Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01 Ran by Dawid at 2015-03-05 21:03:07 Running from C:\Users\Dawid\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Aktualizacje NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2214 - AVAST Software) BitTorrent (HKU\S-1-5-21-1545121163-3142986878-565259449-1000\...\BitTorrent) (Version: 7.9.2.38914 - BitTorrent Inc.) CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited) DiRT2 (HKLM-x32\...\{F0A421DB-030E-40DE-A3E6-EC340B1074BC}) (Version: 1.00.0000 - Codemasters) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.76 - Google Inc.) Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Intel(R) Network Connections 14.4.1.0 (HKLM\...\PROSetDX) (Version: 14.4.1.0 - Intel) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - ) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Games for Windows - LIVE (HKLM-x32\...\{4CB52D2C-1857-4D6C-99C8-4D3F8FC6E124}) (Version: 3.1.173.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{6F05332E-6063-4FB9-9233-0577B01E124A}) (Version: 3.1.89.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA Sterownik graficzny 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Panel sterowania NVIDIA 347.52 (Version: 347.52 - NVIDIA Corporation) Hidden Rapture3D 2.3.22 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound) SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden Sound Blaster Plugin for Microsoft Media Center (HKLM-x32\...\Sound Blaster for Media Center) (Version: 3.10 - Creative Technology Limited) Sound Blaster X-Fi MB (HKLM-x32\...\{9DE8F8E9-D5BD-49BF-9974-6F0A0C849BB7}) (Version: 1.0 - Creative Technology Limited) System Requirements Lab (HKLM-x32\...\{8DCAB1D8-F20C-4733-9B5F-646DDFEB59C9}) (Version: 6.1.1.0 - Husdawg, LLC) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) Video Card Stability Test (HKLM-x32\...\Video Card Stability Test) (Version: v.1.0.0.3 - FreeStone Group) Warframe (HKLM-x32\...\{3D12F438-4B19-4091-8AEE-B59111C824AF}) (Version: 1.0.0 - Digital Extremes) WinRAR 5.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 04-03-2015 21:34:27 Installed Intel(R) Network Connections. 04-03-2015 21:38:14 Installed Sound Blaster X-Fi MB 04-03-2015 21:46:20 Windows Update 04-03-2015 22:02:10 Windows Update 04-03-2015 22:14:01 Installed Warframe 04-03-2015 22:15:10 Zainstalowany program DirectX 04-03-2015 22:50:32 Installed Sound Blaster for Media Center 04-03-2015 22:50:58 Installed Creative Software AutoUpdate 04-03-2015 23:14:54 Configured Sound Blaster X-Fi MB 05-03-2015 20:24:10 Instalacja pakietu sterownika urządzenia: MagicISO, Inc. Kontrolery magazynu 05-03-2015 20:25:33 Zainstalowane DiRT2 05-03-2015 20:56:01 Zainstalowany program DirectX 05-03-2015 20:58:26 Zainstalowany program DirectX ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0C3AFFB2-0A39-438E-BB83-8E7FAA619CED} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-04] (Avast Software s.r.o.) Task: {882E2135-2684-4D9C-A4BA-E691E9477070} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-04] (Google Inc.) Task: {9760AF23-E34E-4E5F-9678-4C1B12ADA32B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-04] (Google Inc.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2015-03-04 22:33 - 2015-02-05 20:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-03-04 21:48 - 2015-03-04 21:48 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-03-04 21:48 - 2015-03-04 21:48 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-03-04 21:48 - 2015-03-04 21:48 - 02916352 _____ () C:\Program Files\AVAST Software\Avast\defs\15030403\algo.dll 2015-03-05 20:07 - 2015-03-05 20:07 - 02917376 _____ () C:\Program Files\AVAST Software\Avast\defs\15030500\algo.dll 2015-03-04 21:48 - 2015-03-04 21:48 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-03-04 21:48 - 2015-03-04 21:48 - 01359872 _____ () C:\Program Files\AVAST Software\Avast\libglesv2.dll 2015-03-04 21:48 - 2015-03-04 21:48 - 00212992 _____ () C:\Program Files\AVAST Software\Avast\libegl.dll 2015-03-04 21:39 - 2015-02-28 02:56 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\libglesv2.dll 2015-03-04 21:39 - 2015-02-28 02:56 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\libegl.dll 2015-03-04 21:39 - 2015-02-28 02:56 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\pdf.dll 2014-10-25 21:43 - 2014-10-25 21:43 - 39149568 _____ () C:\Users\Dawid\AppData\Local\Warframe\Downloaded\Public\Tools\CEF3\libcef.dll 2014-10-25 21:43 - 2014-10-25 21:43 - 01379328 _____ () C:\Users\Dawid\AppData\Local\Warframe\Downloaded\Public\Tools\CEF3\libglesv2.dll 2014-10-25 21:43 - 2014-10-25 21:43 - 00176128 _____ () C:\Users\Dawid\AppData\Local\Warframe\Downloaded\Public\Tools\CEF3\libegl.dll 2014-10-25 21:43 - 2014-10-25 21:43 - 00968704 _____ () C:\Users\Dawid\AppData\Local\Warframe\Downloaded\Public\Tools\CEF3\ffmpegsumo.dll 2015-03-04 21:39 - 2015-02-28 02:56 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1545121163-3142986878-565259449-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dawid\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: CTSyncService => C:\Program Files (x86)\InstallShield Installation Information\{9DE8F8E9-D5BD-49BF-9974-6F0A0C849BB7}\AMBSPISyncService.exe /StartRunKey MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: RunDLLEntry => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE MSCONFIG\startupreg: VolPanel => "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r ==================== Accounts: ============================= Administrator (S-1-5-21-1545121163-3142986878-565259449-500 - Administrator - Disabled) Dawid (S-1-5-21-1545121163-3142986878-565259449-1000 - Administrator - Enabled) => C:\Users\Dawid Gość (S-1-5-21-1545121163-3142986878-565259449-501 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/05/2015 08:07:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/04/2015 11:23:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/04/2015 10:59:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/04/2015 10:43:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/04/2015 09:29:21 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (03/04/2015 09:22:16 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Inicjowanie zrzutu awaryjnego nie powiodło się! Microsoft Office Sessions: ========================= Error: (03/05/2015 08:07:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/04/2015 11:23:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/04/2015 10:59:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/04/2015 10:43:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/04/2015 09:29:21 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz Percentage of memory in use: 51% Total physical RAM: 4022.12 MB Available physical RAM: 1932.98 MB Total Pagefile: 8042.42 MB Available Pagefile: 5530.21 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:43.85 GB) (Free:2.34 GB) NTFS Drive d: () (Fixed) (Total:67.84 GB) (Free:48.21 GB) NTFS Drive f: (DISK2) (CDROM) (Total:2.34 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: E72EBD7F) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=43.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=67.8 GB) - (Type=07 NTFS) ==================== End Of Log ============================