Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015 Ran by Andrew at 2015-04-05 22:40:31 Running from C:\Users\Andrew\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.) Ableton Live 9 Suite (HKLM\...\{2E533C18-7395-4EAB-B5F5-1891FC591D79}) (Version: 9.0.0.0 - Ableton) Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.8 - Absolute Software) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.149 - Adobe Systems Incorporated) Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Aktualizacje NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation) ALLConverter PRO 1.3 (HKLM-x32\...\{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1) (Version: - ALLCinema, Inc.) ALLMediaServer (HKLM-x32\...\{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1) (Version: 0.95 - ALLCinema Ltd.) ALLPlayer V5.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLCinema Ltd.) America's Army: Proving Grounds Beta (HKLM-x32\...\Steam App 203290) (Version: - U.S. Army) AmpliTube 3 version 3.11.0 (HKLM\...\{DA5202AC-12BF-4330-B8EA-BC77F991FA1C}_is1) (Version: 3.11.0 - IK Multimedia) Apple Application Support (HKLM-x32\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions) Bitcasa version 0.9.20.4133 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 0.9.20.4133 - Bitcasa Inc.) Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth) ChomikBox (HKLM-x32\...\{26050F54-3928-4D9C-849A-C48A9E831E6F}) (Version: 2.0.5.0 - Chomikuj.pl) Counter-Strike Nexon: Zombies (HKLM-x32\...\Steam App 273110) (Version: - Nexon) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Crystal Metronome 1.4.7 (HKLM-x32\...\Crystal Metronome_is1) (Version: - MIL Software) Custom Shop version 1.3.0 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.3.0 - IK Multimedia) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.) CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) Deckadance 2 (HKLM-x32\...\Deckadance 2) (Version: 2.0 - Image-Line) Defiance (HKLM-x32\...\Steam App 224600) (Version: - Trion Worlds, Inc.) Dropbox (HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.) Drumaxx (HKLM-x32\...\Drumaxx) (Version: - Image-Line) DX10 (HKLM-x32\...\DX10) (Version: - Image-Line) East West EWQLSO Gold Edition (HKLM-x32\...\East West EWQLSO Gold Edition) (Version: - ) Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.) Edison (HKLM-x32\...\Edison) (Version: - Image-Line) Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden E-License Manager (HKLM-x32\...\E-License Manager) (Version: 1.3.0.0 - Best Service) E-License Manager (Version: 1.3.0.0 - Magix) Hidden Engine 2 (HKLM-x32\...\Engine 2) (Version: 2.1.0.151 - Best Service) Engine 2 (Version: 2.1.0.151 - Best Service) Hidden EZdrummer (HKLM-x32\...\{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}) (Version: 1.0 - Toontrack) EZmix 64-bit (HKLM\...\{3D83CC9F-E2E1-47AE-B1AF-F6D3A8825196}) (Version: 2.0.9 - Toontrack) EZXDfh (HKLM-x32\...\{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}) (Version: 1.0 - Toontrack) EZXMetalMachine (HKLM-x32\...\{88A1D1DA-4327-4CAF-BA74-00D85D9353E8}) (Version: 1.0.0 - Toontrack) Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.01 - Ubisoft) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG) FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line) FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line) FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - ) Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Gadwin PrintScreen (64-Bit) (HKLM\...\{796DA792-46A8-46BA-B331-D4DB6D8FE8FD}) (Version: 5.2.0.0 - Gadwin Systems) Galeria fotografii (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden gretl version 1.9.5cvs (HKLM-x32\...\gretl_is1) (Version: 1.9.5cvs - The gretl team) Groove Machine (HKLM-x32\...\Groove Machine) (Version: - Image-Line) Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music) Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music) Hardcore (HKLM-x32\...\Hardcore) (Version: - Image-Line bvba) Help Desk (HKLM\...\{3D85CD3F-00E0-4E14-82D6-1F9397DDD09B}) (Version: 1.0.8 - Samsung Electronics CO., LTD.) IK Multimedia Authorization Manager version 1.0.9 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.9 - IK Multimedia) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) IL DrumSynth Live (HKLM-x32\...\IL DrumSynth Live) (Version: - Image-Line) IL Gross Beat (HKLM-x32\...\IL Gross Beat) (Version: - Image-Line) IL Harmless (HKLM-x32\...\IL Harmless) (Version: - Image-Line) IL Harmor (HKLM-x32\...\IL Harmor) (Version: - Image-Line) IL Juice Pack (HKLM-x32\...\IL Juice Pack) (Version: - Image-Line) IL MiniHost (HKLM-x32\...\IL MiniHost) (Version: - Image-Line) IL Ogun (HKLM-x32\...\IL Ogun) (Version: - Image-Line) IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line) IL Slicex (HKLM-x32\...\IL Slicex) (Version: - Image-Line) IL Vocodex (HKLM-x32\...\IL Vocodex) (Version: - Image-Line) Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation) Intel® PROSet/Wireless WiFi Software (HKLM\...\{1593C708-5535-47A4-8C0F-F8D4BE2B4560}) (Version: 15.05.6000.1620 - Intel Corporation) IntelliMemory (HKLM\...\{E93403C5-8A91-4940-89DB-EED69DA6E82E}) (Version: 1.0.30.0 - Condusiv Technologies) Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.650 - Oracle) KMSnano 25 (HKLM\...\KMSnano 25_is1) (Version: KMSnano 25 - ) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6) MAGIX Music Maker MX Premium Download Version (Demo songs) (HKLM-x32\...\{8EA65889-2C9A-4A41-8DD9-531E156ACB48}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Music Maker MX Premium Download Version (HKLM-x32\...\MAGIX_MSI_mm18dlx) (Version: 18.0.0.42 - MAGIX AG) MAGIX Music Maker MX Premium Download Version (Instrument package 1) (HKLM-x32\...\{17DD30CE-F0AF-4E46-97EE-DEDD59BD6FA0}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Music Maker MX Premium Download Version (Instrument package 2) (HKLM-x32\...\{25A3AFB2-BED8-477E-95C0-28ECDEE1D630}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Music Maker MX Premium Download Version (Instrument package 3) (HKLM-x32\...\{4A61ACAF-29F5-4939-88DE-E2EF0647A4E7}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Music Maker MX Premium Download Version (Introductory videos) (HKLM-x32\...\{64669F87-F223-4668-8C66-4B2703F30A37}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Music Maker MX Premium Download Version (Sound package) (HKLM-x32\...\{5C19F599-20AD-4A27-8EB4-1B7121D4F603}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Music Maker MX Premium Download Version (Synthesizer and effects) (HKLM-x32\...\{83D6C933-0C42-4448-8A21-625AEE5B9FCB}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Music Maker MX Premium Download Version (Visuals) (HKLM-x32\...\{58ACDDC2-F83B-4BCF-92F2-E98180E7BEC8}) (Version: 1.0.0.0 - MAGIX AG) MAGIX Music Maker MX Premium Download Version (x32 Version: 18.0.0.42 - MAGIX AG) Hidden MAGIX Screenshare (HKLM-x32\...\{994359E8-D614-4CC6-84DB-415C27D2BA12}) (Version: 4.3.6.1987 - MAGIX AG) MAGIX Speed burnR (MSI) (HKLM-x32\...\{EBCB66BD-328F-421C-96BA-8E66C7B69336}) (Version: 7.0.1.27 - MAGIX AG) Maximus (HKLM-x32\...\Maximus) (Version: - Image-Line) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Morphine (HKLM-x32\...\Morphine) (Version: - Image-Line bvba) Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Mozilla Firefox 34.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 pl)) (Version: 34.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: - Native Instruments) Native Instruments Battery 4 (HKLM-x32\...\Native Instruments Battery 4) (Version: 4.0.0.1981 - Native Instruments) Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments) Native Instruments Driver (HKLM-x32\...\Native Instruments Driver) (Version: 1.0.1.288 - Native Instruments) Native Instruments Enhanced EQ (HKLM-x32\...\Native Instruments Enhanced EQ) (Version: - Native Instruments) Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: - Native Instruments) Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments) Native Instruments Guitar Rig Mobile I/O (HKLM-x32\...\Native Instruments Guitar Rig Mobile I/O) (Version: - Native Instruments) Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version: - Native Instruments) Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.4.2.245 - Native Instruments) Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments) Native Instruments Passive EQ (HKLM-x32\...\Native Instruments Passive EQ) (Version: - Native Instruments) Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: - Native Instruments) Native Instruments Rig Kontrol 3 (HKLM-x32\...\Native Instruments Rig Kontrol 3) (Version: - Native Instruments) Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.4.0.1093 - Native Instruments) Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.0.0.276 - Native Instruments) Native Instruments Solid Dynamics FX (HKLM-x32\...\Native Instruments Solid Dynamics FX) (Version: 1.0.0.276 - Native Instruments) Native Instruments Solid EQ FX (HKLM-x32\...\Native Instruments Solid EQ FX) (Version: 1.0.0.276 - Native Instruments) Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: - Native Instruments) Native Instruments Vari Comp (HKLM-x32\...\Native Instruments Vari Comp) (Version: - Native Instruments) Native Instruments VC 160 FX (HKLM-x32\...\Native Instruments VC 160 FX) (Version: - Native Instruments) Native Instruments VC 2A FX (HKLM-x32\...\Native Instruments VC 2A FX) (Version: - Native Instruments) Native Instruments VC 76 FX (HKLM-x32\...\Native Instruments VC 76 FX) (Version: - Native Instruments) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51 - Symantec Corporation) Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA Sterownik graficzny 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation) Opera Stable 28.0.1750.48 (HKLM-x32\...\Opera 28.0.1750.48) (Version: 28.0.1750.48 - Opera Software ASA) Operation Flashpoint ®: Red River (HKLM-x32\...\GFWL_{434D083E-7E9A-4D3A-914B-121000008100}) (Version: 1.0.0000.129 - Codemasters) Operation Flashpoint ®: Red River (x32 Version: 1.0.0000.129 - Codemasters) Hidden Operation Flashpoint: Red River (HKLM-x32\...\Steam App 44340) (Version: - Codemasters Action Studio) Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.) Panel sterowania NVIDIA 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment) Podstawowe programy Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden PoiZone (HKLM-x32\...\PoiZone) (Version: - Image-Line) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd) PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Quake Live (HKLM-x32\...\Steam App 282440) (Version: - id Software) QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.) REAPER (x64) (HKLM\...\REAPER) (Version: - ) Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.6.5 - Samsung Electronics CO., LTD.) Red Faction: Guerrilla Steam Edition (HKLM-x32\...\Steam App 20500) (Version: - Volition) reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - ) rgc:audio z3ta+ 1.5 (x64) (HKLM\...\z3ta+_x64_is1) (Version: 1.5 - Cakewalk Music Software) Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam) S Agent (Version: 1.0.9 - Samsung Electronics CO., LTD.) Hidden Sakura (HKLM-x32\...\Sakura) (Version: - Image-Line) Sawer (HKLM-x32\...\Sawer) (Version: - Image-Line) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.) SimSynth (HKLM-x32\...\SimSynth) (Version: - Image-Line) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - ) Spotify (HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB) SpyHunter (HKLM-x32\...\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}) (Version: 4.1.11 - Enigma Software Group USA, LLC) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Superior Drummer 64-bit (HKLM\...\{22029AEE-38DF-4E35-AEF4-FE8CA3F6667F}) (Version: 2.4.0 - Toontrack) Superior Drummer Installer (HKLM-x32\...\{009AC76E-1A66-4682-82B7-417E77F3C648}) (Version: 2.0.0 - Toontrack) Support Center (HKLM\...\{FD334FD4-FABA-4991-8614-A718C15E45A5}) (Version: 2.1.10 - Samsung Electronics CO., LTD.) Support Center FAQ (x32 Version: 1.0.6 - Samsung Electronics CO., LTD.) Hidden SW Update (HKLM-x32\...\{F5B5BA56-8FEB-494B-84E6-C8DA9C2BEE50}) (Version: 2.1.6 - Samsung Electronics CO., LTD.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.14.2 - Synaptics Incorporated) System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC) Sytrus (HKLM-x32\...\Sytrus) (Version: - Image-Line) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH) Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version: - Image-Line bvba) User Guide (HKLM-x32\...\{93467343-BD37-4643-8A4B-E5463CD9B7E2}) (Version: 1.3.00 - Samsung Electronics CO., LTD.) VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN) War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation) WinRAR 5.00 beta 4 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.4 - win.rar GmbH) YAC(Yet Another Cleaner!) (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1735395495-2726210869-181527219-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1735395495-2726210869-181527219-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1735395495-2726210869-181527219-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1735395495-2726210869-181527219-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1735395495-2726210869-181527219-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1735395495-2726210869-181527219-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1735395495-2726210869-181527219-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1735395495-2726210869-181527219-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1735395495-2726210869-181527219-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andrew\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Restore Points ========================= 14-03-2015 12:02:15 Zainstalowano: Microsoft Visual C++ 2005 Redistributable (x64) 25-03-2015 20:32:26 Windows Update 04-04-2015 10:29:29 Windows Update 05-04-2015 12:17:05 Installed SpyHunter ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2015-04-05 20:48 - 00001509 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 162.247.13.85 www.google-analytics.com. 162.247.13.85 google-analytics.com. 162.247.13.85 connect.facebook.net. 89.163.213.174 www.google-analytics.com. 89.163.213.174 google-analytics.com. 89.163.213.174 connect.facebook.net. 162.247.13.78 www.google-analytics.com. 162.247.13.78 google-analytics.com. 162.247.13.78 connect.facebook.net. ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {029BAF9C-AD1F-43B9-9279-3499355D612B} - System32\Tasks\{5B5A4F5F-7016-4FCF-9C92-E95636293DF0} => pcalua.exe -a F:\Autorun.exe -d F:\ Task: {03D518AD-CBE7-47D8-9871-9424211726B8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {198F44EC-C98E-4FE6-B4BA-B077581C7CF0} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {206FEEF5-E047-4107-95FD-B139C2FE52B4} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-10-25] (Samsung Electronics CO., LTD.) Task: {32D65EC3-62FB-4BAF-B3D8-168D0671CA3E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for KOMP-ANDRZEJA-Andrew komp-Andrzeja => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation) Task: {3491102A-85BD-4349-AF86-5BDE665D9D41} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-16] (Google Inc.) Task: {361C282E-F6B8-4CA7-BCEA-DEA651E40BAE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-25] (Adobe Systems Incorporated) Task: {3F12508A-C354-4FE4-8105-ED288199AC4D} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-11-30] (Samsung Electronics CO., LTD.) Task: {3FA453E2-34FE-4FC8-B7E3-9F93E7BC2C72} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-11] (Realtek Semiconductor) Task: {402ECAC4-453D-42F2-8C79-CA32FFEEB95A} - System32\Tasks\SpyHunter4Startup => C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-04-05] (Enigma Software Group USA, LLC.) Task: {42A894D2-A73B-4D6C-AF8B-C9C42EBCA3F2} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [2013-01-26] () Task: {635A788E-667E-42D2-9D69-3A66F62EC223} - \SomotoUpdateCheckerAutoStart No Task File <==== ATTENTION Task: {6992F69A-ED85-4AAA-B7D7-A368A2478FCF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-11] (Microsoft Corporation) Task: {6A951B38-F295-4999-9FA3-5A0BA705B255} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-andrjewek@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated) Task: {6E2466B2-6092-4AA6-BE25-2F7BA418ADE0} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation) Task: {6F8C5EA8-81D4-4528-985C-F911DF9F55F7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {8855519E-1F9A-4E4C-909A-906FFCDF41D5} - \NAPSTAT No Task File <==== ATTENTION Task: {90E1E1FE-CAE9-47E2-BF7A-5FD3659AF90B} - System32\Tasks\{EDA591DD-9695-4926-9AC4-A0488995424A} => pcalua.exe -a C:\Users\Andrew\AppData\Local\Akamai\uninstall.exe Task: {96A75282-A1A9-4385-A637-943097F9CB99} - System32\Tasks\{F78427F7-D0C9-4161-9312-7B7E9B82A122} => pcalua.exe -a C:\Users\Andrew\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=obw Task: {A16F3485-91EB-49D9-9F45-43364805D1D1} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {A5E75690-9E4F-4061-8FE7-02F9F57DAA92} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-09-17] (SEC) Task: {AF289F38-F216-4AA5-926E-A2D11D916C0A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {C5884ABB-C436-4D8D-B0D3-A8A068CE03BA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {CF557884-F0F9-42E8-A2CC-91CC5160EC65} - System32\Tasks\Opera scheduled Autoupdate 1407702976 => C:\Program Files (x86)\Opera\launcher.exe [2015-03-16] (Opera Software) Task: {D0C09993-D5DE-45E0-A4DE-E9EA9C080BCE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {D31E645B-F630-4313-A3AE-130814DAEBE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-16] (Google Inc.) Task: {D7B78524-3EE6-469F-A43E-CA0043154AE3} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-10-16] (Synaptics Incorporated) Task: {E01FFE03-9511-4F86-A553-56D5EF10E44F} - System32\Tasks\{75316A84-DB02-425C-A77D-838B01677EC9} => pcalua.exe -a C:\Users\Andrew\Downloads\dead.island.10.trainer_cw_downloader_14691_gry.exe -d C:\Users\Andrew\Downloads Task: {E4432BE5-2117-4949-AB43-A67596F33A8B} - \FoxTab No Task File <==== ATTENTION Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Loaded Modules (whitelisted) ============== 2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2014-02-04 23:47 - 2015-03-15 23:39 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2015-04-05 19:43 - 2015-04-05 19:43 - 00205312 _____ () C:\Users\Andrew\AppData\Roaming\D0D66880-1428240119-11E2-B2A5-317CD4B82100\nsk62DD.tmp 2015-04-05 15:22 - 2015-04-05 15:22 - 00151552 _____ () C:\Users\Andrew\AppData\Roaming\D0D66880-1428240119-11E2-B2A5-317CD4B82100\jnsmD2AD.tmp 2012-11-30 09:26 - 2012-11-30 09:26 - 00082312 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe 2015-03-25 17:00 - 2015-03-25 17:00 - 00484472 _____ () C:\Program Files (x86)\Opera\28.0.1750.48\opera_crashreporter.exe 2015-04-05 20:59 - 2015-03-20 05:49 - 00681768 _____ () C:\Program Files (x86)\Elex-tech\YAC\iDesk.exe 2012-11-30 09:26 - 2012-11-30 09:26 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll 2012-11-30 09:26 - 2012-11-30 09:26 - 01068664 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll 2012-11-30 09:26 - 2012-11-30 09:26 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll 2012-11-30 09:26 - 2012-11-30 09:26 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll 2012-11-30 09:26 - 2012-11-30 09:26 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll 2012-11-30 09:26 - 2012-11-30 09:26 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll 2012-11-30 09:26 - 2012-11-30 09:26 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll 2012-11-30 09:26 - 2012-11-30 09:26 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll 2012-11-30 09:26 - 2012-11-30 09:26 - 00103032 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll 2015-03-25 17:00 - 2015-03-25 16:59 - 00157304 _____ () C:\Program Files (x86)\Opera\28.0.1750.48\message_center_win8.dll 2015-03-25 17:00 - 2015-03-25 16:59 - 01488504 _____ () C:\Program Files (x86)\Opera\28.0.1750.48\libglesv2.dll 2015-03-25 17:00 - 2015-03-25 16:59 - 00079992 _____ () C:\Program Files (x86)\Opera\28.0.1750.48\libegl.dll 2015-03-25 17:00 - 2015-03-25 17:00 - 09625720 _____ () C:\Program Files (x86)\Opera\28.0.1750.48\pdf.dll 2012-12-17 13:54 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-04-05 20:59 - 2015-03-20 05:44 - 00185672 _____ () C:\Program Files (x86)\Elex-tech\YAC\libpng.dll 2015-04-05 20:59 - 2015-03-20 05:44 - 00065696 _____ () C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll 2015-04-05 20:59 - 2015-03-20 05:49 - 00209192 _____ () C:\Program Files (x86)\Elex-tech\YAC\iddmgr.dll 2013-10-17 17:19 - 2011-05-16 10:28 - 00324096 _____ () C:\Program Files\KMSnano\data\SDL.dll 2013-10-17 17:19 - 2012-11-04 19:27 - 00258294 _____ () C:\Program Files\KMSnano\data\libcurl-4.dll 2013-10-17 17:19 - 2012-11-04 19:29 - 00015960 _____ () C:\Program Files\KMSnano\data\mingwm10.dll 2013-10-17 17:19 - 2012-01-31 14:33 - 00100352 _____ () C:\Program Files\KMSnano\data\zlib1.dll 2013-10-17 17:19 - 2012-11-05 00:30 - 00056832 _____ () C:\Program Files\KMSnano\data\mgwz.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade AlternateDataStreams: C:\ProgramData\Temp:373E1720 AlternateDataStreams: C:\Users\Andrew\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1735395495-2726210869-181527219-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Samsung\Samsung_wallpaper.jpg DNS Servers: 217.172.224.160 - 89.231.1.206 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8" HKLM\...\StartupApproved\Run32: => "CLVirtualDrive" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\StartupApproved\StartupFolder: => "at.lnk" HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\StartupApproved\Run: => "ALLUpdate" HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\StartupApproved\Run: => "ChomikBox" HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\StartupApproved\Run: => "Gadwin PrintScreen (64-bit)" HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\StartupApproved\Run: => "Java" HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\StartupApproved\Run: => "Overwolf" HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-1735395495-2726210869-181527219-1002\...\StartupApproved\Run: => "Akamai NetSession Interface" ==================== Accounts: ============================= Administrator (S-1-5-21-1735395495-2726210869-181527219-500 - Administrator - Disabled) Andrew (S-1-5-21-1735395495-2726210869-181527219-1002 - Administrator - Enabled) => C:\Users\Andrew ASPNET (S-1-5-21-1735395495-2726210869-181527219-1007 - Limited - Enabled) Gość (S-1-5-21-1735395495-2726210869-181527219-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1735395495-2726210869-181527219-1006 - Limited - Enabled) UpdatusUser (S-1-5-21-1735395495-2726210869-181527219-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/05/2015 09:57:59 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Usługa Windows Search nie może przetworzyć listy lokalizacji dołączonych i wykluczonych. Błąd: <30, 0x80004005, „file:///C:\[46d6b620-53f9-441a-9d73-7719c4452594]\Users\”>. Error: (04/05/2015 09:57:59 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Usługa Windows Search nie może przetworzyć listy lokalizacji dołączonych i wykluczonych. Błąd: <30, 0x80004005, „file:///C:\[46d6b620-53f9-441a-9d73-7719c4452594]\ProgramData\Microsoft\Windows\Start Menu\”>. Error: (04/05/2015 09:56:46 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Usługa Windows Search jest zatrzymywana, ponieważ wystąpił problem z indeksatorem: The catalog is corrupt. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (04/05/2015 09:56:46 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Usługa wyszukiwania wykryła uszkodzone pliki danych w indeksie {id=4400}. Usługa podejmie próbę automatycznego rozwiązania tego problemu przez odbudowanie indeksu. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) Error: (04/05/2015 09:56:46 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Nie można zainicjować indeksu. Szczegóły: Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800) (0xc0041800) Error: (04/05/2015 09:56:46 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Nie można zainicjować aplikacji. Kontekst: aplikacja Windows Szczegóły: Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800) (0xc0041800) Error: (04/05/2015 09:56:46 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Nie można zainicjować obiektu programu zbierającego. Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800) (0xc0041800) Error: (04/05/2015 09:56:46 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Nie można zainicjować wtyczki w . Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800) (0xc0041800) Error: (04/05/2015 09:56:45 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Usługa Windows Search jest zatrzymywana, ponieważ wystąpił problem z indeksatorem: The catalog is corrupt. Kontekst: aplikacja Windows Szczegóły: Wykaz indeksów zawartości jest uszkodzony. 0xc0041801 (0xc0041801) Error: (04/05/2015 09:56:45 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Usługa wyszukiwania wykryła uszkodzone pliki danych w indeksie {id=2801}. Usługa podejmie próbę automatycznego rozwiązania tego problemu przez odbudowanie indeksu. Kontekst: aplikacja Windows Szczegóły: Wykaz indeksów zawartości jest uszkodzony. 0xc0041801 (0xc0041801) System errors: ============= Error: (04/05/2015 09:56:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (04/05/2015 09:56:46 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Usługa Windows Search zakończyła działanie; wystąpił następujący specyficzny dla niej błąd: %%3221493760 Error: (04/05/2015 09:56:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (04/05/2015 09:34:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi AppX Deployment Service (AppXSVC) z powodu następującego błędu: %%1053 Error: (04/05/2015 09:34:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą AppX Deployment Service (AppXSVC). Error: (04/05/2015 09:34:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi AppX Deployment Service (AppXSVC) z powodu następującego błędu: %%1053 Error: (04/05/2015 09:34:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą AppX Deployment Service (AppXSVC). Error: (04/05/2015 09:33:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi AppX Deployment Service (AppXSVC) z powodu następującego błędu: %%1053 Error: (04/05/2015 09:33:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą AppX Deployment Service (AppXSVC). Error: (04/05/2015 09:32:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi AppX Deployment Service (AppXSVC) z powodu następującego błędu: %%1053 Microsoft Office Sessions: ========================= Error: (04/05/2015 09:57:59 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: 300x80004005file:///C:\[46d6b620-53f9-441a-9d73-7719c4452594]\Users\ Error: (04/05/2015 09:57:59 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: 300x80004005file:///C:\[46d6b620-53f9-441a-9d73-7719c4452594]\ProgramData\Microsoft\Windows\Start Menu\ Error: (04/05/2015 09:56:46 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) The catalog is corrupt Error: (04/05/2015 09:56:46 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Szczegóły: Wykaz indeksów zawartości jest uszkodzony. (HRESULT : 0xc0041801) (0xc0041801) 4400 Error: (04/05/2015 09:56:46 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Szczegóły: Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800) (0xc0041800) Error: (04/05/2015 09:56:46 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Kontekst: aplikacja Windows Szczegóły: Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800) (0xc0041800) Error: (04/05/2015 09:56:46 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800) (0xc0041800) Error: (04/05/2015 09:56:46 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Kontekst: aplikacja Windows, wykaz SystemIndex Szczegóły: Baza danych indeksów zawartości jest uszkodzona. (HRESULT : 0xc0041800) (0xc0041800) Search.TripoliIndexer Error: (04/05/2015 09:56:45 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Kontekst: aplikacja Windows Szczegóły: Wykaz indeksów zawartości jest uszkodzony. 0xc0041801 (0xc0041801) The catalog is corrupt Error: (04/05/2015 09:56:45 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Kontekst: aplikacja Windows Szczegóły: Wykaz indeksów zawartości jest uszkodzony. 0xc0041801 (0xc0041801) 2801 CodeIntegrity Errors: =================================== Date: 2015-04-05 22:22:56.793 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-05 22:22:56.629 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-05 22:22:56.466 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-05 22:22:53.572 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2015-04-05 22:22:47.914 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-05 22:22:47.755 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-05 22:22:47.260 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-05 22:22:47.088 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-05 22:22:46.782 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-04-05 22:22:46.623 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz Percentage of memory in use: 34% Total physical RAM: 8079.48 MB Available physical RAM: 5302.69 MB Total Pagefile: 9743.49 MB Available Pagefile: 5140.27 MB Total Virtual: 131072 MB Available Virtual: 131071.76 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:457.35 GB) (Free:319.88 GB) NTFS Drive e: (DANE) (Fixed) (Total:449.88 GB) (Free:288.55 GB) NTFS ==================== MBR & Partition Table ================== ==================== End Of Log ============================