Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-10-2014 Ran by Mateusz at 2014-10-23 16:33:08 Running from D:\Users\Mateusz\Desktop\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.) Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.11.0 - Mirillis) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Aktualizacje NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.7 - EA Digital Illusions CE AB) bl (x32 Version: 1.0.0 - Your Company Name) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden Camtasia Studio 8 (HKLM-x32\...\{BFA04EE0-8240-4667-8D53-45496A901C33}) (Version: 8.1.2.1327 - TechSmith Corporation) CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CWK (Czasowy Wyłącznik Komputera) (HKLM-x32\...\CWK) (Version: 2.52.3.43 - Damian Pasternak) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC) Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.0.5 - SCS Software) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Freemake Video Converter wersja 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation) Galeria fotografii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Game Booster (HKLM-x32\...\Game Booster_is1) (Version: 1.0.0.0 - IObit) Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge) GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games) Hitman - Codename 47 (HKLM-x32\...\Hitman - Codename 47) (Version: - ) Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle) Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle) Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games) LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.2.1 - www.leaguereplays.com) Malwarebytes Anti-Malware wersja 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}) (Version: 1.2.0238 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 32.0.3 (x86 pl) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 pl)) (Version: 32.0.3 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MTA:SA v1.3.1 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3.1 - Multi Theft Auto) mystartsearch uninstall (HKLM-x32\...\mystartsearch uninstall) (Version: - mystartsearch) <==== ATTENTION NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA PhysX (HKLM-x32\...\{54194F60-988C-4D03-B922-C2B00EFDA39A}) (Version: 9.10.0222 - NVIDIA Corporation) NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Sterownik 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenFM (HKCU\...\OpenFM) (Version: 2 - GG Network S.A.) Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.) Panel sterowania NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden ph (x32 Version: 1.0.0 - Your Company Name) Hidden Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Postal 2 - Share the Pain (HKLM-x32\...\Postal 2 - Share the Pain) (Version: - ) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0165 - REALTEK Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games) San Andreas Mod Installer (HKLM-x32\...\San Andreas Mod Installer1.1) (Version: 1.1 - cpmusick) SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.) Sp5TTInt (x32 Version: 5.1.4324.0 - Microsoft) Hidden SpCommon (x32 Version: 5.1.4324.0 - Microsoft) Hidden SpPhones (x32 Version: 6.0.3122.0 - Microsoft) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: - TeamSpeak Systems GmbH) The Settlers - Narodziny kultur (HKLM-x32\...\SADK) (Version: - ) Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Vegas Pro 12.0 (64-bit) (HKLM\...\{A1188CD2-9C9F-11E2-B88F-F04DA23A5C58}) (Version: 12.0.563 - Sony) Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden WinRAR 4.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH) Worms Armageddon (HKLM-x32\...\{9B4E5CB1-7A1A-420A-B851-3F9206B5D0C1}) (Version: 1.00 - ) YTD Video Downloader 4.8.1 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.1 - GreenTree Applications SRL) Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation) Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1233466062-3746002062-2420178946-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> D:\Users\Mateusz\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-1233466062-3746002062-2420178946-1000_Classes\CLSID\{3D531759-88B3-EFBA-6E48-B25975ED57C5}\InprocServer32 -> D:\Windows\system32\ole32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1233466062-3746002062-2420178946-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> D:\Users\Mateusz\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll No File CustomCLSID: HKU\S-1-5-21-1233466062-3746002062-2420178946-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> D:\Users\Mateusz\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 22-10-2014 17:16:13 Zainstalowany program DirectX ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2014-10-07 07:07 - 00000042 ____A D:\Windows\system32\Drivers\etc\hosts ::1 localhost 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {15F84D6C-28DE-42E1-AD03-415FD8EADF52} - System32\Tasks\AllmyappsUpdateTask => d:\users\mateusz\appdata\roaming\allmyapps\allmyappsupdater.exe Task: {16D868A2-7299-4BED-A0C6-DAA466012723} - System32\Tasks\Adobe Flash Player Updater => D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-25] (Adobe Systems Incorporated) Task: {53E6E63D-614B-4C27-BABA-FFD029DBD296} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd) Task: {6E30F75A-8744-40BC-82EA-98517FF29592} - System32\Tasks\{FBA9F58F-C56B-4792-B78A-A54E507B2143} => D:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 2010 Advanced\burningstudio2010adv.exe Task: {94A408B3-F4CF-4247-910B-DC176760EC32} - System32\Tasks\GoogleUpdateTaskMachineCore => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18] (Google Inc.) Task: {F9228FF8-2EB5-4C3F-AF10-CBFBEE26BF3C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => D:\Windows\ehome\ehrec.exe Task: {FE3029B3-6921-4359-8554-96D373499BF7} - System32\Tasks\GoogleUpdateTaskMachineUA => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18] (Google Inc.) Task: D:\Windows\Tasks\Adobe Flash Player Updater.job => D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: D:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: D:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => D:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-03-02 11:26 - 2014-07-02 20:55 - 00116568 _____ () D:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-06-19 02:51 - 2013-06-19 14:15 - 00076888 _____ () D:\Windows\SysWOW64\PnkBstrA.exe 2014-10-23 13:11 - 2014-10-23 13:12 - 00380416 _____ () D:\Users\Mateusz\Desktop\Downloads\95fqbsvs.exe 2014-03-19 00:39 - 2009-12-09 22:20 - 00126976 _____ () D:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll 2013-03-08 15:09 - 2014-09-26 11:12 - 03715184 _____ () D:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-09-10 20:32 - 2014-09-10 20:32 - 16825520 _____ () D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: D:\Users\Mateusz\Cookies:qmLlCPbM66pD0R9jRPxlMeZ6Bf5 AlternateDataStreams: D:\Users\Mateusz\Cookies:TxCGH0rk03x9pUn5A9bPrvVSbNJ AlternateDataStreams: D:\Users\Mateusz\Dane aplikacji:NT AlternateDataStreams: D:\Users\Mateusz\AppData\Roaming:NT AlternateDataStreams: D:\Users\Mateusz\AppData\Local\Temporary Internet Files:wDzkgamiCWhPRQcH6A9MYZ ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) HKU\S-1-5-21-1233466062-3746002062-2420178946-1000\Software\Classes\.exe: exefile => <===== ATTENTION! HKU\S-1-5-21-1233466062-3746002062-2420178946-1000\Software\Classes\exefile: <===== ATTENTION! ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: GarenaPlus => "D:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch MSCONFIG\startupreg: lollipop_08280759 => "d:\users\mateusz\appdata\local\lollipop\lollipop_08280759.exe" lollipop_08280759 MSCONFIG\startupreg: screenshooter => D:\Program Files (x86)\ScreenShooter\screenshooter.exe --hidden MSCONFIG\startupreg: SunJavaUpdateSched => "D:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Zune Launcher => "D:\Program Files\Zune\ZuneLauncher.exe" ========================= Accounts: ========================== Administrator (S-1-5-21-1233466062-3746002062-2420178946-500 - Administrator - Disabled) ASPNET (S-1-5-21-1233466062-3746002062-2420178946-1004 - Limited - Enabled) fbwuser (S-1-5-21-1233466062-3746002062-2420178946-1006 - Limited - Enabled) Gość (S-1-5-21-1233466062-3746002062-2420178946-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1233466062-3746002062-2420178946-1002 - Limited - Enabled) Mateusz (S-1-5-21-1233466062-3746002062-2420178946-1000 - Administrator - Enabled) => D:\Users\Mateusz ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (10/23/2014 00:56:52 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (10/23/2014 00:56:52 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (10/23/2014 00:51:19 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (10/23/2014 00:51:19 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (10/22/2014 08:38:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error: (10/22/2014 08:38:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (10/22/2014 08:38:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error: (10/22/2014 08:34:11 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (10/22/2014 08:34:11 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=25, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 Error: (10/22/2014 06:36:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Pomijanie: nie można zweryfikować Eap method DLL path name. Błąd: identyfikator typu=43, identyfikator autora=9, identyfikator dostawcy=0, typ dostawcy=0 System errors: ============= Error: (10/23/2014 04:08:06 PM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (10/23/2014 04:07:47 PM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (10/23/2014 04:07:44 PM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (10/23/2014 04:07:41 PM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (10/23/2014 04:07:38 PM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (10/23/2014 04:07:35 PM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (10/23/2014 04:07:32 PM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (10/23/2014 04:07:29 PM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (10/23/2014 04:07:26 PM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Error: (10/23/2014 04:07:23 PM) (Source: Disk) (EventID: 7) (User: ) Description: W urządzeniu \Device\Harddisk0\DR0 wystąpił zły blok. Microsoft Office Sessions: ========================= Error: (10/23/2014 00:56:52 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name43900 Error: (10/23/2014 00:56:52 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name25900 Error: (10/23/2014 00:51:19 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name43900 Error: (10/23/2014 00:51:19 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name25900 Error: (10/22/2014 08:38:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: ZARZĄDZANIE NT) Description: WmiApRplWmiApRpl8F20300004D070000 Error: (10/22/2014 08:38:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Performance1637070000000000000000000009030000 Error: (10/22/2014 08:38:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: ZARZĄDZANIE NT) Description: Performance1637070000000000000000000009030000 Error: (10/22/2014 08:34:11 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name43900 Error: (10/22/2014 08:34:11 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name25900 Error: (10/22/2014 06:36:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: ZARZĄDZANIE NT) Description: Eap method DLL path name43900 CodeIntegrity Errors: =================================== Date: 2014-10-06 12:36:34.392 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-10-06 12:36:34.292 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-08-11 12:47:58.400 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe because the set of per-page image hashes could not be found on the system. Date: 2014-01-15 07:52:20.340 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system. Date: 2014-01-15 07:52:20.119 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system. Date: 2014-01-15 07:52:19.927 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system. Date: 2014-01-15 07:52:14.638 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system. Date: 2014-01-15 07:52:14.452 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system. Date: 2014-01-15 07:52:14.260 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system. Date: 2013-04-25 10:24:04.273 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\$WINDOWS.~BT\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+ Percentage of memory in use: 67% Total physical RAM: 4094.55 MB Available physical RAM: 1331.14 MB Total Pagefile: 8187.3 MB Available Pagefile: 5378.27 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:73.24 GB) (Free:2.86 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:392.51 GB) (Free:40.02 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000001) Partition 1: (Active) - (Size=73.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=392.5 GB) - (Type=OF Extended) ==================== End Of Log ============================