Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01 Ran by TNR at 2015-02-20 00:46:26 Running from C:\Users\TNR\Desktop\Nowy folder (2) Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1214679314-924237255-3835460894-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) A9CAD (HKLM-x32\...\{C8E104FE-D57E-4082-9524-6C3A1C8DBDD7}) (Version: 2.2.0 - A9Tech) ABBYY FineReader 11 Corporate Edition (HKLM-x32\...\{F11000CE-0010-0000-0000-074957833700}) (Version: 11.11.141 - ABBYY) Acronis Disk Director Home (HKLM-x32\...\{9CCC78EF-027E-40E0-9B61-39932C65E3FE}) (Version: 11.0.216 - Acronis) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader 8 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A80000000002}) (Version: 8.0.0 - Adobe Systems Incorporated) Aktualizacje NVIDIA 16.13.65 (Version: 16.13.65 - NVIDIA Corporation) Hidden Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AutoCAD 2010 - Polski (HKLM\...\AutoCAD 2010 - Polski) (Version: 18.0.55.0 - Autodesk) AutoCAD 2010 - Polski (Version: 18.0.55.0 - Autodesk) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4214 - CDBurnerXP) ChomikBox (HKLM-x32\...\{26050F54-3928-4D9C-849A-C48A9E831E6F}) (Version: 2.0.5.0 - Chomikuj.pl) Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited) CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3608.50 - CyberLink Corp.) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd) Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version: - Larian Studios) Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 3.1.81 - Dll-Files.com) Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.01 - Creative Technology Limited) DriverEasy 3.11.3 (HKLM\...\DriverEasy_is1) (Version: 3.11.3.0 - Easeware) Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version: - Ubisoft) Dungeon Keeper 2 (HKLM-x32\...\Dungeon Keeper II) (Version: - ) Earth 2160 (HKLM-x32\...\Earth 2160) (Version: 1.01 Eng - Zuxxez Entertainment AG) Everything 1.2.1.371 (HKLM-x32\...\Everything) (Version: - ) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) foobar2000 v1.2.9 (HKLM-x32\...\foobar2000) (Version: 1.2.9 - Peter Pawlowski) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.0.6.722 - Foxit Corporation) FreeArc 0.666 (HKLM-x32\...\FreeArc) (Version: 0.666 - Bulat Ziganshin) Geeks3D FurMark 1.13.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D) GG (HKU\S-1-5-21-1214679314-924237255-3835460894-1000\...\GG) (Version: 12 - GG Network S.A.) Google Chrome (HKLM-x32\...\{D16734C7-150F-3DC5-ADAC-15951B232AB6}) (Version: 65.130.49214 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) iFunbox (v2.7.2386.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.7.2386.747 - ) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{90F00673-A276-4A58-B675-B426D39D1E09}) (Version: 15.3.0.0398 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.) Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle) Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle) Kingdoms of Amalur Reckoning version 1.0.0.0 (HKLM-x32\...\Kingdoms of Amalur Reckoning_is1) (Version: 1.0.0.0 - GTX Box Team) KiwiG PhonTunes (HKLM-x32\...\KiwiG PhonTunes_is1) (Version: - KiwiGeeker) LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32) Lichdom: Battlemage (HKLM-x32\...\Lichdom: Battlemage_is1) (Version: - Xaviant Games) MergeModule_x64 (Version: 9.1.00 - Sony Corporation) Hidden MergeModule_x86 (x32 Version: 9.1.00 - Sony Corporation) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.3.216.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{01db25f3-1b76-4d97-88c8-1c90634d88fb}) (Version: 11.0.60610.1 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.0.0 - Ubisoft) MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com) Mozilla Firefox 35.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 pl)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Nero 8 Lite 8.2.8.0 (HKLM-x32\...\Nero8Lite_is1) (Version: 8.2.8.0 - Updatepack.nl) Next Car Game Free Technology Demo (HKLM-x32\...\Next Car Game Free Technology Demo) (Version: - Bugbear Entertainment) NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation) NVIDIA Sterownik graficzny 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation) Obsługa programów Apple (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Of Orcs And Men (HKLM-x32\...\Of Orcs And Men_is1) (Version: - ) OFICJALNE TESTY EGZAMINACYJNE PWPW (HKLM-x32\...\OFICJALNE TESTY EGZAMINACYJNE PWPW) (Version: - ) OpenFM (HKU\S-1-5-21-1214679314-924237255-3835460894-1000\...\OpenFM) (Version: 2 - GG Network S.A.) Oprogramowanie Intel® PROSet/Wireless WiFi (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.) Pakiet językowy programu AutoCAD 2010 - polski (Version: 18.0.55.0 - Autodesk) Hidden Panel sterowania NVIDIA 344.75 (Version: 344.75 - NVIDIA Corporation) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Pinnale Systems Software Keys (HKLM-x32\...\{616CD10B-1EC7-41D2-8C14-3ECE93E7AEE9}_is1) (Version: - VPP TEAM) PlayMemories Home (HKLM-x32\...\{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}) (Version: 4.1.00.12152 - Sony Corporation) PMB_ModeEditor (x32 Version: 9.1.00 - Sony Corporation) Hidden PMB_ServiceUploader (x32 Version: 9.1.00 - Sony Corporation) Hidden R.A.W Realms of Ancient War (c) Focus Home Interactive version 1 (HKLM-x32\...\R.A.W Realms of Ancient War (c) Focus Home Interactive_is1) (Version: 1 - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6722 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.) Recognita Plus 5.0 (HKLM-x32\...\Recognita Plus 5.0) (Version: - ) SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 6.9 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.9.106 - Skype Technologies S.A.) SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden SpyHunter (HKLM-x32\...\{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}) (Version: 4.12.13.4202 - Enigma Software Group USA, LLC) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.0 - Synaptics Incorporated) System Explorer 4.2.2 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group) Testy A 5.1.3.42 (HKLM-x32\...\{829E7A9A-008F-434B-A63D-8EA211BCC274}_is1) (Version: 5.1.3.42 - Grupa IMAGE sp. z o.o.) The Elder Scrolls V Skyrim (HKLM-x32\...\The Elder Scrolls V Skyrim_is1) (Version: - ) The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red) TrackMania 2 (HKLM-x32\...\TrackMania 2_is1) (Version: RePack - Ultra) UltraISO Premium V9.36 (HKLM-x32\...\UltraISO_is1) (Version: - ) Unity Web Player (HKU\S-1-5-21-1214679314-924237255-3835460894-1000\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft) VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN) Wasteland 2, âĺđńč˙ 1.0.0.0 (HKLM-x32\...\Wasteland 2_is1) (Version: 1.0.0.0 - RePack by SEYTER) webplugin.exe version 3.0.0.1 (HKLM-x32\...\{E790ABDC-FE4D-4C68-B40F-C93A3D33FA9E}_is1) (Version: 3.0.0.1 - ) Wiedźmin 2 (HKLM-x32\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red) Winamp (HKLM-x32\...\Winamp) (Version: 5.65 - Nullsoft, Inc) Windows 7 Manager (HKLM\...\{92A8D72E-784B-4F09-AC0E-A9E0C1F64D2C}) (Version: 4.3.1 - Yamicsoft) WinRAR 4.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) YouRipper (HKLM-x32\...\YouRipper240) (Version: 1.3.0.0 - Remlap Software) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1214679314-924237255-3835460894-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1214679314-924237255-3835460894-1000_Classes\CLSID\{87947290-431B-FE69-984B-F85A6587E392}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1214679314-924237255-3835460894-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1214679314-924237255-3835460894-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1214679314-924237255-3835460894-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\TNR\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Restore Points ========================= Check "winmgmt" service or repair WMI. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {1147566B-E799-4B67-BCEF-97C652F0153E} - System32\Tasks\{4612FDC6-C735-4D62-A8EF-F8FBCFC7D209} => pcalua.exe -a C:\Users\TNR\Downloads\YouRipper2.40_www.INSTALKI.pl.exe -d C:\Users\TNR\Downloads Task: {1269CE05-8185-4E4C-9D26-9348C59E6255} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated) Task: {18CEF286-6810-4C81-BA06-FBC5F4025610} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {370BB7A5-C48A-4C21-BE19-4E362DBB7011} - System32\Tasks\{C97263FD-A714-4617-9D4B-2914458BDE71} => pcalua.exe -a C:\Games\Bioshock\Prerequisites\vcredist_x86_vs2008sp1.exe -d C:\Games\Bioshock\Prerequisites Task: {3A1620CE-D846-4F84-BA70-8D17FD2133D3} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation) Task: {56A8A750-0979-4723-B3C4-2975907942BF} - System32\Tasks\{0998C79C-40F4-4A4B-9F2C-B69BF490ACFB} => pcalua.exe -a G:\OriginInstaller.exe -d G:\ Task: {69325874-4BF4-442A-BF56-A32752BBF77B} - System32\Tasks\{03CB0544-50F1-44ED-B0F0-F9936AB89BB1} => C:\Games\Wiedzmin\Wiedźmin\launcher.exe [2009-07-06] (CD Projekt Red) Task: {698404DF-9876-4BA5-B11B-6A6A5A0D67C3} - System32\Tasks\{CEDB8D04-2CED-4531-BDF1-77B4F8907E77} => C:\Games\Wiedzmin\Wiedźmin\launcher.exe [2009-07-06] (CD Projekt Red) Task: {8118F683-32C1-4EEF-895D-4414B7856DF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-31] (Google Inc.) Task: {8353AA0E-C4EF-4285-9035-45C40A78DCBD} - System32\Tasks\{A7C184BF-697B-4286-B65A-17E2F4C2CCD6} => pcalua.exe -a G:\Setup.exe -d G:\ Task: {92B311CA-A748-4976-BA95-33D9BE8DE03F} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-11-25] (Dll-FIles.Com) Task: {9796B1BB-BDAB-42BF-A861-2E6B52EFE75F} - System32\Tasks\{979FF0B0-3491-4C7D-8A9D-8899DAAA7941} => pcalua.exe -a C:\Games\Outlast-GameWorks\Outlast\Binaries\UnSetup.exe -d C:\Games\Outlast-GameWorks\Outlast\Binaries Task: {9D8043CA-2420-4666-A72C-AFFF977F3E76} - System32\Tasks\{4906BB0D-C558-4899-89A2-99985AE50016} => pcalua.exe -a C:\Users\TNR\Downloads\XFXATHX_PCDRV_WIN8_LB_1_02_0061.exe -d C:\Users\TNR\Downloads Task: {A2EE5B06-A9CD-44A9-88B2-1522A41FE746} - System32\Tasks\{9D5259EE-573A-4533-B7A8-A6C7298871B9} => C:\Games\Wiedzmin\Wiedźmin\launcher.exe [2009-07-06] (CD Projekt Red) Task: {A5DA1662-1DDE-4B7F-9221-F60D01672176} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1214679314-924237255-3835460894-1000UA => C:\Users\TNR\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-25] (Facebook Inc.) Task: {A9D90C7B-1A64-47A8-B6D7-A5718C441007} - System32\Tasks\{DF6CADC4-3B94-4FD5-B66C-BA4CE6081633} => pcalua.exe -a F:\Support\vcredist_x86.exe -d F:\Support Task: {ACA43542-8BD7-4B54-AB77-A3F963987B17} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-11-25] (Dll-FIles.Com) Task: {B00E30A8-32BB-4145-9CFE-908D36EDAD20} - System32\Tasks\{5D15044C-7FE9-4288-95B4-CBF9C8D643B7} => pcalua.exe -a C:\Users\TNR\Downloads\A9CADV2Setup_www.INSTALKI.pl.exe -d C:\Users\TNR\Downloads Task: {D30919C7-84B7-4A84-91F3-842D3C01F6B6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1214679314-924237255-3835460894-1000Core => C:\Users\TNR\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-25] (Facebook Inc.) Task: {D8623C6C-ABDF-47ED-AF4F-DBFD0E537156} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-09-21] (Synaptics Incorporated) Task: {DA999580-CA35-49BC-93A1-3E414441EB88} - System32\Tasks\SpyHunter4Startup => C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-02-19] (Enigma Software Group USA, LLC.) Task: {DB0F7EFD-9791-4A23-8AA4-D92EC92D7D8A} - System32\Tasks\Windows Update Check - 0x0E5602E0 => C:\ProgramData\Windows <==== ATTENTION Task: {DD70AE65-A5E7-4DFD-B5DC-502A171E0815} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-31] (Google Inc.) Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION Task: {EB6F9340-3F9D-464F-B5F0-1EB4B0AD0C65} - System32\Tasks\{A5636CFE-8BA2-4230-8760-FD30F9D16D87} => pcalua.exe -a "C:\Users\TNR\Desktop\sterownik ds3\libusb-win32-filter-bin-0.1.10.1.exe" -d "C:\Users\TNR\Desktop\sterownik ds3" Task: {F2B62E74-3B51-446A-BBC6-594EC7C93F6B} - System32\Tasks\{4027DEEE-2592-41F4-9084-30EBB0EB0B5B} => C:\Games\Wiedzmin\Wiedźmin\launcher.exe [2009-07-06] (CD Projekt Red) Task: {FC70B0A2-9332-433A-AEF1-C926294B85CA} - System32\Tasks\{A9B7413A-2A89-4D1F-974E-8A3046D7703E} => pcalua.exe -a "C:\Program Files (x86)\Outlast\Binaries\UnSetup.exe" -d "C:\Program Files (x86)\Outlast\Binaries" Task: {FDF7E1B0-3A47-4039-B441-DC0DB16C196B} - System32\Tasks\DLL-Files FixerASKUSER => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-11-25] (Dll-FIles.Com) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1214679314-924237255-3835460894-1000Core.job => C:\Users\TNR\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1214679314-924237255-3835460894-1000UA.job => C:\Users\TNR\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2013-08-31 12:21 - 2014-11-13 01:20 - 00013120 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2013-08-31 12:22 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-12-10 21:09 - 2009-12-29 15:52 - 00089088 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL 2013-12-10 21:09 - 2010-07-22 15:46 - 00237056 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL 2012-10-22 17:39 - 2012-10-22 17:39 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-10-25 19:17 - 2014-11-13 01:20 - 00010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2015-02-15 01:40 - 2015-02-15 01:40 - 00381440 _____ () C:\Windows\mod_frst.exe ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1214679314-924237255-3835460894-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\TNR\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: Media is not connected to internet. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Bonus.SSR.FR11 => "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun MSCONFIG\startupreg: ChomikBox => C:\Program Files (x86)\ChomikBox\chomikbox.exe MSCONFIG\startupreg: Everything => "C:\Program Files (x86)\Everything\Everything.exe" -startup MSCONFIG\startupreg: Facebook Update => "C:\Users\TNR\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: GG => "C:\Users\TNR\AppData\Local\GG\Application\gghub.exe" MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe MSCONFIG\startupreg: Module Loader => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\TNR\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: uTorrent => "C:\Users\TNR\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED MSCONFIG\startupreg: Windows Service Manager => "C:\ProgramData\Windows Service Manager0\mwvaztybt.exe" ==================== Accounts: ============================= Administrator (S-1-5-21-1214679314-924237255-3835460894-500 - Administrator - Disabled) Guest (S-1-5-21-1214679314-924237255-3835460894-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1214679314-924237255-3835460894-1003 - Limited - Enabled) TNR (S-1-5-21-1214679314-924237255-3835460894-1000 - Administrator - Enabled) => C:\Users\TNR ==================== Faulty Device Manager Devices ============= Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (02/19/2015 10:44:20 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/19/2015 08:13:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/19/2015 08:02:37 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/19/2015 07:52:54 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/19/2015 07:49:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/19/2015 07:37:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/19/2015 06:14:15 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/19/2015 04:34:18 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (02/19/2015 04:34:15 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (02/19/2015 04:34:07 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1". Nie można odnaleźć zestawu zależnego Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. System errors: ============= Error: (02/19/2015 10:44:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Acronis OS Selector activator z powodu następującego błędu: %%1053 Error: (02/19/2015 10:44:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Acronis OS Selector activator. Error: (02/19/2015 10:43:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi LibUsb-Win32 - Daemon, Version 0.1.10.1 z powodu następującego błędu: %%2 Error: (02/19/2015 10:42:23 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \SystemRoot\SysWow64\drivers\libusb0.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (02/19/2015 10:42:23 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \SystemRoot\SysWow64\drivers\libusb0.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (02/19/2015 10:42:22 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \SystemRoot\SysWow64\drivers\libusb0.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (02/19/2015 10:42:22 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \SystemRoot\SysWow64\drivers\libusb0.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (02/19/2015 10:42:20 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \SystemRoot\SysWow64\drivers\libusb0.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (02/19/2015 10:42:19 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Ładowanie sterownika \SystemRoot\SysWow64\drivers\libusb0.sys zostało zablokowane z powodu niezgodności z tym systemem. Skontaktuj się z dostawcą oprogramowania w celu uzyskania zgodnej wersji sterownika. Error: (02/19/2015 10:42:29 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 20:31:44 na ‎2015-‎02-‎19 było nieoczekiwane. Microsoft Office Sessions: ========================= Error: (04/07/2014 11:10:34 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash. Error: (04/05/2014 04:04:32 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 145 seconds with 120 seconds of active time. This session ended with a crash. Error: (04/04/2014 09:07:18 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 238 seconds with 60 seconds of active time. This session ended with a crash. Error: (04/02/2014 04:07:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 654 seconds with 0 seconds of active time. This session ended with a crash. Error: (04/02/2014 09:41:25 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash. Error: (04/02/2014 09:41:10 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1423 seconds with 240 seconds of active time. This session ended with a crash. Error: (03/15/2014 07:54:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash. Error: (03/15/2014 07:53:46 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 182 seconds with 60 seconds of active time. This session ended with a crash. Error: (02/27/2014 03:29:15 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 68 seconds with 60 seconds of active time. This session ended with a crash. Error: (12/18/2013 06:44:34 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 77 seconds with 0 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz Percentage of memory in use: 28% Total physical RAM: 8086.47 MB Available physical RAM: 5819.42 MB Total Pagefile: 16171.12 MB Available Pagefile: 14016.36 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.45 GB) (Free:33.01 GB) NTFS Drive d: (System Reserved) (Fixed) (Total:0.31 GB) (Free:0.27 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B0473F95) Partition 1: (Active) - (Size=313 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================