Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2017 02 Ran by Konar (23-09-2017 16:23:06) Running from C:\Users\Konar\Downloads Windows 7 Professional Service Pack 1 (X64) (2012-12-27 14:35:23) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-908772619-3192644915-72303369-500 - Administrator - Disabled) Guest (S-1-5-21-908772619-3192644915-72303369-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-908772619-3192644915-72303369-1006 - Limited - Enabled) Konar (S-1-5-21-908772619-3192644915-72303369-1000 - Administrator - Enabled) => C:\Users\Konar ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F} AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) AIMP (HKLM-x32\...\AIMP) (Version: v4.13.1887, 19.02.2017 - AIMP DevTeam) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.) ATI Catalyst Install Manager (HKLM\...\{158E4649-5089-813C-1B35-D07C628D8F9E}) (Version: 3.0.778.0 - ATI Technologies, Inc.) Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Avira (HKLM-x32\...\{4771539a-931b-4378-8d4a-721ba62effca}) (Version: 1.2.95.14694 - Avira Operations GmbH & Co. KG) Avira (HKLM-x32\...\{C22F76F2-AC9E-44BA-B297-71485F94022F}) (Version: 1.2.95.14694 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.30.29 - Avira Operations GmbH & Co. KG) Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG) ccc-core-static (HKLM-x32\...\{B0C5378D-C25E-EA39-1E1D-ACBA3B12C876}) (Version: 2010.0621.2137.36973 - Nazwa firmy) Hidden Cossacks: European Wars (HKLM\...\Steam App 4880) (Version: - GSC Game World) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CPUID CPU-Z 1.79 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) CrystalDiskInfo 6.8.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.8.2 - Crystal Dew World) Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform) DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version: - Codemasters Racing Studio) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden Gwent (HKLM-x32\...\1971477531_is1) (Version: 0.9.7 public beta - GOG.com) HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation) HWiNFO64 Version 5.22 (HKLM\...\HWiNFO64_is1) (Version: 5.22 - Martin Malík - REALiX) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC) K-Lite Mega Codec Pack 12.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.0.5 - KLCP) League of Legends (HKLM-x32\...\{2F5D7825-7460-43B1-B467-7F9737557108}) (Version: 4.2.1 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) Malwarebytes (wersja 3.1.2.1733) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo) Medal of Honor Allied Assault (HKLM-x32\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version: - ) Medal of Honor Allied Assault(tm) Spearhead (HKLM-x32\...\{7914BE1E-F186-4790-B8F4-9F63C52A41C1}) (Version: - ) Medal of Honor Allied Assault(tm) Spearhead (HKLM-x32\...\{BE699EDC-9E58-4671-A23E-9CDF7F6F42F2}) (Version: - ) Medal of Honor Allied Assault(tm) Spearhead Patch 2.15 (HKLM-x32\...\{18EF2DEE-DCB0-466A-ABA5-4C73E508530A}) (Version: - ) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Mozilla Firefox 54.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 54.0 (x86 pl)) (Version: 54.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.0.6368 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Need For Speed - Porsche Unleashed (HKLM-x32\...\Need For Speed - Porsche Unleashed) (Version: - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice.org 3.4.1 (HKLM-x32\...\{18192D3F-5537-4560-AD89-D695F72AF91D}) (Version: 3.41.9593 - Apache Software Foundation) Pizza Connection 2 (HKLM-x32\...\Pizza Connection 2) (Version: - ) PX Profile Update (HKLM-x32\...\{DC49E5CA-1FA5-08E6-363D-6EB05C5761D1}) (Version: 1.00.1. - AMD) Hidden Python 2.4.4 (HKLM-x32\...\{60E2C8C9-6CF3-4B1A-9618-E304946C94E6}) (Version: 2.4.4150 - Martin v. Löwis) QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - ) Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) SubEdit-Player (HKLM-x32\...\SubEdit-Player_is1) (Version: 4072 - Artur Sikora) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) Tibia (HKU\S-1-5-21-908772619-3192644915-72303369-1000\...\Tibia) (Version: - CipSoft GmbH) TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version: - Nadeo) VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN) WinRAR 4.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2017-02-21] (AIMP DevTeam) ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-09-23] (Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-30] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2017-02-21] (AIMP DevTeam) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-06-21] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-09-23] (Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-30] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) ContextMenuHandlers1_S-1-5-21-908772619-3192644915-72303369-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => -> No File ContextMenuHandlers4_S-1-5-21-908772619-3192644915-72303369-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => -> No File ContextMenuHandlers5_S-1-5-21-908772619-3192644915-72303369-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => -> No File ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {261AEF1A-976D-423F-9CB5-666A253B5356} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-01-20] (AVAST Software) Task: {49585C93-2190-448C-913E-9882A2F09723} - System32\Tasks\GoogleUpdateTaskMachineCore1cecce0cb975380 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {6CFDCB71-7738-4076-86E5-26B500A687F6} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe Task: {786699BA-7F12-41F0-9AB5-1E3F5109FC37} - System32\Tasks\GoogleUpdateTaskMachineUA1cecce0cd41874e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {8B561CDD-698F-4506-BF7E-BFB7ACA2FB77} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-908772619-3192644915-72303369-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 217.113.224.36 - 217.113.224.134 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: btwdins => 2 MSCONFIG\Services: hpsrv => 2 MSCONFIG\Services: IpOverUsbSvc => 2 MSCONFIG\Services: MBAMService => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: PassThru Service => 2 MSCONFIG\Services: Razer Game Scanner Service => 2 MSCONFIG\Services: RzKLService => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: f.lux => "C:\Users\Konar\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow MSCONFIG\startupreg: Gaming Keyboard => "C:\Program Files (x86)\Gaming Keyboard\Monitor.exe" MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{9A48C682-86CA-4AFC-9255-BC9C06B9D44A}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{256DC369-F759-43DE-862B-72A995EAD622}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{2F30F46F-3B78-4124-B492-5979852C39C0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{84E91D6E-3819-4BB2-9EE6-A61C70EF828D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{F30ED8FC-CFAF-4145-A029-CFA8D088FA16}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{20E43220-27E7-432B-902B-2D98547CCF4B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{1277BEDA-0CFE-48C6-A137-5C9610E9AEC2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{A710BD1E-4331-4890-B151-FF953D40875C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{1FBD1B65-B625-4DAF-AC7E-F4AFE25B9976}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8378BDDD-CB2A-41DB-AFDA-5E1DD6370474}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{E479EBC0-2ACE-48E7-B942-7136F165D88B}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe FirewallRules: [UDP Query User{5F6609AE-2C56-4FD5-911B-7D11CFA02201}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe FirewallRules: [{DEED8249-842D-4726-B679-45D0DA3E47AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe FirewallRules: [{A77CE499-C48C-4690-8F42-7B91DE0DED81}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe FirewallRules: [{44B4B4B5-85A7-49A0-A052-77165C0F3D91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe FirewallRules: [{A4376B5C-7C25-418F-8294-42F92B5EF63C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanet.exe FirewallRules: [{E66BD2C5-4504-4FFF-B44E-9A80A647C3B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CD132239-F2C3-4C81-AC4F-3317FA8B798B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{B632C131-0A95-4E96-8408-209D0E5EE172}C:\program files (x86)\ea games\mohaa\moh_spearhead.exe] => (Allow) C:\program files (x86)\ea games\mohaa\moh_spearhead.exe FirewallRules: [UDP Query User{B6EEBF85-E957-4BC6-9843-753F8EB828D1}C:\program files (x86)\ea games\mohaa\moh_spearhead.exe] => (Allow) C:\program files (x86)\ea games\mohaa\moh_spearhead.exe FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{96EFAEAE-2D10-4979-8812-9B22A113C877}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DiRT 3 Complete Edition\dirt3_game.exe FirewallRules: [{E6CF39D6-B95F-4BE3-A7B1-D42F960DE85B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DiRT 3 Complete Edition\dirt3_game.exe FirewallRules: [{B1204D67-59D4-4695-8C6F-39A38F9C89F4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cossacks European Wars\dmcr.exe FirewallRules: [{BC7D03C1-BFD9-4D82-BC60-E7EF6760F1C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cossacks European Wars\dmcr.exe FirewallRules: [{324990E0-FF14-4B60-ACB3-EE2ED5FA0D2D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{8894AC3B-BB91-4E13-BC80-654CB45BA24B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{EC9CDFBB-3984-4EF3-AED4-B57A1C21CC2A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 15-08-2017 15:07:32 Removed Broadcom 2070 Bluetooth 3.0 15-08-2017 15:26:57 Removed Broadcom 2070 Bluetooth 3.0 15-08-2017 15:41:58 Usunięte IDT Audio 15-08-2017 15:43:08 Usunięte Realtek Ethernet Controller Driver For Windows Vista an±ő[ 15-08-2017 15:43:51 Usunięte Realtek USB 2.0 Card Reader 15-08-2017 16:09:21 Zainstalowane Atheros Communications Inc.(R) AR81Family Gigabit/´ü&G 15-08-2017 16:15:42 Usunięte Atheros Communications Inc.(R) AR81Family Gigabit/Fast iÂ^9 15-08-2017 16:40:20 Zainstalowane Atheros Communications Inc.(R) AR81Family Gigabit/XáÜS 15-08-2017 16:47:16 Usunięte Atheros Communications Inc.(R) AR81Family Gigabit/Fast îµń 15-08-2017 17:11:24 Restore Operation 15-08-2017 17:38:06 Zainstalowane Realtek USB 2.0 Card Reader 15-08-2017 17:38:51 Usunięte Realtek USB 2.0 Card Reader 15-08-2017 17:40:16 Usunięte Realtek Ethernet Controller Driver For Windows Vista an­°ś,76 15-08-2017 17:55:34 Zainstalowane Atheros Communications Inc.(R) AR81Family Gigabit/_§B ==================== Faulty Device Manager Devices ============= Name: Network Controller Description: Network Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/15/2017 05:00:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583. Error: (08/15/2017 05:00:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583. Error: (08/15/2017 05:00:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583. Error: (08/15/2017 05:00:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583. Error: (08/15/2017 05:00:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583. Error: (08/15/2017 05:00:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583. Error: (08/15/2017 05:00:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583. Error: (08/15/2017 05:00:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583. Error: (08/15/2017 05:00:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583. Error: (08/15/2017 05:00:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: ) Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583. System errors: ============= Error: (09/23/2017 04:01:42 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (09/23/2017 04:01:42 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 70. Error: (09/23/2017 03:38:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Avira Real-Time Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (08/15/2017 05:19:38 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR1. Error: (08/15/2017 05:19:37 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR1. Error: (08/15/2017 05:19:37 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR1. Error: (08/15/2017 05:19:36 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR1. Error: (08/15/2017 05:19:36 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR1. Error: (08/15/2017 02:57:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Avira Real-Time Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (06/29/2017 05:56:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Avira Real-Time Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. CodeIntegrity: =================================== Date: 2017-08-15 17:07:54.478 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\l1c51x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-08-15 17:07:54.056 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\l1c51x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-08-15 17:02:23.854 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\l1c51x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-08-15 17:02:23.432 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\l1c51x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-08-15 16:59:01.577 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\l1c51x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-08-15 16:59:01.265 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\l1c51x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-08-15 16:58:04.238 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\l1c51x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-08-15 16:58:03.848 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\l1c51x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-08-15 16:57:54.129 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\l1c51x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-08-15 16:57:53.615 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\l1c51x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz Percentage of memory in use: 21% Total physical RAM: 6141.98 MB Available physical RAM: 4803.43 MB Total Virtual: 12282.14 MB Available Virtual: 10745.66 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:295.98 GB) (Free:115.02 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9B3DD6DA) Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Active) - (Size=296 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=2 GB) - (Type=0C) ==================== End of Addition.txt ============================