Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-07-2015 Ran by The Rockabilly Moose (2015-07-29 15:51:16) Running from C:\Users\The Rockabilly Moose\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1747537892-628935095-3018465868-500 - Administrator - Disabled) Gość (S-1-5-21-1747537892-628935095-3018465868-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1747537892-628935095-3018465868-1002 - Limited - Enabled) The Rockabilly Moose (S-1-5-21-1747537892-628935095-3018465868-1000 - Administrator - Enabled) => C:\Users\The Rockabilly Moose ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1747537892-628935095-3018465868-1000\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated) Adobe Audition CC (HKLM-x32\...\{DE1E055B-679C-42F8-B114-7B6ED0B8ED95}) (Version: 6.0 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Aktualizacje NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden ALLPlayer V6.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) Android Data Recovery (HKLM-x32\...\Android Data Recovery) (Version: - Tenorshare, Inc.) AP Tuner 3.08 (HKLM-x32\...\AP Tuner 3.08) (Version: - ) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta1 - Michael Tippach) Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG) bl (x32 Version: 1.0.0 - Your Company Name) Hidden ChomikBox (HKLM-x32\...\{C49F8E1C-0BAE-4836-A670-AE76BA32BE90}) (Version: 2.0.3.0 - Chomikuj.pl) ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd) Deluxe Ski Jump 4 (HKLM-x32\...\Deluxe Ski Jump 4_is1) (Version: 1.5.1 - Mediamond Tmi) EaseUS Data Recovery Wizard 8.0 (HKLM-x32\...\EaseUS Data Recovery Wizard 8.0_is1) (Version: - EaseUS) Efficient Sticky Notes 3.55 (HKLM-x32\...\Efficient Sticky Notes_is1) (Version: - Efficient Software) Farming Simulator 15 (HKLM-x32\...\Farming Simulator 15_is1) (Version: - ) Friendly Error (HKLM-x32\...\FriendlyError) (Version: - ) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.64.5211 - Gretech Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music) HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software) High-Definition Video Playback (x32 Version: 11.1.10400.2.65 - Nero AG) Hidden HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.4.2 - Hewlett-Packard) HP Wireless Assistant (HKLM-x32\...\{1061DF04-CF33-40B0-8360-D07C9BBEB122}) (Version: 3.50.10.1 - Hewlett-Packard) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.5902.0 - IDT) ImageMixer3 (HKLM-x32\...\{751910E3-ECF1-44D0-BF3F-2936A4424514}) (Version: 3.00.006 - PIXELA) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - ) Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm) Mafia II (HKLM-x32\...\Mafia II_is1) (Version: - ) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 39.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 pl)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla) MPC-HC 1.6.6.6957 (3975d54) (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.6.6957 - MPC-HC Team) My Riding Stables - Life with Horses (HKLM-x32\...\MyRidingStables) (Version: 1.0 - Sproing Interactive GmbH) NapiProjekt (2.1.0.2287) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Napisy24 (HKLM-x32\...\{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 1.0 - Napisy24.pl) Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments) Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments) Native Instruments Guitar Rig Mobile I/O (HKLM-x32\...\Native Instruments Guitar Rig Mobile I/O) (Version: - Native Instruments) Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version: - Native Instruments) Native Instruments Rig Kontrol 3 (HKLM-x32\...\Native Instruments Rig Kontrol 3) (Version: - Native Instruments) Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments) Nero Kwik Media (HKLM-x32\...\{96F26B8F-2BCA-4157-8F39-742790C361D8}) (Version: 11.0.15300 - Nero AG) NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation) On2 VP3 Video for Windows Codec (HKLM-x32\...\{CF59708F-60F4-11D5-866A-00A0D2183227}) (Version: - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Opera Stable 30.0.1835.157 (HKLM-x32\...\Opera 30.0.1835.157) (Version: 30.0.1835.157 - Opera Software) Pakiet sterowników systemu Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (12/06/2010 4.0.0000.00000) (HKLM\...\1410CF9289BF3A20F58ACA2577EE433AE48FA1C1) (Version: 12/06/2010 4.0.0000.00000 - Google, Inc.) Panel sterowania NVIDIA 341.44 (Version: 341.44 - NVIDIA Corporation) Hidden ph (x32 Version: 1.0.0 - Your Company Name) Hidden Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Realtek USB 2.0 Card Reader (HKLM-x32\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.) Ride! Next Generation Equitation (HKLM-x32\...\{1A921F1C-7E9D-4D6D-9EDA-A2F7ECC90FA8}) (Version: - ) Saints Row IV (HKLM-x32\...\U2FpbnRzUm93SVY=_is1) (Version: 1 - ) SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.) SUPER © v2015.build.65+Recorder (2015/05/31) wersja v2015.build (HKLM-x32\...\{8E2A29F2-96BF-8859-4DB7-5C16C91728A3}_is1) (Version: v2015.build.65+Recorder - eRightSoft) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Total Video Converter 3.60 100204 (HKLM-x32\...\Total Video Converter 3.61_is1) (Version: - EffectMatrix Inc.) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 4.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Zero Assumption Recovery Version 9 (HKLM-x32\...\Zero Assumption Recovery_is1) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {4F7CFD7E-FC9C-4A90-88CC-A55486871529} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {5E537F20-43BD-4F71-9C46-93D93FD24EDE} - System32\Tasks\{0F60C72B-58AB-4C06-8D30-6A6888DCB1A1} => pcalua.exe -a J:\Dane\PROGRAMY\MUZYCZNE\APGuitarSetup.exe -d J:\Dane\PROGRAMY\MUZYCZNE Task: {632EB613-3079-44A5-864A-1F83D5A1387F} - System32\Tasks\{F61A924F-0FC7-458C-8194-708343B96724} => pcalua.exe -a "C:\Users\The Rockabilly Moose\Downloads\Enhancer.exe" -d "C:\Users\The Rockabilly Moose\Downloads" Task: {AD9389C8-3DE4-41B4-920A-1D561806E5A1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-10] (Google Inc.) Task: {E9C5BBA1-0AB6-406A-A26D-9CD2ADBDFA6C} - System32\Tasks\Opera scheduled Autoupdate 1438068588 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-23] (Opera Software) Task: {F35700F6-8754-438A-8826-E2285FF31D0F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-10] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-01-11 10:53 - 2015-02-04 04:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-07-28 08:31 - 2015-07-28 08:31 - 00161792 _____ () C:\Program Files (x86)\38464E43-1438065064-5131-364D-001E68BF5227\hnsa7A73.tmp 2015-07-29 12:41 - 2015-07-29 12:41 - 00345600 _____ () C:\Program Files (x86)\38464E43-1438065064-5131-364D-001E68BF5227\knsu9B6F.tmp 2009-07-01 16:44 - 2009-07-01 16:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe 2015-07-29 12:45 - 2015-07-29 12:45 - 00225233 _____ () C:\Users\The Rockabilly Moose\AppData\Local\Temp\nsrACB7.tmp 2015-04-27 02:48 - 2015-04-27 02:48 - 00286208 _____ () C:\Users\The Rockabilly Moose\AppData\Local\Temp\xtmp1889640\tmp\ChromeSync.exe 2015-06-15 10:14 - 2006-09-29 18:08 - 00364544 ____N () C:\Program Files (x86)\PIXELA\ImageMixer3\pxl_m17n_tool.dll 2015-07-29 15:10 - 2015-07-29 15:10 - 00018944 _____ () C:\Users\The Rockabilly Moose\AppData\Local\Temp\WPL3FBD.tmp\ml_online.lng 2015-07-29 15:10 - 2015-07-29 15:10 - 00035328 _____ () C:\Users\The Rockabilly Moose\AppData\Local\Temp\WPL3FBD.tmp\ombrowser.lng 2015-01-10 17:40 - 2015-04-20 02:00 - 00738784 _____ () C:\Program Files (x86)\Last.fm\unicorn.dll 2015-01-10 17:40 - 2015-04-20 02:00 - 00034784 _____ () C:\Program Files (x86)\Last.fm\logger.dll 2015-01-10 17:40 - 2015-04-20 02:00 - 00353248 _____ () C:\Program Files (x86)\Last.fm\lastfm.dll 2015-01-10 17:40 - 2015-04-20 02:00 - 00128992 _____ () C:\Program Files (x86)\Last.fm\listener.dll 2015-04-21 18:11 - 2015-04-20 01:59 - 00304608 _____ () C:\Program Files (x86)\Last.fm\phonon.dll 2015-04-21 18:11 - 2015-04-20 02:00 - 00184800 _____ () C:\Program Files (x86)\Last.fm\plugins\phonon_backend\phonon_vlc.dll 2015-01-10 17:40 - 2015-04-20 01:59 - 00113120 _____ () C:\Program Files (x86)\Last.fm\libvlc.dll 2015-01-10 17:40 - 2015-04-20 01:59 - 02288608 _____ () C:\Program Files (x86)\Last.fm\libvlccore.dll 2015-04-21 18:11 - 2015-04-20 02:00 - 00051680 _____ () C:\Program Files (x86)\Last.fm\plugins\audio_output\libaout_directx_plugin.dll 2015-07-29 15:40 - 2015-07-29 15:40 - 00011264 _____ () C:\Users\The Rockabilly Moose\AppData\Local\Temp\nsc3870.tmp\System.dll 2015-07-29 15:41 - 2015-07-29 15:41 - 00042496 _____ () C:\Users\The Rockabilly Moose\AppData\Local\Temp\nsc3870.tmp\ProcessKiller.dll 2015-07-29 15:41 - 2015-07-29 15:41 - 00097280 _____ () C:\Users\The Rockabilly Moose\AppData\Local\Temp\nsc3870.tmp\nsis-progressbar.dll 2015-07-29 15:41 - 2015-07-29 15:41 - 00022528 _____ () C:\Users\The Rockabilly Moose\AppData\Local\Temp\nsc3870.tmp\flush-inetc.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:90108DD7 AlternateDataStreams: C:\ProgramData\TEMP:F591490A ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1747537892-628935095-3018465868-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\The Rockabilly Moose\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 52.17.204.69 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{461263A9-8AEE-41C2-B559-26267AD5991D}] => (Allow) D:\PROGRAMY\uTorrent.exe FirewallRules: [{FEE00B0A-7E75-44E3-8656-5B2244481384}] => (Allow) D:\PROGRAMY\uTorrent.exe FirewallRules: [{71B112BA-C484-4107-A320-1755D6725BE1}] => (Allow) C:\Users\The Rockabilly Moose\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{38360D88-A7BE-45E5-8E54-9C4208FCD2F4}] => (Allow) C:\Users\The Rockabilly Moose\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{07EE1C2A-1030-443C-B9E6-72B1A9FF00D1}D:\programy\gadu-gadu 10\gg.exe] => (Allow) D:\programy\gadu-gadu 10\gg.exe FirewallRules: [UDP Query User{434132F1-D62A-4272-BF8F-C5810BF083DE}D:\programy\gadu-gadu 10\gg.exe] => (Allow) D:\programy\gadu-gadu 10\gg.exe FirewallRules: [TCP Query User{126A729B-5951-493B-B48B-9B8B5023F16A}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{1DF22A87-C86D-46C6-BCBD-26FCE4EFC0B3}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [{E7E63BD6-0DCD-45B5-986A-F5DFCC753DC4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{84E97B2B-5057-42C2-A6C1-1B450CFF5188}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [UDP Query User{8BC70C57-9DC3-41B0-9104-B52711EF0A66}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Allow) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [TCP Query User{93D2AD41-9AEB-4F7E-9D54-584C0C6EB237}D:\gry\saints row iv\saints row iv\saintsrowiv.exe] => (Allow) D:\gry\saints row iv\saints row iv\saintsrowiv.exe FirewallRules: [UDP Query User{F7BF4004-8DD0-4A9D-AF49-66C37CE10DEB}D:\gry\saints row iv\saints row iv\saintsrowiv.exe] => (Allow) D:\gry\saints row iv\saints row iv\saintsrowiv.exe FirewallRules: [{94EA6E03-2F97-4503-BE5D-47BE39C24FFB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{A7BF5362-13C2-4EC8-8DAC-CD76781D3D85}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{46DF91DA-6E67-4B2B-9E42-55B647C1FA82}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{4C3158EC-4F09-46EF-8BF6-3E5282374F12}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{27A5EC21-6A49-4A04-BB40-C37A77562BA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{FA941A45-E8E2-400B-888A-CCD222A12A46}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{11787814-E45F-4EC4-A480-AAD7E499A463}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{5016D6A7-29EA-46C5-9AEE-8955B65F6547}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{405DB738-0710-4A5E-86F5-81C6A13BB5A7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{EBB1EA60-3FF8-4867-BB07-4C0A277CE739}] => (Allow) LPort=2869 FirewallRules: [{8CAB6A42-9691-488C-9D2C-51D583597EAE}] => (Allow) LPort=1900 FirewallRules: [{D9B44BF7-4297-4E59-83CF-77B83AD40436}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{DE3394D2-4330-42E7-9B48-501E90395E64}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{117C54CB-321D-41AD-8D6A-D6A1301B073D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{ACDCB2BD-4DCF-4D2B-9B2D-FAD4353A22DC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [TCP Query User{ED82A3A3-344A-4EC7-8006-C8B80DFE22C6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{8F5AE087-7970-4ACD-AC35-26458697E815}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{4ACDEE43-7391-4C53-B06B-B7C32397C933}E:\gry\farming simulator 15\farming simulator 15\x64\farmingsimulator2015game.exe] => (Allow) E:\gry\farming simulator 15\farming simulator 15\x64\farmingsimulator2015game.exe FirewallRules: [UDP Query User{A9325F89-E715-4429-B1C6-2A57433E2DD5}E:\gry\farming simulator 15\farming simulator 15\x64\farmingsimulator2015game.exe] => (Allow) E:\gry\farming simulator 15\farming simulator 15\x64\farmingsimulator2015game.exe FirewallRules: [{843BDD0B-6E69-455B-AC65-2826B1870DE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{179F4591-46D8-4CEB-A958-D437896A5A0D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{2EC1A5FA-C88B-447C-8DE3-E43EA8AE0FD3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Faulty Device Manager Devices ============= Name: Podstawowe urządzenie systemowe Description: Podstawowe urządzenie systemowe Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Podstawowe urządzenie systemowe Description: Podstawowe urządzenie systemowe Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Podstawowe urządzenie systemowe Description: Podstawowe urządzenie systemowe Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/29/2015 03:41:15 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program FRST64.exe w wersji 28.7.2015.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 1644 Godzina rozpoczęcia: 01d0ca038070fc94 Godzina zakończenia: 5 Ścieżka aplikacji: C:\Users\The Rockabilly Moose\Downloads\FRST64.exe Identyfikator raportu: 641fc65e-35f7-11e5-9ddb-001e68bf5227 Error: (07/29/2015 03:09:10 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/29/2015 11:12:11 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/28/2015 09:55:48 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/28/2015 09:19:44 AM) (Source: ESENT) (EventID: 215) (User: ) Description: WinMail (1988) WindowsMail0: Tworzenie kopii zapasowej zostało zatrzymane, ponieważ zostało przerwane przez klienta lub nie można nawiązać połączenia z klientem. Error: (07/28/2015 09:19:28 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/28/2015 08:58:27 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: SmartWebApp.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x54e31eaf Nazwa modułu powodującego błąd: unknown, wersja: 0.0.0.0, sygnatura czasowa: 0x00000000 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00000000 Identyfikator procesu powodującego błąd: 0x11ec Godzina uruchomienia aplikacji powodującej błąd: 0xSmartWebApp.exe0 Ścieżka aplikacji powodującej błąd: SmartWebApp.exe1 Ścieżka modułu powodującego błąd: SmartWebApp.exe2 Identyfikator raportu: SmartWebApp.exe3 Error: (07/28/2015 08:41:27 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: bediagddca.exe, wersja: 2015.728.60.64, sygnatura czasowa: 0x55b71a72 Nazwa modułu powodującego błąd: bediagddca.exe, wersja: 2015.728.60.64, sygnatura czasowa: 0x55b71a72 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00002694 Identyfikator procesu powodującego błąd: 0xe6c Godzina uruchomienia aplikacji powodującej błąd: 0xbediagddca.exe0 Ścieżka aplikacji powodującej błąd: bediagddca.exe1 Ścieżka modułu powodującego błąd: bediagddca.exe2 Identyfikator raportu: bediagddca.exe3 Error: (07/28/2015 08:39:37 AM) (Source: MsiInstaller) (EventID: 11316) (User: Lucky7) Description: Product: globalupdate Helper -- Error 1316. Określone konto już istnieje. Error: (07/28/2015 08:38:56 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program gentlemjmp_ieu.tmp w wersji 51.52.0.0 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 12f0 Godzina rozpoczęcia: 01d0c8ff8026fc92 Godzina zakończenia: 4 Ścieżka aplikacji: C:\Users\THEROC~1\AppData\Local\Temp\is-PO7AH.tmp\gentlemjmp_ieu.tmp Identyfikator raportu: System errors: ============= Error: (07/29/2015 03:08:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Update Dynamo Combo z powodu następującego błędu: %%2 Error: (07/29/2015 03:07:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Bufor wydruku z powodu następującego błędu: %%1069 Error: (07/29/2015 03:07:15 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Usługa Spooler nie może zalogować się jako NT AUTHORITY\SYSTEM za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%50 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error: (07/29/2015 03:06:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Instalator modułów systemu Windows z powodu następującego błędu: %%1069 Error: (07/29/2015 03:06:49 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Usługa TrustedInstaller nie może zalogować się jako NT AUTHORITY\SYSTEM za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%50 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error: (07/29/2015 03:06:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/29/2015 03:06:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/29/2015 03:06:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/29/2015 03:06:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Avira Service Host niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (07/29/2015 03:06:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Live ID Sign-in Assistant niespodziewanie zakończyła pracę. Wystąpiło to razy: 2. W przeciągu 10000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Microsoft Office: ========================= CodeIntegrity: =================================== Date: 2015-03-13 12:01:06.009 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-14 20:40:57.528 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-14 20:40:31.864 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-14 20:40:12.099 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-14 20:28:27.257 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-11 20:08:11.590 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-11 20:06:07.555 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\AESTAC64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-11 20:06:02.229 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-11 20:04:43.442 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-02-11 20:04:43.308 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\AESTAC64.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz Percentage of memory in use: 58% Total physical RAM: 4063.21 MB Available physical RAM: 1696.74 MB Total Virtual: 5297.89 MB Available Virtual: 2462.34 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:76.68 GB) (Free:4.17 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (Dane 2) (Fixed) (Total:75.83 GB) (Free:0.81 GB) NTFS Drive e: (Dane) (Fixed) (Total:137.46 GB) (Free:0.1 GB) NTFS Drive f: (HP_RECOVERY) (Fixed) (Total:8.12 GB) (Free:1.52 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive g: (GSP1RMCPRXFRER_PL_DVD) (CDROM) (Total:2.98 GB) (Free:0 GB) UDF Drive j: (SAMSUNG) (Fixed) (Total:465.76 GB) (Free:3.08 GB) NTFS Drive l: (ADATA CH11) (Fixed) (Total:465.65 GB) (Free:2.05 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 6BDA7887) Partition 1: (Active) - (Size=76.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=75.8 GB) - (Type=OF Extended) Partition 3: (Not Active) - (Size=137.5 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=8.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: A271F9EC) Partition 1: (Active) - (Size=465.8 GB) - (Type=0C) ======================================================== Disk: 2 (Size: 465.8 GB) (Disk ID: EE150EAA) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== End of log ============================