACF99D-9923-44DB-9E8C-64AC872B3EE6} - System32\Tasks\Uninstaller_SkipUac_Wiktor => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe Task: {467BF9E6-04D9-4610-A19A-91ABF1DC6569} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {4BEBE856-D5DC-42A2-B47B-72ADC32190E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-05] (Google Inc.) Task: {5DAF7EA6-2847-4FE6-8BDE-DBB944F7B4DC} - System32\Tasks\Driver Booster SkipUAC (Wiktor) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-02-05] (IObit) Task: {6AC17930-CFE9-46FE-8B8E-FFE0D2C893AB} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-02-04] (IObit) Task: {73CF629B-A22F-46F3-B660-BA9006D8E8BB} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-02-05] (IObit) Task: {8A684C1C-914A-4B97-90C1-443A711816F6} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {8D4D2A0E-C0F7-455A-9222-7CD1C35789F8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {A1FE566B-E9AA-47B2-9454-E50B723F0D3B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {A6274963-CB47-4D8F-BA01-D6253AE98AB8} - System32\Tasks\{BE2AAD1B-307B-4307-82F1-9B1C65D24F9D} => Chrome.exe http://ui.skype.com/ui/0/7.3.0.101/pl/abandoninstall?source=lightinstaller&page=tsPlugin Task: {A7E2F1CD-93F0-4A6A-A40F-9EAC819CF1B0} - System32\Tasks\AutoKMS Task: {C0039E17-0B75-4E4A-A08B-EF5BFEF5FDBF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {C397C3C5-B738-42F1-8C15-E67471A8409F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {D48F4416-7605-4298-A17E-AFC28D3F7F00} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation) Task: {D8C20931-7B84-42FC-811F-C6ACB0B8203B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation) Task: {E631B56B-B12B-4163-A522-50BB7450D374} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd) Task: {EEF0CD88-2E24-40F7-BD63-28BB7CBF96B8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2015-02-03 10:52 - 2015-02-03 10:52 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2013-10-01 12:00 - 2013-10-01 12:00 - 02811008 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll 2014-12-10 23:53 - 2014-12-10 23:53 - 00330240 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe 2015-01-21 04:06 - 2015-01-21 04:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2015-02-13 05:56 - 2015-02-13 05:56 - 01374504 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\AsusWSService.exe 2015-04-05 11:53 - 2015-03-30 22:38 - 01530184 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libglesv2.dll 2015-04-05 11:53 - 2015-03-30 22:38 - 00091976 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libegl.dll 2015-04-05 11:53 - 2015-03-30 22:39 - 11266376 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll 2014-12-06 09:03 - 2014-12-06 09:03 - 00565760 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe 2015-04-02 21:43 - 2015-04-02 21:43 - 01471488 _____ () C:\Users\Wiktor\AppData\Roaming\vlc\CODEXi\Steam Client 2015-02-01 00:12 - 2015-03-10 08:37 - 00775680 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-02-01 00:12 - 2014-12-02 02:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-02-01 00:12 - 2014-12-02 02:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-02-01 00:12 - 2014-12-02 02:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-02-01 00:12 - 2015-03-24 06:22 - 02371776 _____ () C:\Program Files (x86)\Steam\video.dll 2015-02-01 00:12 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-02-01 00:12 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-02-01 00:12 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-02-01 00:12 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-02-01 00:12 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-02-01 00:12 - 2015-03-24 06:22 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-02-01 00:12 - 2015-02-25 03:58 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2013-12-13 12:16 - 2013-12-13 12:16 - 00276800 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll 2013-12-13 12:16 - 2013-12-13 12:16 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll 2013-12-13 12:19 - 2013-12-13 12:19 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll 2014-12-06 09:01 - 2014-12-06 09:01 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll 2014-12-06 09:01 - 2014-12-06 09:01 - 00056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll 2014-12-06 09:02 - 2014-12-06 09:02 - 00217600 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll 2014-12-06 09:01 - 2014-12-06 09:01 - 00353792 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll 2014-12-06 09:02 - 2014-12-06 09:02 - 00649216 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll 2015-04-02 21:43 - 2015-04-02 21:43 - 00279955 _____ () C:\Users\Wiktor\AppData\Roaming\vlc\CODEXi\libidn-11.dll 2015-04-02 21:43 - 2015-04-02 21:43 - 00113166 _____ () C:\Users\Wiktor\AppData\Roaming\vlc\CODEXi\zlib1.dll 2015-04-02 21:43 - 2015-04-02 21:43 - 00148760 _____ () C:\Users\Wiktor\AppData\Roaming\vlc\CODEXi\libpdcurses.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-584033481-1012264687-3606139169-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Wiktor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 62.179.1.63 - 62.179.1.62 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" ==================== Accounts: ============================= Administrator (S-1-5-21-584033481-1012264687-3606139169-500 - Administrator - Disabled) Gość (S-1-5-21-584033481-1012264687-3606139169-501 - Limited - Disabled) Wiktor (S-1-5-21-584033481-1012264687-3606139169-1000 - Administrator - Enabled) => C:\Users\Wiktor ==================== Faulty Device Manager Devices ============= Name: Kontroler magistrali zarządzania systemem Description: Kontroler magistrali zarządzania systemem Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler Uniwersalnej magistrali szeregowej (USB) Description: Kontroler Uniwersalnej magistrali szeregowej (USB) Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Error: (04/05/2015 11:49:03 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk3\DR3. Error: (04/05/2015 11:49:02 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk3\DR3. Error: (04/05/2015 11:49:02 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk3\DR3. Error: (04/05/2015 11:49:01 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk3\DR3. Error: (04/05/2015 11:49:01 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk3\DR3. Error: (04/05/2015 11:48:58 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk3\DR3. Microsoft Office Sessions: ========================= ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz Percentage of memory in use: 34% Total physical RAM: 8036.02 MB Available physical RAM: 5261.65 MB Total Pagefile: 16070.22 MB Available Pagefile: 12458.68 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:238.47 GB) (Free:155.21 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS Drive e: (Gry) (Fixed) (Total:465.66 GB) (Free:327.44 GB) NTFS Drive g: (WD Unlocker) (CDROM) (Total:0.01 GB) (Free:0 GB) UDF Drive h: (My Passport) (Fixed) (Total:1862.98 GB) (Free:629.08 GB) NTFS Drive i: (Download) (Fixed) (Total:465.76 GB) (Free:274.46 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0920B6AC) Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 796FC614) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8F131DA5) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=42) ======================================================== Disk: 3 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: A35D654D) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== End Of Log ============================

Dodano Dzisiaj, 20:20:
Czy nikt nie jest wstanie pomóc ?

**Posty:** 8 · przez **Grathon** 24 Kwi 2015, 10:26

Witam.

Zgodnie z poniższą sugestią założyłem własny temat. Dodałem chyba wszystko co potrzebne.

viewtopic.php?f=13&t=143799&p=1021692#p1021692

**Posty:** 4765 · przez **ordynat** 24 Kwi 2015, 10:44

obowiazkowe-zasady-wstawiania-logow-wazne-vt117887.html

i FRST zrobił co najmniej dwa logi

Kto jest na forum