Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01 Ran by Szymon at 2015-07-02 13:36:23 Running from E:\downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3972903673-1391813168-638966357-500 - Administrator - Disabled) Guest (S-1-5-21-3972903673-1391813168-638966357-501 - Limited - Disabled) Szymon (S-1-5-21-3972903673-1391813168-638966357-1000 - Administrator - Enabled) => C:\Users\Szymon ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3972903673-1391813168-638966357-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.149 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.) Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth) Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) CodeBlocks (HKU\S-1-5-21-3972903673-1391813168-638966357-1000\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team) Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com) GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.3 - goldensoft.org) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) LG United Mobile Drivers (HKLM-x32\...\{F193D8D7-3D5E-4DB5-A74C-F8CD5378EE7B}) (Version: 3.12.3.0 - LG Electronics) Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Word 2010 (HKLM-x32\...\Office14.WORD) (Version: 14.0.4763.1000 - Microsoft Corporation) MPC-HC 1.7.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.8 - MPC-HC Team) New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com) Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenOffice.org 2.4 (HKLM-x32\...\{E33DB440-A008-4928-8A4E-5FC5ADDED608}) (Version: 2.4.9364 - OpenOffice.org) Opera Stable 30.0.1835.88 (HKLM-x32\...\Opera 30.0.1835.88) (Version: 30.0.1835.88 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.) osu! (HKLM-x32\...\{4866e569-5c45-48c6-abf6-4b9680f5efa0}) (Version: latest - ppy Pty Ltd) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) Raptr (HKLM-x32\...\Raptr) (Version: - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7324 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D12314F45EB}) (Version: 1.00.0179 - REALTEK Semiconductor Corp.) screenSHU - the fastest screen capture ever. (HKLM-x32\...\screenSHU) (Version: - ) Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.) Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com) The Witcher 3 Wild Hunt v.1.0.3 (HKLM-x32\...\The Witcher 3 Wild Hunt_is1) (Version: - ) Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts) Unity Web Player (HKU\S-1-5-21-3972903673-1391813168-638966357-1000\...\UnityWebPlayer) (Version: 5.0.2f1 - Unity Technologies ApS) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WinRAR 5.11 (32-bitowy) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) X-G510 Gaming Mouse (HKLM-x32\...\{C202E04C-BD05-4F63-A81C-8FFF5E8521DA}}_is1) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 27-06-2015 16:46:07 Scheduled Checkpoint 29-06-2015 20:00:58 UE4 Prerequisites (x64) 29-06-2015 20:05:19 Removed Prototype. 29-06-2015 20:07:21 Removed Oracle VM VirtualBox 4.3.16 30-06-2015 14:42:44 Removed NVIDIA PhysX 30-06-2015 15:00:45 Usunięto: Microsoft Office Word Viewer 2003 01-07-2015 17:07:34 avast! antivirus system restore point 02-07-2015 13:32:09 Restore Point Created by FRST ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {531D7B29-2187-4AC4-BA77-41E46AE6A721} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated) Task: {BA6F21B2-ECC5-4D08-8513-D7CEE70BD4E9} - System32\Tasks\Opera scheduled Autoupdate 1410594791 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-19] (Opera Software) Task: {C7967713-F851-4ED8-9A30-A69CCDE34D52} - System32\Tasks\avast! Emergency Update => e:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-01] (Avast Software s.r.o.) Task: {DB8A293B-BA3A-4371-BFF6-1D041123343F} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (Whitelisted) ============== 2013-09-04 19:21 - 2013-09-04 19:21 - 02112000 _____ () E:\Program Files (x86)\screenSHU\screenSHU.exe 2015-07-01 17:10 - 2015-07-01 17:10 - 00104400 _____ () e:\Program Files\AVAST Software\Avast\log.dll 2015-07-01 17:10 - 2015-07-01 17:10 - 00081728 _____ () e:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-07-02 10:24 - 2015-07-02 10:24 - 02952704 _____ () e:\Program Files\AVAST Software\Avast\defs\15070200\algo.dll 2015-01-30 23:49 - 2009-12-09 22:20 - 00126976 _____ () C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll 2011-06-08 09:32 - 2011-06-08 09:32 - 00011362 _____ () E:\Program Files (x86)\screenSHU\mingwm10.dll 2011-06-08 09:32 - 2011-06-08 09:32 - 00043008 _____ () E:\Program Files (x86)\screenSHU\libgcc_s_dw2-1.dll 2015-07-01 17:10 - 2015-07-01 17:10 - 40540672 _____ () E:\Program Files\AVAST Software\Avast\libcef.dll 2015-07-01 17:10 - 2015-07-01 17:10 - 00104400 _____ () E:\Program Files\AVAST Software\Avast\log.dll 2015-07-01 17:10 - 2015-07-01 17:10 - 00081728 _____ () E:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2014-09-13 10:17 - 2013-01-15 17:06 - 00061952 _____ () C:\Program Files (x86)\Genius\X-G510\HidDevice.dll 2007-12-19 16:04 - 2007-12-19 16:04 - 00828416 _____ () C:\Program Files (x86)\OpenOffice.org 2.4\program\libxml2.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd 2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll 2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd 2014-08-14 02:37 - 2014-08-14 02:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll 2014-08-14 02:37 - 2014-08-14 02:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll 2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd 2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd 2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll 2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll 2015-06-25 12:58 - 2015-06-25 12:58 - 01649272 _____ () C:\Program Files (x86)\Opera\30.0.1835.88\libglesv2.dll 2015-06-25 12:58 - 2015-06-25 12:58 - 00081016 _____ () C:\Program Files (x86)\Opera\30.0.1835.88\libegl.dll 2015-07-01 17:06 - 2015-07-01 17:06 - 00380416 _____ () E:\downloads\0hwq9lcc.exe ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3972903673-1391813168-638966357-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Szymon\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{B30B3342-7280-40DC-BD8F-AA56F6ABA32A}C:\users\szymon\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\szymon\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{CB41E65A-C9ED-4918-B606-9FD7FD691AD5}C:\users\szymon\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\szymon\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{956F35F5-A315-473A-916D-6619D55C5D08}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{5817B0C9-C4C1-4A05-B491-99095F014DE3}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/02/2015 01:34:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/02/2015 01:33:55 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (07/02/2015 01:32:08 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {b8000e36-9da2-4d3c-b262-903c845fb3e9} Error: (07/02/2015 10:44:22 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/02/2015 10:43:53 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (07/02/2015 10:23:19 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/02/2015 10:22:52 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (07/01/2015 09:27:55 PM) (Source: ATIeRecord) (EventID: 16396) (User: ) Description: ATI EEU PnP start/stop failed Error: (07/01/2015 08:52:49 PM) (Source: ATIeRecord) (EventID: 16396) (User: ) Description: ATI EEU PnP start/stop failed Error: (07/01/2015 05:40:56 PM) (Source: ATIeRecord) (EventID: 16396) (User: ) Description: ATI EEU PnP start/stop failed System errors: ============= Error: (07/02/2015 01:33:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126 Error: (07/02/2015 01:32:35 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: %%1056 Error: (07/02/2015 01:32:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (07/02/2015 01:32:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s). Error: (07/02/2015 01:32:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The StarWind AE Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/02/2015 01:32:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s). Error: (07/02/2015 01:32:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Realtek11nCU service terminated unexpectedly. It has done this 1 time(s). Error: (07/02/2015 01:32:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (07/02/2015 01:32:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The AMD External Events Utility service terminated unexpectedly. It has done this 1 time(s). Error: (07/02/2015 10:43:53 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126 Microsoft Office: ========================= Error: (07/02/2015 01:34:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/02/2015 01:33:55 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (07/02/2015 01:32:08 PM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005, Access is denied. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {b8000e36-9da2-4d3c-b262-903c845fb3e9} Error: (07/02/2015 10:44:22 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/02/2015 10:43:53 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (07/02/2015 10:23:19 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/02/2015 10:22:52 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (07/01/2015 09:27:55 PM) (Source: ATIeRecord) (EventID: 16396) (User: ) Description: Error: (07/01/2015 08:52:49 PM) (Source: ATIeRecord) (EventID: 16396) (User: ) Description: Error: (07/01/2015 05:40:56 PM) (Source: ATIeRecord) (EventID: 16396) (User: ) Description: CodeIntegrity Errors: =================================== Date: 2015-04-29 21:33:29.827 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\elanusb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-04-29 21:33:29.811 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\elanusb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-04-29 21:31:34.309 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\elanusb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-04-29 21:31:34.309 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\elanusb.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz Percentage of memory in use: 32% Total physical RAM: 8142.93 MB Available physical RAM: 5460.47 MB Total Pagefile: 16284.05 MB Available Pagefile: 13338.39 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:99.94 GB) (Free:52.19 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Zastrzeżone przez system) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: () (Fixed) (Total:700 GB) (Free:459.78 GB) NTFS Drive f: (New Volume) (Fixed) (Total:131.48 GB) (Free:68.4 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C0257658) Partition 1: (Not Active) - (Size=101 MB) - (Type=07 NTFS) Partition 2: (Active) - (Size=99.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=700 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=131.5 GB) - (Type=07 NTFS) ==================== End of log ============================