Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-04-2015 Ran by MARIO at 2015-04-19 19:58:03 Running from J:\ Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: COMODO Antivirus (Disabled - Out of date) {F0BC89B2-8937-0933-021B-B17D981F2A71} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Comodo Defense+ (Disabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC} FW: COMODO Firewall (Disabled) {C8870897-C358-086B-2944-184866CC6D0A} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) «Endless Space» 1.0.38 (HKLM-x32\...\Endless Space_is1) (Version: 1.0.38 - Amplitude Studios) 4K Video Downloader 3.4 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.4.3.1485 - Open Media LLC) AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.00.0000 - Ubisoft) Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden Archiwizator WinRAR (HKLM\...\WinRAR archiver) (Version: - ) Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.01 - Ubisoft) AutoHotkey 1.0.47.06 (HKLM-x32\...\AutoHotkey) (Version: 1.0.47.06 - Chris Mallett) AxCrypt 1.7.2976.0 (HKLM\...\{F28219BA-0FBA-4515-AA4D-DF55EA186C6A}) (Version: 1.7.2976.0 - Axantum Software AB) Banished v1.0.1 (64-bit) (HKLM\...\Banished v1.0.1 (64-bit)1.0.1) (Version: 1.0.1 - Friends in War) Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version: - Rocksteady Studios) Blackguards (HKLM-x32\...\Steam App 249650) (Version: - Daedalic Entertainment) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform) COMODO Internet Security Premium (HKLM\...\{18F14F4B-D8A9-4309-817E-3BC0B7664E53}) (Version: 8.0.0.4344 - COMODO Security Solutions Inc.) Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version: - Paradox Development Studio) CrystalDiskInfo 5.3.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.3.1 - Crystal Dew World) Divinity - Original Sin (HKLM-x32\...\Divinity - Original Sin_is1) (Version: - ) Empire: Total War (HKLM-x32\...\Steam App 10500) (Version: - The Creative Assembly) Endless Legend (HKLM-x32\...\RW5kbGVzc0xlZ2VuZA==_is1) (Version: 1 - ) eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden Europa Universalis IV Demo (HKLM-x32\...\Steam App 247890) (Version: - Paradox Development Studio) Evga (HKLM-x32\...\{405DE957-7607-4852-B0B5-DB27FD86410D}}_is1) (Version: - ) EVGA Unleash_Mouse Tuning Utility (HKLM-x32\...\{62291EA4-39C0-4F33-8C12-747CBB9B6B89}) (Version: 1.0.12 - EVGA) Fallout New Vegas Ultimate Edition (HKLM-x32\...\Fallout New Vegas Ultimate Edition_is1) (Version: - ) Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.01 - Ubisoft) FarCry 3 version 5.1 (HKLM-x32\...\{B810D852-DFD6-FC3-89A5-CC4D47756DAF}_is1) (Version: 5.1 - Black_Box) Farming Simulator 15 (HKLM-x32\...\Farming Simulator 15_is1) (Version: - ) Farming Simulator 2013 (HKLM-x32\...\FarmingSimulator2013PL_is1) (Version: 1.0 - GIANTS Software) Free FLV to MP3 1.0 (HKLM-x32\...\{C12DA052-3972-4622-913F-626A37F4BAE8}_is1) (Version: 1.0 - Jacek Pazera) GIANTS Editor 5.0.1 (HKLM-x32\...\giants_editor_5.0.1_is1) (Version: 5.0.1 - GIANTS Software GmbH) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.165 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: 1.0 - Релиз от R.G. Steamgames) Homeworld (HKLM-x32\...\{DA810943-6427-11D6-9C4B-0001020AA251}) (Version: - ) Horizon (HKLM-x32\...\Horizon_is1) (Version: - ) HWiNFO64 Version 4.46 (HKLM\...\HWiNFO64_is1) (Version: 4.46 - Martin Malík - REALiX) Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle) Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version: - The Creative Assembly) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Minecraft1.7.9 (HKLM-x32\...\Minecraft1.7.9) (Version: - ) MiniTool Partition Wizard Home Edition 7.6 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) MpcStar 5.4 (HKLM-x32\...\MpcStar) (Version: 5.4 - www.mpcstar.com) Muve Downloader (HKLM-x32\...\{29850ACF-D3C1-4EEC-84C4-DE795C6207F1}) (Version: 1.5.0 - Muve) NapiProjekt (2.1.0.2287) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) o.p.o.s. (HKLM-x32\...\{D30BC7E3-1211-4B92-98AA-184C55740981}_is1) (Version: 1.5.0.83 - CDP.pl) Opera Stable 28.0.1750.51 (HKLM-x32\...\Opera 28.0.1750.51) (Version: 28.0.1750.51 - Opera Software ASA) PingPlotter Standard 3.41.0s (HKLM-x32\...\{57CE9ADD-8C74-42EF-92CE-3A7736877FB4}) (Version: 3.41.0.4 - Nessoft, LLC) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek) Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.) RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games) Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) The Elder Scrolls V Skyrim LE (HKLM-x32\...\The Elder Scrolls V Skyrim LE_is1) (Version: The Elder Scrolls V Skyrim LE - ) Tropico 4 Collectors Bundle (HKLM-x32\...\Tropico 4 Collectors Bundle_is1) (Version: 1.0 - ADDONiA) World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-02-21 00:05 - 2015-03-07 15:34 - 00000970 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 genuine.microsoft.com 127.0.0.1 mpa.one.microsoft.com 127.0.0.1 sls.microsoft.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {00E9589E-2BCE-4CC3-AF35-A05BD527D352} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => F:\tools64\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-09] (COMODO) Task: {2B3D5FCB-2012-4947-A0FF-4B80A4F5E939} - System32\Tasks\Opera scheduled Autoupdate 1429232133 => f:\tools64\Opera\launcher.exe [2015-04-17] (Opera Software) Task: {34D86147-2F07-4AD8-93FC-161F2AF327E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-17] (Google Inc.) Task: {7C52B5BF-20E9-4420-AA3E-CA640CEF65E6} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => F:\tools64\COMODO\COMODO Internet Security\cistray.exe [2015-02-09] (COMODO) Task: {8039563E-7930-4070-88E8-89B1DB53A2A6} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => F:\tools64\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-09] (COMODO) Task: {A9F8E490-1EDA-4FE8-A2D2-A84F667874AD} - System32\Tasks\CCleanerSkipUAC => F:\tools64\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd) Task: {ADC3FCB2-3F46-49CB-A9F6-39DFEEC44CEE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-07] (Adobe Systems Incorporated) Task: {CA39BCBD-5CD8-42F2-9430-0F289DB7FFFF} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => F:\tools64\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-09] (COMODO) Task: {E2418916-F8EF-430D-A186-6498883FE3A4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-17] (Google Inc.) Task: {EFEE2DF7-F30A-46BA-BCDA-D59D67CCBCF2} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => F:\tools64\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-09] (COMODO) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2014-11-20 22:23 - 2014-11-20 22:23 - 00214528 _____ () f:\tools64\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () f:\tools64\AMD\ATI.ACE\Fuel\Device.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () f:\tools64\AMD\ATI.ACE\Fuel\Platform.dll 2013-04-15 18:39 - 2013-04-15 18:39 - 00073424 _____ () F:\tools64\COMODO\COMODO Internet Security\scanners\smart.cav 2014-11-20 22:23 - 2014-11-20 22:23 - 00102400 _____ () f:\tools64\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2015-04-17 02:32 - 2015-04-13 23:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll 2015-04-17 02:32 - 2015-04-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Windows\unins000.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\aaclient.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ceutil.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dfshim.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\IMJP10K.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mscorier.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mscories.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mstsc.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\packager.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\pku2u.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rapiproxystub.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rapistub.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rastls.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdpcorekmts.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\termsrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wcescommproxy.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WdfCoInstaller01009.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\winlogon.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\winsta.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WinUSBCoInstaller.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmcoinst-070531-0952.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\WUDFUpdate_01009.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ZuneCoInst.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\aaclient.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ceutil.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dfshim.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\IMJP10K.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\java.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\javaw.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\javaws.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mscorier.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mscories.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mstsc.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\networkdlllsp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\packager.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\pku2u.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\PnkBstrA.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rapiproxystub.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rapistub.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rastls.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wcescommproxy.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\winsta.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\amd_sata.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\amd_xata.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\ptun0901.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\rdpwd.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\tap0901.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\tssecsrv.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\usbfilter.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\winusb.sys:$CmdTcID ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-836672192-1069773636-2818955764-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: X3 => F:\tools64\EVGA Unleash_Mouse Tuning Utility\TORQ\Device\X3\X3HID.exe MSCONFIG\startupreg: X3L => F:\tools64\EVGA Unleash_Mouse Tuning Utility\TORQ\Device\X3L\X3LHID.exe MSCONFIG\startupreg: X5 => F:\tools64\EVGA Unleash_Mouse Tuning Utility\TORQ\Device\X5\X5HID.exe MSCONFIG\startupreg: X5L => F:\tools64\EVGA Unleash_Mouse Tuning Utility\TORQ\Device\X5L\X5LHID.exe ==================== Accounts: ============================= Administrator (S-1-5-21-836672192-1069773636-2818955764-500 - Administrator - Disabled) Gość (S-1-5-21-836672192-1069773636-2818955764-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-836672192-1069773636-2818955764-1002 - Limited - Enabled) MARIO (S-1-5-21-836672192-1069773636-2818955764-1001 - Administrator - Enabled) => C:\Users\MARIO ==================== Faulty Device Manager Devices ============= Name: J:\ Description: DataTraveler II+ Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Kingston Service: WUDFRd Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Event log errors: ========================= Application errors: ================== Error: (04/19/2015 06:01:58 PM) (Source: usbperf) (EventID: 2001) (User: ) Description: Nie można odczytać wartości „First Counter” wpisu klucza usbperf\Performance. Kody stanu zostały zwrócone w danych. Error: (04/19/2015 02:48:48 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: ) Description: Nie można uruchomić usługi ochrony oprogramowania. 0x80070002 6.1.7601.17514 Error: (04/19/2015 02:45:57 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000. Error: (04/19/2015 02:45:57 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 0x800401F9 Error: (04/19/2015 02:40:34 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000. Error: (04/19/2015 02:40:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 0x800401F9 Error: (04/19/2015 00:08:52 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"1". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (04/19/2015 00:05:38 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000. Error: (04/19/2015 00:05:38 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu: 0x800401F9 Error: (04/19/2015 04:58:03 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Nie można odnaleźć zestawu zależnego Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. System errors: ============= Error: (04/19/2015 07:38:57 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (04/19/2015 07:38:57 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (04/19/2015 07:38:57 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (04/19/2015 07:38:54 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (04/19/2015 07:38:54 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (04/19/2015 07:38:53 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (04/19/2015 07:38:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Usługa zasad diagnostyki zakończyła działanie; wystąpił następujący błąd: %%5 Error: (04/19/2015 07:21:18 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (04/19/2015 07:21:17 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Error: (04/19/2015 07:21:15 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: ZARZĄDZANIE NT) Description: Wystąpił błąd podczas próby odczytu lokalnego pliku hosts. Microsoft Office Sessions: ========================= Error: (04/19/2015 06:01:58 PM) (Source: usbperf) (EventID: 2001) (User: ) Description: Error: (04/19/2015 02:48:48 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: ) Description: 0x800700026.1.7601.17514 Error: (04/19/2015 02:45:57 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x000000000x00000001 Error: (04/19/2015 02:45:57 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: 0x800401F9 Error: (04/19/2015 02:40:34 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x000000000x00000001 Error: (04/19/2015 02:40:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: 0x800401F9 Error: (04/19/2015 00:08:52 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"C:\Windows\System32\systemcpl.dll Error: (04/19/2015 00:05:38 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x000000000x00000001 Error: (04/19/2015 00:05:38 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: 0x800401F9 Error: (04/19/2015 04:58:03 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"F:\tools64\RivaTuner Statistics Server\RTSS.exe CodeIntegrity Errors: =================================== Date: 2015-04-19 15:00:51.471 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-19 15:00:51.315 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-19 14:45:51.782 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-19 14:45:51.642 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-19 14:40:29.090 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-19 14:40:28.949 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-19 13:57:01.206 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-19 13:57:01.050 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-19 13:41:44.126 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-19 13:41:43.970 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD Phenom(tm) II X4 955 Processor Percentage of memory in use: 22% Total physical RAM: 8188.53 MB Available physical RAM: 6379.98 MB Total Pagefile: 16375.25 MB Available Pagefile: 14160.27 MB Total Virtual: 8192 MB Available Virtual: 8191.86 MB ==================== Drives ================================ Drive c: (WIN7_64) (Fixed) (Total:53.75 GB) (Free:17.16 GB) NTFS Drive d: (XP32) (Fixed) (Total:24.41 GB) (Free:9.05 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (Dysk_1) (Fixed) (Total:441.34 GB) (Free:54.19 GB) NTFS Drive f: (Dysk_2) (Fixed) (Total:412.01 GB) (Free:31.27 GB) NTFS Drive g: (Inne) (Fixed) (Total:465.76 GB) (Free:45.98 GB) NTFS Drive j: () (Removable) (Total:0.48 GB) (Free:0.47 GB) FAT ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F07C9E68) Partition 1: (Active) - (Size=24.4 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=441.3 GB) - (Type=05) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 0EE436E2) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9D1BEB5D) Partition 1: (Not Active) - (Size=53.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=412 GB) - (Type=OF Extended) ======================================================== Disk: 3 (Size: 491.5 MB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================