Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2015 01 Ran by Seven at 2015-04-27 17:25:57 Running from C:\Users\Seven\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2581347281-2596075308-1482850424-500 - Administrator - Disabled) Gość (S-1-5-21-2581347281-2596075308-1482850424-501 - Limited - Disabled) Seven (S-1-5-21-2581347281-2596075308-1482850424-1000 - Administrator - Enabled) => C:\Users\Seven ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) "FIFA 14" (HKLM-x32\...\{6049054B-DB11-48E1-A583-9A565D5C8856}_is1) (Version: 1.4.0.0 - ) «Âĺäüěŕę 2 - Óáčéöű Ęîđîëĺé» (HKLM-x32\...\«Âĺäüěŕę 2 - Óáčéöű Ęîđîëĺé»_is1) (Version: - CDProject RED) µTorrent (HKU\S-1-5-21-2581347281-2596075308-1482850424-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden Archiwizator WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software) CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform) Clownfish for Skype (HKLM-x32\...\Clownfish) (Version: - ) Counter-Strike 1.6 v32 (HKLM-x32\...\Counter-Strike 1.6) (Version: v32 - CSSetti.pl) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) DAEMON Tools Toolbar (HKLM-x32\...\DAEMON Tools Toolbar) (Version: 1.1.3.0244 - DT Soft Ltd) <==== ATTENTION Euro Truck Simulator 2 v1.16.2s (20 DLC) (HKLM-x32\...\Euro Truck Simulator 2 v1.16.2s (20 DLC)1.16.2s) (Version: 1.16.2s - Friends in War) Gameforge Live 2.0.6 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge) GG (HKU\S-1-5-21-2581347281-2596075308-1482850424-1000\...\GG) (Version: 12 - GG Network S.A.) GOM Player (HKLM-x32\...\GOM Player) (Version: - ) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden hp print screen utility (HKLM-x32\...\hp print screen utility) (Version: - ) Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation) LegendOnline 1.1.3.1081 (HKLM-x32\...\LegendOnline) (Version: 1.1.3.1081 - Oasgames, Inc.) LG United Mobile Drivers (HKLM-x32\...\{7BF5C379-41FF-4C6D-842C-DF82D74C2B14}) (Version: 3.7.2.0 - LG Electronics) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MicroVolts (HKLM-x32\...\{5E7A8F05-013C-44FD-B450-5434CA581098}_is1) (Version: - Rock Hippo Productions Ltd.) mIRC (HKLM-x32\...\mIRC) (Version: 7.36 - mIRC Co. Ltd.) Mozilla Firefox 37.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 pl)) (Version: 37.0.2 - Mozilla) MSI Afterburner 3.0.0 (HKLM-x32\...\Afterburner) (Version: 3.0.0 - MSI Co., LTD) Nero 8 Micro 8.3.2.1 (HKLM-x32\...\Nero8Lite_is1) (Version: 8.3.2.1 - Updatepack.nl) NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation) NVIDIA Sterownik graficzny 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation) Odkurzacz (HKLM-x32\...\Odkurzacz 13.5_is1) (Version: 13.5.0.1911 - FranmoSoftware - Maciej Opaliński) ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) ON_OFF Charge 2 B13.1028.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden OpenFM (HKU\S-1-5-21-2581347281-2596075308-1482850424-1000\...\OpenFM) (Version: 2 - GG Network S.A.) OpenOffice.org 3.3 (HKLM-x32\...\{EB87675F-5281-4767-A54B-31931794C23D}) (Version: 3.3.9567 - OpenOffice.org) Panel sterowania NVIDIA 350.12 (Version: 350.12 - NVIDIA Corporation) Hidden Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden Plus Internet 2.4 (HKLM-x32\...\Plus Internet_is1) (Version: - Polkomtel S.A.) Prince of Persia version 1.0.0.0 (HKLM-x32\...\Prince of Persia_is1) (Version: 1.0.0.0 - GTX Box Team) Real Alternative 1.9.0 (HKLM-x32\...\RealAlt_is1) (Version: 1.9.0 - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) VIA Platforma Menedżera urządzeń (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2581347281-2596075308-1482850424-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Seven\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Restore Points ========================= 15-04-2015 08:38:24 Usunięto: NVIDIA PhysX 27-04-2015 17:09:13 ComboFix created restore point ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2015-01-22 10:37 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {1F74483B-C3B2-4BBB-B453-CF8485697485} - System32\Tasks\Odkurzacz => C:\Program Files (x86)\Odkurzacz\odkurzacz.exe [2015-04-21] (FranmoSoftware) Task: {20F01E7F-8349-4BE0-BC94-D851FCF6E9F7} - System32\Tasks\{BF56EF27-0A30-4DA4-B7E1-8148B8AD2612} => D:\Program Files\CS 1.6\cstrike.exe [2007-01-30] (DigitalZone ) Task: {2302AFCA-E865-42D1-B3E9-A7529CAF169D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-25] (AVAST Software) Task: {559011D3-48EE-4477-AA97-CF456F67F6C1} - System32\Tasks\{80D79CAF-E87A-4D5E-97C5-9FCD1027847A} => D:\Program Files\CS 1.6\cstrike.exe [2007-01-30] (DigitalZone ) Task: {8DF59734-7C8B-4665-A740-255A41B6920B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-21] (Adobe Systems Incorporated) Task: {A197001B-5115-4BE2-8029-95CF2443612F} - System32\Tasks\{DB3235A7-EAAE-4173-AC72-158BF837C2DB} => D:\Program Files\CS 1.6\cstrike.exe [2007-01-30] (DigitalZone ) Task: {A3B3EFD6-4745-4FB2-978E-F7102C7148BF} - System32\Tasks\{806A6596-E571-41CA-BC3E-AE4E663D4C04} => Firefox.exe http://ui.skype.com/ui/0/6.21.0.104/pl/abandoninstall?page=tsProgressBar Task: {A454B306-1D45-4282-A7AF-DAD06642335A} - System32\Tasks\{F3E91C5F-4AC7-4BD6-9EEA-337001A036C5} => D:\Program Files\CS 1.6\cstrike.exe [2007-01-30] (DigitalZone ) Task: {E16F4CAF-AD1C-4D35-B0F5-201B3C710125} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd) Task: {E301F4E1-8F59-4FB1-B6EB-314F2AA579A9} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation) Task: {E8E2C2D7-C6F7-4A54-95F2-57E07EE07512} - System32\Tasks\{AEDB1072-E33D-4C2E-9137-E9251D004A3A} => D:\Program Files\CS 1.6\cstrike.exe [2007-01-30] (DigitalZone ) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============== 2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2014-09-30 19:28 - 2012-04-20 12:00 - 03351872 _____ () C:\Program Files (x86)\Plus Internet\Plus Internet.exe 2014-11-25 14:16 - 2014-11-25 14:16 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll 2014-11-25 14:16 - 2014-11-25 14:16 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll 2015-04-26 21:21 - 2015-04-26 21:21 - 02927104 _____ () C:\Program Files\AVAST Software\Avast\defs\15042601\algo.dll 2014-11-25 14:17 - 2014-11-25 14:17 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll 2015-04-27 12:29 - 2015-04-27 12:29 - 02927104 _____ () C:\Program Files\AVAST Software\Avast\defs\15042700\algo.dll 2015-04-14 08:35 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2014-09-30 19:28 - 2012-04-20 12:00 - 01101824 _____ () C:\Program Files (x86)\Plus Internet\NDISAPI.dll 2015-03-20 10:05 - 2015-03-20 10:05 - 38714440 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2581347281-2596075308-1482850424-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Seven\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp DNS Servers: 212.2.96.51 - 212.2.96.52 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [{29ADD26D-7037-41C9-A511-F30994FF29D0}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe FirewallRules: [{AEF4D7C8-FE63-45D2-AA02-758FFE2B1E26}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{3394DDD8-419B-4263-952D-EEFD5D0B00E6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{791A8758-0BA9-48A3-A2AE-2B9D58284708}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{82830810-1FE1-460E-99BB-11ADF93A3859}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{D9213DFC-1CB4-437C-9B5D-CBCF081F2283}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{2E24495F-2116-4350-8005-209D4CBA1A3D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{C7494EB3-DB8B-4BDF-888F-1AA10F590C1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{8545C4C7-D0DB-4A6A-83D6-51F3C472F065}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe FirewallRules: [UDP Query User{288A7647-D006-4144-8D41-A933D2E90098}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe FirewallRules: [{A86313FD-2888-4CDF-83F6-7C60F2708AC0}] => (Allow) C:\Users\Seven\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{89C15E65-6D95-40FC-91CB-7FD8E5690ED6}] => (Allow) C:\Users\Seven\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{54B5DBE6-1795-4B1C-B714-787EBD5DA60F}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe FirewallRules: [UDP Query User{00C08EF4-7335-429C-B01E-DE7BBB5266D1}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe FirewallRules: [TCP Query User{5FDD34CC-C998-4D35-9CE4-D584E485D740}D:\program files\cs 1.6\hl.exe.exe] => (Allow) D:\program files\cs 1.6\hl.exe.exe FirewallRules: [UDP Query User{30D40A65-C590-48A5-9F13-C17C207BC619}D:\program files\cs 1.6\hl.exe.exe] => (Allow) D:\program files\cs 1.6\hl.exe.exe FirewallRules: [TCP Query User{EDC7546E-3C63-4C37-B055-1D0A19328063}D:\program files\cs 1.6\hl.exe] => (Allow) D:\program files\cs 1.6\hl.exe FirewallRules: [UDP Query User{F8E85A8B-2DD8-41F3-9F21-4021AEB94AF6}D:\program files\cs 1.6\hl.exe] => (Allow) D:\program files\cs 1.6\hl.exe FirewallRules: [{04DBC4BE-6D04-41C9-93E5-EABA6C9A6E3F}] => (Allow) C:\Games\FIFA 14\Game\fifa14.exe FirewallRules: [{D25A5711-F071-4414-8410-3CEF71288DC1}] => (Allow) C:\Games\FIFA 14\Game\fifa14.exe FirewallRules: [{C149FFD1-BD80-4186-B4D4-956F086BD27E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B6F4EA44-A219-4EC4-8809-1EA31A4404A4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5FFDA2A0-C7E5-481D-925F-2E73FF153A54}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe FirewallRules: [TCP Query User{46CA6B37-074F-455F-B7ED-DD40D2CD1E45}C:\program files (x86)\cdproject red\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\cdproject red\the witcher 2\bin\witcher2.exe FirewallRules: [UDP Query User{0DFC4B40-E7B8-4E16-BE10-9666C4221C93}C:\program files (x86)\cdproject red\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\cdproject red\the witcher 2\bin\witcher2.exe FirewallRules: [TCP Query User{B1A46BDA-25C3-4A4C-8CAB-C1BC7740FD4D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{76B16F5E-F173-4E09-926E-247A498B7E46}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{FB06277F-989E-4950-9AE1-10E0EE882094}] => (Allow) C:\MicroVolts Package\MicroVolts Downloader.exe FirewallRules: [{7AEA9C60-C10C-4539-A40D-92B93DEC5574}] => (Allow) C:\MicroVolts Package\MicroVolts Downloader.exe FirewallRules: [{7176D248-D90F-4590-A0C0-F9D7937EFE7C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{292DCEFC-3381-443C-B9F3-90B83A46F48A}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [TCP Query User{AEFD9178-131A-4F61-9ACC-74AD5D4D388C}C:\users\seven\desktop\autopatcher - kopia\metin2mod_2011sf.exe] => (Allow) C:\users\seven\desktop\autopatcher - kopia\metin2mod_2011sf.exe FirewallRules: [UDP Query User{DFC2ED58-2926-4643-9A1F-D42226183083}C:\users\seven\desktop\autopatcher - kopia\metin2mod_2011sf.exe] => (Allow) C:\users\seven\desktop\autopatcher - kopia\metin2mod_2011sf.exe FirewallRules: [TCP Query User{A60A489F-3B5F-4042-A79F-88E9D81D9572}C:\users\seven\desktop\autopatcher - kopia2\metin2mod_2011sf.exe] => (Allow) C:\users\seven\desktop\autopatcher - kopia2\metin2mod_2011sf.exe FirewallRules: [UDP Query User{6E379753-FDD5-43D3-9433-7994DA6BAA8D}C:\users\seven\desktop\autopatcher - kopia2\metin2mod_2011sf.exe] => (Allow) C:\users\seven\desktop\autopatcher - kopia2\metin2mod_2011sf.exe FirewallRules: [TCP Query User{378022E1-3044-47B1-B4CB-D2D0C47CF10D}C:\users\seven\desktop\autopatcher\metin2mod_2011sf.exe] => (Allow) C:\users\seven\desktop\autopatcher\metin2mod_2011sf.exe FirewallRules: [UDP Query User{1596AB46-7EEB-4BCB-9334-35133AA082F0}C:\users\seven\desktop\autopatcher\metin2mod_2011sf.exe] => (Allow) C:\users\seven\desktop\autopatcher\metin2mod_2011sf.exe ==================== Faulty Device Manager Devices ============= Name: avast! SecureLine TAP Adapter v3 Description: avast! SecureLine TAP Adapter v3 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-Windows Provider V9 Service: aswTap Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: ccnfd_1_10_0_4 Description: ccnfd_1_10_0_4 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ccnfd_1_10_0_4 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/27/2015 05:07:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 37.0.2.5583, sygnatura czasowa: 0x552ef76c Nazwa modułu powodującego błąd: mozalloc.dll, wersja: 37.0.2.5583, sygnatura czasowa: 0x552ee9ae Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x00001aa1 Identyfikator procesu powodującego błąd: 0x78a4 Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0 Ścieżka aplikacji powodującej błąd: plugin-container.exe1 Ścieżka modułu powodującego błąd: plugin-container.exe2 Identyfikator raportu: plugin-container.exe3 Error: (04/27/2015 08:28:31 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: NvStreamNetworkService.exe, wersja: 4.1.1943.6202, sygnatura czasowa: 0x551399be Nazwa modułu powodującego błąd: NvStreamNetworkService.exe, wersja: 4.1.1943.6202, sygnatura czasowa: 0x551399be Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000004e920f Identyfikator procesu powodującego błąd: 0xd68 Godzina uruchomienia aplikacji powodującej błąd: 0xNvStreamNetworkService.exe0 Ścieżka aplikacji powodującej błąd: NvStreamNetworkService.exe1 Ścieżka modułu powodującego błąd: NvStreamNetworkService.exe2 Identyfikator raportu: NvStreamNetworkService.exe3 Error: (04/26/2015 11:09:47 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcSSAU restarted too many times in a short period. Aborting. [0] Error: (04/26/2015 07:34:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: NvStreamNetworkService.exe, wersja: 4.1.1943.6202, sygnatura czasowa: 0x551399be Nazwa modułu powodującego błąd: NvStreamNetworkService.exe, wersja: 4.1.1943.6202, sygnatura czasowa: 0x551399be Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000004e920f Identyfikator procesu powodującego błąd: 0xf90 Godzina uruchomienia aplikacji powodującej błąd: 0xNvStreamNetworkService.exe0 Ścieżka aplikacji powodującej błąd: NvStreamNetworkService.exe1 Ścieżka modułu powodującego błąd: NvStreamNetworkService.exe2 Identyfikator raportu: NvStreamNetworkService.exe3 Error: (04/26/2015 07:33:55 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (04/26/2015 07:33:55 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (04/26/2015 07:33:55 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcNvVAD endpoint registration failed [0] Error: (04/26/2015 07:27:47 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program avastui.exe w wersji 10.0.2208.722 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 828 Godzina rozpoczęcia: 01d07ff12f00c827 Godzina zakończenia: 60000 Ścieżka aplikacji: C:\Program Files\AVAST Software\Avast\avastui.exe Identyfikator raportu: 62c4e7d9-ec39-11e4-a693-001e101f4e71 Error: (04/26/2015 07:25:52 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program avastui.exe w wersji 10.0.2208.722 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 828 Godzina rozpoczęcia: 01d07ff12f00c827 Godzina zakończenia: 60000 Ścieżka aplikacji: C:\Program Files\AVAST Software\Avast\avastui.exe Identyfikator raportu: 1e6353a7-ec39-11e4-a693-001e101f4e71 Error: (04/26/2015 07:20:27 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program avastui.exe w wersji 10.0.2208.722 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 828 Godzina rozpoczęcia: 01d07ff12f00c827 Godzina zakończenia: 60000 Ścieżka aplikacji: C:\Program Files\AVAST Software\Avast\avastui.exe Identyfikator raportu: 5cccd3ff-ec38-11e4-a693-001e101f4e71 System errors: ============= Error: (04/27/2015 05:16:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (04/27/2015 05:13:53 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Error: (04/27/2015 08:30:30 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (04/27/2015 08:28:24 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: ccnfd_1_10_0_4 UsbCharger Error: (04/26/2015 11:09:34 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (04/26/2015 07:34:35 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (04/26/2015 07:33:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: ccnfd_1_10_0_4 UsbCharger Error: (04/26/2015 09:19:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: ccnfd_1_10_0_4 UsbCharger Error: (04/25/2015 10:43:05 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (04/25/2015 09:36:21 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: ccnfd_1_10_0_4 UsbCharger Microsoft Office Sessions: ========================= Error: (04/27/2015 05:07:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe37.0.2.5583552ef76cmozalloc.dll37.0.2.5583552ee9ae8000000300001aa178a401d080faf486c7f0C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll13465786-ecef-11e4-af8a-001e101fa1f5 Error: (04/27/2015 08:28:31 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920fd6801d080b356e8671fC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe9edf31c0-eca6-11e4-af8a-74d435ecd257 Error: (04/26/2015 11:09:47 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcSSAU restarted too many times in a short period. Aborting. [0] Error: (04/26/2015 07:34:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920ff9001d080472b769b4cC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe724833a2-ec3a-11e4-b4df-001e101fe70e Error: (04/26/2015 07:33:55 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (04/26/2015 07:33:55 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (04/26/2015 07:33:55 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcNvVAD endpoint registration failed [0] Error: (04/26/2015 07:27:47 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: avastui.exe10.0.2208.72282801d07ff12f00c82760000C:\Program Files\AVAST Software\Avast\avastui.exe62c4e7d9-ec39-11e4-a693-001e101f4e71 Error: (04/26/2015 07:25:52 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: avastui.exe10.0.2208.72282801d07ff12f00c82760000C:\Program Files\AVAST Software\Avast\avastui.exe1e6353a7-ec39-11e4-a693-001e101f4e71 Error: (04/26/2015 07:20:27 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: avastui.exe10.0.2208.72282801d07ff12f00c82760000C:\Program Files\AVAST Software\Avast\avastui.exe5cccd3ff-ec38-11e4-a693-001e101f4e71 CodeIntegrity Errors: =================================== Date: 2015-01-22 09:36:56.176 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-01-22 09:36:56.145 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: AMD FX(tm)-6300 Six-Core Processor Percentage of memory in use: 32% Total physical RAM: 4060.68 MB Available physical RAM: 2726.48 MB Total Pagefile: 8119.53 MB Available Pagefile: 6437.01 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:368.01 GB) (Free:205.17 GB) NTFS Drive d: () (Fixed) (Total:97.66 GB) (Free:79.93 GB) NTFS Drive e: (HPPP) (CDROM) (Total:0.2 GB) (Free:0 GB) CDFS Drive g: (Plus Internet) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 881BB854) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=368 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS) ==================== End Of Log ============================