Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2017 Ran by Kamil (14-07-2017 21:49:02) Running from C:\Users\Kamil\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2015-01-10 14:52:51) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1350829211-2713675066-2306640670-500 - Administrator - Disabled) Guest (S-1-5-21-1350829211-2713675066-2306640670-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1350829211-2713675066-2306640670-1002 - Limited - Enabled) Kamil (S-1-5-21-1350829211-2713675066-2306640670-1000 - Administrator - Enabled) => C:\Users\Kamil ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1350829211-2713675066-2306640670-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.20) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.4.5.28 - NVIDIA Corporation) Hidden ASUS GPU Tweak (HKLM-x32\...\{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.8.3 - ASUSTek COMPUTER INC.) Hidden ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.8.3 - ASUSTek COMPUTER INC.) ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.) AudioGenie (HKLM-x32\...\AudioGenie_is1) (Version: - msi, Inc.) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts) Battlefield 4™ CTE (HKLM-x32\...\{551A08D1-B60E-4DED-9B67-C3B38258CCA3}) (Version: 1.0.2.32743 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.) doPDF (HKLM\...\{F0C22331-5394-41EB-9D8B-12335B36EEF0}) (Version: 8.1.923 - Softland) Hidden doPDF 8 (HKLM-x32\...\{c61b55b1-0524-4fc7-a4d2-6896ae2a2edb}) (Version: 8.1.923 - Softland) EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.) Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015PL_is1) (Version: 1.4.2.0 - GIANTS Software) Farming Simulator 17 (HKLM-x32\...\FarmingSimulator2017_is1) (Version: 1.0.0.0 - GIANTS Software) Fraps (HKLM-x32\...\Fraps) (Version: - ) GG (HKU\S-1-5-21-1350829211-2713675066-2306640670-1000\...\GG) (Version: 12 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.) Google Photos Backup (HKU\S-1-5-21-1350829211-2713675066-2306640670-1000\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden GPUTweakStreaming (HKLM-x32\...\{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS) Hidden GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS) HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.50.1172 - Intel Corporation) Intel(R) Turbo Boost Technology Monitor 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.1.1 - LG Electronics) LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics) Logitech Gaming Software 8.88 (HKLM\...\Logitech Gaming Software) (Version: 8.88.30 - Logitech Inc.) Mała Księgowość Rzeczpospolitej - Wersja Demonstracyjna (HKLM-x32\...\Mała Księgowość Rzeczpospolitej - Wersja Demonstracyjna) (Version: 24.00 - Usługi Informatyczne Andrzej Ciupiński) Mezzmo (HKU\S-1-5-21-1350829211-2713675066-2306640670-1000\...\Mezzmo) (Version: 3.3.0.0 - Conceiva Pty. Ltd.) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 52.0.2 (x86 pl) (HKU\S-1-5-21-1350829211-2713675066-2306640670-1000\...\Mozilla Firefox 52.0.2 (x86 pl)) (Version: 52.0.2 - Mozilla) MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.024 - MSI) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (HKLM\...\{90150000-001F-0415-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.2.2 - Notepad++ Team) novaPDF 8 Printer Driver (HKLM\...\{69EF6EE5-3506-4E51-B51D-AFEBBC2EDC33}) (Version: 8.1.923 - Softland) nSender 3.0 (HKLM-x32\...\nSender_is1) (Version: - nSender) NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation) NVIDIA Sterownik graficzny 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.) Pakiet sterowników systemu Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.) Pakiet sterowników systemu Windows - SIGMA Elektro GmbH (usbser) Ports (01/04/2013 5.1.2600.5512) (HKLM\...\0034B8000CA3D41718B37144C5288C040EB74C65) (Version: 01/04/2013 5.1.2600.5512 - SIGMA Elektro GmbH) Pakiet sterowników systemu Windows - SIGMA Elektro GmbH (usbser) Ports (01/04/2013 5.1.2600.5512) (HKLM\...\08AE394D2BC5301A3A34A857B6DA63FB7C7B050A) (Version: 01/04/2013 5.1.2600.5512 - SIGMA Elektro GmbH) Pakiet sterowników systemu Windows - SIGMA Elektro GmbH (usbser) Ports (04/27/2012 5.1.2600.5512) (HKLM\...\DCCAC4C88E429408A2DDF8C0C5BAEB9187FA5713) (Version: 04/27/2012 5.1.2600.5512 - SIGMA Elektro GmbH) Panel sterowania NVIDIA 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 350.12 - NVIDIA Corporation) Hidden PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.) PL/SQL Developer [2] 11.0.4.1774 (HKLM-x32\...\PL/SQL Developer [A7235231]) (Version: 11.0.4.1774 - Allround Automations) PL/SQL Developer Beta 11.0.0.1757 (HKLM-x32\...\PL/SQL Developer Beta [A7235231]) (Version: 11.0.0.1757 - Allround Automations) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.89.716.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition (HKLM-x32\...\RivaTuner) (Version: v2.24 MSI Master Overclocking Arena 2009 edition - Alexey Nicolaychuk) Samsung AllShare (HKLM-x32\...\{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.2000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.4.5.28 - NVIDIA Corporation) Hidden Sigma Data Center 3.3 (HKLM-x32\...\Sigma Data Center3.3) (Version: 3.3 - Sigma Elektro GmbH) Sigma Data Center 4.0 (HKLM-x32\...\Sigma Data Center4.0) (Version: 4.0 - Sigma Elektro GmbH) Sigma Data Center 5.1 (HKLM-x32\...\Sigma Data Center5.1) (Version: 5.1 - Sigma Elektro GmbH) Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-1350829211-2713675066-2306640670-1000\...\Spotify) (Version: 1.0.57.474.gca9c9538 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer) TL-WN751ND Driver (HKLM-x32\...\{14770694-6C1C-4137-95F9-6F934D8491B4}) (Version: 1.00.0000 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 2.01.0012 - TP-LINK) TVersity Codec Pack 1.7 (HKLM-x32\...\TVersity Codec Pack) (Version: 1.7 - TVersity Inc.) Wersja beta Battlefield™ Hardline (HKLM-x32\...\{F5526D9D-13AD-4270-8707-AC921D168299}) (Version: 1.0.0.1 - Electronic Arts) Wtyczka e-Deklaracje (HKLM-x32\...\{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1) (Version: 4.3.0 - Ministerstwo Finansów) Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) ZAR X (HKLM\...\{85DA9B81-D7F9-4165-8E62-F776B57213F8}_is1) (Version: - www.z-a-recovery.com) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1350829211-2713675066-2306640670-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1350829211-2713675066-2306640670-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1350829211-2713675066-2306640670-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1350829211-2713675066-2306640670-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1350829211-2713675066-2306640670-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1350829211-2713675066-2306640670-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1350829211-2713675066-2306640670-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Kamil\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) CustomCLSID: HKU\S-1-5-21-1350829211-2713675066-2306640670-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kamil\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) ShellIconOverlayIdentifiers: [GGDriveOverlay1] -> {E68D0A50-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay2] -> {E68D0A51-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay3] -> {E68D0A52-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ShellIconOverlayIdentifiers: [GGDriveOverlay4] -> {E68D0A53-3C40-4712-B90D-DCFA93FF2534} => C:\ProgramData\GG\ggdrive\ggdrive-overlay.dll [2013-01-17] (GG Network S.A.) ContextMenuHandlers01: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\programy\Notepad++\NppShell_06.dll [2015-04-15] () ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\programy\WinRAR 3.80\rarext64.dll [2008-06-20] () ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File ContextMenuHandlers04: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\programy\WinRAR 3.80\rarext64.dll [2008-06-20] () ContextMenuHandlers04: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-04-08] (NVIDIA Corporation) ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\programy\WinRAR 3.80\rarext64.dll [2008-06-20] () ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File ContextMenuHandlers1_S-1-5-21-1350829211-2713675066-2306640670-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Kamil\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) ContextMenuHandlers4_S-1-5-21-1350829211-2713675066-2306640670-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Kamil\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) ContextMenuHandlers5_S-1-5-21-1350829211-2713675066-2306640670-1000: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} => C:\Users\Kamil\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll [2014-03-20] (GG Network S.A.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {07B10EF2-3F48-479D-8837-63490A9A2106} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.) Task: {0D3FDF57-50D2-4205-B5F7-310C11F3FAB9} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy Task: {564CDFE0-E84F-4EB2-8B65-9404FE015B19} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1350829211-2713675066-2306640670-1000UA => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-14] (Google Inc.) Task: {62B13F6F-47AF-4C7A-B5F2-BFB4496730CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-30] (Google Inc.) Task: {7643B03E-90BC-4CF3-8854-65098F8B1D3C} - System32\Tasks\{5216D916-8595-45B5-A940-5A2610BBDD1E} => pcalua.exe -a C:\MSI\LiveUpdate\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7069.exe -d C:\MSI\LiveUpdate\DL_FILE Task: {7E7254EA-E4BC-45BD-9656-C7F473C351C2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1350829211-2713675066-2306640670-1000Core => C:\Users\Kamil\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-14] (Google Inc.) Task: {7F103D44-9A2A-478B-ABBE-D2A8461022DC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {87EDCE4C-E899-4322-86FD-36D9C9CBE2F0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {9F603CA4-7441-4EEE-9E7F-84FBA20361B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {ABD2B58E-EF9B-4644-947D-A7E74BBC8511} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2015-01-23] () Task: {C45777E1-0716-4049-8F68-E1D3C0C8304A} - System32\Tasks\AdobeAAMUpdater-1.0-Kamil-PC-Kamil => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated) Task: {CACEC5E9-2C5D-43C9-AC86-06B4E3A32866} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {D066F61C-7918-49EF-A5A7-9974FADCC1A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-30] (Google Inc.) Task: {E53B4BBB-F7D2-4915-8924-BE96B53C99C6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-13] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2017-05-28 20:15 - 1601-01-03 02:06 - 00022528 _____ () C:\Windows\System32\us005lm.dll 2012-01-17 12:24 - 2012-01-17 12:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe 2015-01-23 17:45 - 2015-01-23 17:45 - 00137368 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll 2015-01-23 17:45 - 2015-01-23 17:45 - 00032032 _____ () C:\Program Files\Softland\novaPDF 8\Server\CryptUtil.dll 2015-01-23 17:45 - 2015-01-23 17:45 - 00026912 _____ () C:\Program Files\Softland\novaPDF 8\Server\WAFServicePlugin.dll 2015-01-11 13:01 - 2015-07-01 00:07 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-02-04 20:11 - 2009-03-06 18:30 - 00020525 _____ () E:\app\Kamil\product\11.2.0\dbhome_2\perl\bin\perl.exe 2015-12-02 13:48 - 2009-03-06 18:30 - 00020525 _____ () E:\app\Kamil\product\11.2.0\dbhome_4\perl\bin\perl.exe 2015-11-30 01:08 - 2009-03-06 18:30 - 00020525 _____ () E:\app\Kamil\product\11.2.0\dbhome_3\perl\bin\perl.exe 2015-02-15 21:17 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-01-10 18:15 - 2011-04-01 09:55 - 00788992 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe 2017-07-13 15:42 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll 2017-07-13 15:42 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll 2011-03-04 13:49 - 2011-03-04 13:49 - 00202752 _____ () D:\Programy\VPN Client\vpnapi.dll 2016-11-22 22:10 - 2005-07-18 14:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll 2015-02-04 20:11 - 2009-03-06 18:30 - 01110064 _____ () E:\app\Kamil\product\11.2.0\dbhome_2\perl\bin\perl510.dll 2015-02-04 20:11 - 2008-03-10 23:15 - 00009728 _____ () E:\app\Kamil\product\11.2.0\dbhome_2\perl\lib\auto\Fcntl\Fcntl.dll 2015-02-04 20:11 - 2008-03-10 23:18 - 00077824 _____ () E:\app\Kamil\product\11.2.0\dbhome_2\perl\lib\auto\POSIX\POSIX.dll 2015-02-04 20:11 - 2008-03-10 23:08 - 00008704 _____ () E:\app\Kamil\product\11.2.0\dbhome_2\perl\lib\auto\Cwd\Cwd.dll 2015-02-04 20:11 - 2008-03-10 23:16 - 00013312 _____ () E:\app\Kamil\product\11.2.0\dbhome_2\perl\lib\auto\IO\IO.dll 2015-02-04 20:11 - 2008-03-10 23:20 - 00015360 _____ () E:\app\Kamil\product\11.2.0\dbhome_2\perl\lib\auto\Socket\Socket.dll 2015-12-02 13:48 - 2009-03-06 18:30 - 01110064 _____ () E:\app\Kamil\product\11.2.0\dbhome_4\perl\bin\perl510.dll 2015-12-02 13:48 - 2008-03-10 23:15 - 00009728 _____ () E:\app\Kamil\product\11.2.0\dbhome_4\perl\lib\auto\Fcntl\Fcntl.dll 2015-12-02 13:48 - 2008-03-10 23:18 - 00077824 _____ () E:\app\Kamil\product\11.2.0\dbhome_4\perl\lib\auto\POSIX\POSIX.dll 2015-12-02 13:48 - 2008-03-10 23:08 - 00008704 _____ () E:\app\Kamil\product\11.2.0\dbhome_4\perl\lib\auto\Cwd\Cwd.dll 2015-12-02 13:48 - 2008-03-10 23:16 - 00013312 _____ () E:\app\Kamil\product\11.2.0\dbhome_4\perl\lib\auto\IO\IO.dll 2015-12-02 13:48 - 2008-03-10 23:20 - 00015360 _____ () E:\app\Kamil\product\11.2.0\dbhome_4\perl\lib\auto\Socket\Socket.dll 2015-11-30 01:08 - 2009-03-06 18:30 - 01110064 _____ () E:\app\Kamil\product\11.2.0\dbhome_3\perl\bin\perl510.dll 2015-11-30 01:08 - 2008-03-10 23:15 - 00009728 _____ () E:\app\Kamil\product\11.2.0\dbhome_3\perl\lib\auto\Fcntl\Fcntl.dll 2015-11-30 01:08 - 2008-03-10 23:18 - 00077824 _____ () E:\app\Kamil\product\11.2.0\dbhome_3\perl\lib\auto\POSIX\POSIX.dll 2015-11-30 01:08 - 2008-03-10 23:08 - 00008704 _____ () E:\app\Kamil\product\11.2.0\dbhome_3\perl\lib\auto\Cwd\Cwd.dll 2015-11-30 01:08 - 2008-03-10 23:16 - 00013312 _____ () E:\app\Kamil\product\11.2.0\dbhome_3\perl\lib\auto\IO\IO.dll 2015-11-30 01:08 - 2008-03-10 23:20 - 00015360 _____ () E:\app\Kamil\product\11.2.0\dbhome_3\perl\lib\auto\Socket\Socket.dll 2015-12-02 13:46 - 2010-02-28 04:05 - 00086016 _____ () E:\app\Kamil\product\11.2.0\dbhome_4\bin\OraPerf11.Dll 2012-02-22 16:46 - 2012-02-22 16:46 - 01135616 _____ () D:\programy\AllShare\AllShareDMS\AllShareDMSWrap.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00656896 _____ () D:\programy\AllShare\AllShareDMS\ContentDirectoryPresenter.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00105472 _____ () D:\programy\AllShare\AllShareDMS\DCMCDP.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00098816 _____ () D:\programy\AllShare\AllShareDMS\FolderCDP.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00077312 _____ () D:\programy\AllShare\AllShareDMS\MetadataFramework.dll 2012-01-05 22:40 - 2012-01-05 22:40 - 00520234 _____ () D:\programy\AllShare\AllShareDMS\sqlite3.dll 2012-01-05 22:40 - 2012-01-05 22:40 - 00450560 _____ () D:\programy\AllShare\AllShareDMS\MoodExtractor.dll 2012-01-05 22:40 - 2012-01-05 22:40 - 05717504 _____ () D:\programy\AllShare\AllShareDMS\DCMImgExtractor.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00029184 _____ () D:\programy\AllShare\AllShareDMS\AutoChaptering.dll 2012-01-05 22:40 - 2012-01-05 22:40 - 00147456 _____ () D:\programy\AllShare\AllShareDMS\libexpat.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00012288 _____ () D:\programy\AllShare\AllShareDMS\VideoThumb.dll 2012-01-05 22:40 - 2012-01-05 22:40 - 04671488 _____ () D:\programy\AllShare\AllShareDMS\avcodec-52.dll 2012-01-05 22:40 - 2012-01-05 22:40 - 00070656 _____ () D:\programy\AllShare\AllShareDMS\avutil-50.dll 2012-01-05 22:40 - 2012-01-05 22:40 - 00686080 _____ () D:\programy\AllShare\AllShareDMS\avformat-52.dll 2012-01-05 22:40 - 2012-01-05 22:40 - 00152064 _____ () D:\programy\AllShare\AllShareDMS\swscale-0.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00027648 _____ () D:\programy\AllShare\AllShareDMS\AudioExtractor.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00063488 _____ () D:\programy\AllShare\AllShareDMS\ID3Driver.dll 2012-01-05 22:40 - 2012-01-05 22:40 - 00366592 _____ () D:\programy\AllShare\AllShareDMS\tag.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00289792 _____ () D:\programy\AllShare\AllShareDMS\libThumbnail.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00023040 _____ () D:\programy\AllShare\AllShareDMS\RichInfoDriver.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00017920 _____ () D:\programy\AllShare\AllShareDMS\VideoExtractor.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00017920 _____ () D:\programy\AllShare\AllShareDMS\ThumbnailMaker.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00133120 _____ () D:\programy\AllShare\AllShareDMS\VideoMetadataDriver.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00290304 _____ () D:\programy\AllShare\AllShareDMS\libKeyFrame.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00024064 _____ () D:\programy\AllShare\AllShareDMS\SECMetaDriver.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00012288 _____ () D:\programy\AllShare\AllShareDMS\ImageExtractor.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00024064 _____ () D:\programy\AllShare\AllShareDMS\photoDriver.dll 2012-01-05 22:40 - 2012-01-05 22:40 - 00399826 _____ () D:\programy\AllShare\AllShareDMS\libexif-12.dll.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00013824 _____ () D:\programy\AllShare\AllShareDMS\TextExtractor.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00031232 _____ () D:\programy\AllShare\AllShareDMS\Autobackup.dll 2012-02-22 16:46 - 2012-02-22 16:46 - 00054784 _____ () D:\programy\AllShare\AllShareDMS\RosettaAllShare.dll 2012-01-05 22:40 - 2012-01-05 22:40 - 00044032 _____ () D:\programy\AllShare\AllShareDMS\us.dll 2015-01-10 18:15 - 2011-04-01 09:55 - 01410048 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll 2015-01-10 18:15 - 2011-03-31 16:36 - 00167424 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll 2015-01-10 18:15 - 2011-03-31 16:36 - 00128000 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll 2015-01-10 18:15 - 2011-03-31 16:36 - 00111616 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL 2015-05-03 17:00 - 2015-05-23 03:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-02-04 20:12 - 2010-03-02 02:01 - 00065536 _____ () E:\app\Kamil\product\11.2.0\dbhome_2\bin\emdctl.exe ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1350829211-2713675066-2306640670-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kamil\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{00EE2128-6426-4CB6-878F-35519608CB9B}] => (Allow) D:\programy\AllShare\AllShareDMS\AllShareDMS.exe FirewallRules: [{9F6EA075-DA44-4C54-8E0D-A2510EB83A25}] => (Allow) D:\programy\AllShare\AllShare.exe FirewallRules: [{D8BAEA90-7994-4390-9B29-10E9FE5D0B81}] => (Allow) D:\programy\AllShare\AllShareAgent.exe FirewallRules: [TCP Query User{9C83FD81-A652-49A2-A53E-B30788B4929A}C:\users\kamil\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\kamil\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [UDP Query User{C2D16E1D-91C1-48FC-B095-4DD5B42FDC99}C:\users\kamil\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\kamil\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [{4A9ABB24-9297-4FEF-8FD4-0BEBC3B0A2BA}] => (Allow) C:\Users\Kamil\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3DC4124E-3CEE-41A4-94E4-0162F88284F3}] => (Allow) C:\Users\Kamil\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BCEB1D19-6B96-40DE-B42E-4DF5DEC6203D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{3EBCE19B-82AE-47C3-A954-B6F8CB75CB79}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{5FF479EB-3012-42C2-99E7-C3447094E510}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{D4FCF6F7-309A-46B4-B6D0-2BA8FEE43686}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{11BD6614-D03C-4200-98B1-65CAA1C9926B}] => (Allow) D:\programy\steam\Steam.exe FirewallRules: [{91348F60-7C58-42DE-8ACC-AB574F6E2C0A}] => (Allow) D:\programy\steam\Steam.exe FirewallRules: [{711A12A3-80AC-4ECB-A785-5C420CACA1D0}] => (Allow) D:\programy\steam\bin\steamwebhelper.exe FirewallRules: [{D624AC40-B990-405C-8BAF-DC14DCEA2240}] => (Allow) D:\programy\steam\bin\steamwebhelper.exe FirewallRules: [{567EB0A6-DC7E-4112-95B5-0C570C866A2E}] => (Allow) LPort=53168 FirewallRules: [{1B5CBFD6-C383-4C55-B5FE-F1E07D75037A}] => (Allow) LPort=2869 FirewallRules: [{FFCE80BF-1EA1-4892-8C57-56886B821417}] => (Allow) LPort=1900 FirewallRules: [{152C1A5E-F359-412D-9C05-23AFBB7AD9A0}] => (Allow) LPort=53168 FirewallRules: [{B5866F32-D59F-44AB-8098-B5DAD4F44E77}] => (Allow) LPort=2869 FirewallRules: [{09F1879A-AA52-4704-B0B9-E3E53EA4396F}] => (Allow) LPort=1900 FirewallRules: [{A8463961-B63F-46A6-8845-7BA6306A2790}] => (Allow) LPort=53168 FirewallRules: [{E64DC6E7-AA28-472E-B696-C9B8370A13F3}] => (Allow) LPort=2869 FirewallRules: [{BAF9B7B5-1C19-4740-95CE-E693CE4F690F}] => (Allow) LPort=1900 FirewallRules: [{21E0F85F-6816-4EEB-B887-7FA75CC02507}] => (Allow) D:\programy\Mezzmo\Mezzmo.exe FirewallRules: [{27CE14B6-990A-4BCC-8699-6C9BD5D5C539}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{BDE6F3CE-9A42-448B-BD8A-476ADEA5E3A0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{529775AB-E464-4A10-85CB-1DBE41C7F86E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{855BC2DD-4B42-4F40-87AD-277BB288D1EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{B949ED5D-0BEA-42C0-B5AB-ABBF251C4F04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D8599733-AAC0-49F9-8105-2879B37FF753}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{AC4B1FA5-772E-4C47-84CC-18CBC23332BA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{2E15E753-414C-44B9-A9F6-9EAA599F260F}] => (Allow) D:\Gry\BFH Beta 2\bfh.exe FirewallRules: [{9304BEED-CE45-4D3B-B03F-7019CE4FA4ED}] => (Allow) D:\Gry\BFH Beta 2\bfh.exe FirewallRules: [{7EF98499-9AB9-42D6-B0BC-D7F67779463A}] => (Allow) LPort=8501 FirewallRules: [{CE9077B4-38D3-41B0-950F-9F61B7137E14}] => (Allow) LPort=8501 FirewallRules: [{D4485A58-8E92-4B78-88FA-36B822B3B929}] => (Allow) D:\Gry\Battlefield 4\bf4_x86.exe FirewallRules: [{221972A4-DA3C-4DF7-B30F-1030F24D1053}] => (Allow) D:\Gry\Battlefield 4\bf4_x86.exe FirewallRules: [{F139412A-3325-450A-B971-0CE473251BA0}] => (Allow) D:\Gry\Battlefield 4\bf4.exe FirewallRules: [{796CE758-198C-4807-8171-533F5D27AB7D}] => (Allow) D:\Gry\Battlefield 4\bf4.exe FirewallRules: [{74963CFC-7565-4CE5-A950-990E68C40757}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{81807551-C907-4BAE-BE5D-E1C50AED62B8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{C5B86814-DCB7-4F77-987D-BBBD6389171B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{CB2595E7-A3F3-4702-8146-4F1E977DA334}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{7C389333-20DA-47B0-B174-4E3AF648D25A}] => (Allow) D:\Gry\Battlefield 4 CTE\BF4CTEX86WebHelper.exe FirewallRules: [{2FA68083-86CD-4DE4-B1ED-D6688A65D429}] => (Allow) D:\Gry\Battlefield 4 CTE\BF4CTEX86WebHelper.exe FirewallRules: [{E23C8BB2-6BB8-42DE-B5E3-F5DFF53FD229}] => (Allow) D:\Gry\Battlefield 4 CTE\BF4CTEWebHelper.exe FirewallRules: [{950B7D1E-2385-4E6A-9670-443F8D4E6300}] => (Allow) D:\Gry\Battlefield 4 CTE\BF4CTEWebHelper.exe FirewallRules: [{9C8A0218-104A-4809-B880-148B8DDF00F0}] => (Allow) D:\programy\TeamViewer\TeamViewer.exe FirewallRules: [{9454BF5B-B4F0-4E70-9729-A91E37ABE2EB}] => (Allow) D:\programy\TeamViewer\TeamViewer.exe FirewallRules: [{4259F96A-8AB5-4C4C-A088-7181FC51C46A}] => (Allow) D:\programy\TeamViewer\TeamViewer_Service.exe FirewallRules: [{BA46F32B-A186-4E87-8093-37D752EB9CAA}] => (Allow) D:\programy\TeamViewer\TeamViewer_Service.exe FirewallRules: [{A0960099-4277-49C5-8597-1F5FA19AF938}] => (Allow) D:\Gry\Farming Simulator 15\FarmingSimulator2015.exe FirewallRules: [{9FE7A2FB-3C29-4E78-8017-7629091220D6}] => (Allow) D:\Gry\Farming Simulator 15\dedicatedServer.exe FirewallRules: [{2EC20F33-76CC-4C4F-A3BA-94E00AF7CF4C}] => (Allow) D:\Gry\Farming Simulator 17\FarmingSimulator2017.exe FirewallRules: [{F698149D-0BA6-469E-8E8A-15EB691D1DD6}] => (Allow) D:\Gry\Farming Simulator 17\dedicatedServer.exe FirewallRules: [{4479DCC3-BF5B-4C9E-83A7-0FBF48454610}] => (Allow) D:\Gry\Farming Simulator 17\x64\FarmingSimulator2017Game.exe FirewallRules: [{1DF75038-5100-4F83-A4BA-7B918F828BDE}] => (Allow) D:\Gry\Farming Simulator 17\x86\FarmingSimulator2017Game.exe FirewallRules: [TCP Query User{100B68B6-0A27-492B-ABB9-14D8EF777BCC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{76DF9D7E-E509-4523-BBC5-417D01B8B9E4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{7909D5EA-3D48-4F25-9B59-CB47D64D0218}] => (Allow) D:\programy\steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{AE0B9BF1-679D-41F6-AFF4-CB110C59C27A}] => (Allow) D:\programy\steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{CB1BF84B-4C61-40B4-8182-B77AB091C2B4}] => (Allow) D:\programy\steam\steamapps\common\call of duty black ops\BlackOpsMP.exe FirewallRules: [{8ACD4153-8151-40DE-AA76-CD173E018571}] => (Allow) D:\programy\steam\steamapps\common\call of duty black ops\BlackOpsMP.exe FirewallRules: [{2888A16C-3CAA-4A10-BE4C-14EA1254846B}] => (Allow) D:\Gry\Farming Simulator 17\FarmingSimulator2017.exe FirewallRules: [{EF101C14-3834-4262-9FC5-B2020B5E2CFE}] => (Allow) D:\Gry\Farming Simulator 17\dedicatedServer.exe FirewallRules: [{60FE5D80-9BCE-419A-A1CF-9514486974CB}] => (Allow) D:\Gry\Farming Simulator 17\x64\FarmingSimulator2017Game.exe FirewallRules: [{D09774B5-3400-4F9C-A7E0-222C8C57B3F0}] => (Allow) D:\Gry\Farming Simulator 17\x86\FarmingSimulator2017Game.exe FirewallRules: [TCP Query User{956CD452-F86D-4A67-BB8B-EF7777DEE6FE}C:\users\kamil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kamil\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{E2FF8AD3-0DD6-4F79-B130-6154731DA026}C:\users\kamil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kamil\appdata\roaming\spotify\spotify.exe FirewallRules: [{872AED3C-61C7-4207-AF79-ABFE61D60806}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 14-07-2017 21:29:23 Windows Update ==================== Faulty Device Manager Devices ============= Name: Cisco Systems VPN Adapter for 64-bit Windows Description: Cisco Systems VPN Adapter for 64-bit Windows Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: CVirtA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/14/2017 09:27:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: l2.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x482a87c7 Nazwa modułu powodującego błąd: D3DDrv.DLL, wersja: 0.0.0.0, sygnatura czasowa: 0x47ddf139 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000b5cd4 Identyfikator procesu powodującego błąd: 0x1168 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2fcd3e78347f5 Ścieżka aplikacji powodującej błąd: D:\Gry\lineage\system\l2.exe Ścieżka modułu powodującego błąd: D:\Gry\lineage\system\D3DDrv.DLL Identyfikator raportu: 6c56d6e3-68ca-11e7-a91d-6c626db4247e Error: (07/14/2017 09:03:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: l2.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x482a87c7 Nazwa modułu powodującego błąd: D3DDrv.DLL, wersja: 0.0.0.0, sygnatura czasowa: 0x47ddf139 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000b5cd4 Identyfikator procesu powodującego błąd: 0x138c Godzina uruchomienia aplikacji powodującej błąd: 0x01d2fcd21e200fc2 Ścieżka aplikacji powodującej błąd: D:\Gry\lineage\system\l2.exe Ścieżka modułu powodującego błąd: D:\Gry\lineage\system\D3DDrv.DLL Identyfikator raportu: 219371cc-68c7-11e7-a91d-6c626db4247e Error: (07/14/2017 08:36:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (07/14/2017 07:44:25 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (07/13/2017 10:20:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: l2.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4d775ee8 Nazwa modułu powodującego błąd: D3DDrv.DLL, wersja: 0.0.0.0, sygnatura czasowa: 0x4de86a6c Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000aec0d Identyfikator procesu powodującego błąd: 0x1b60 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2fc0f65724757 Ścieżka aplikacji powodującej błąd: D:\Gry\lineage\system\l2.exe Ścieżka modułu powodującego błąd: D:\Gry\lineage\system\D3DDrv.DLL Identyfikator raportu: c03ec983-6808-11e7-ac1b-6c626db4247e Error: (07/13/2017 05:49:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: l2.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4d775ee8 Nazwa modułu powodującego błąd: NWindow.DLL, wersja: 0.0.0.0, sygnatura czasowa: 0x4eaf4223 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0045b252 Identyfikator procesu powodującego błąd: 0x12a4 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2fbb78c5f3bc4 Ścieżka aplikacji powodującej błąd: D:\Gry\lineage\system\l2.exe Ścieżka modułu powodującego błąd: D:\Gry\lineage\system\NWindow.DLL Identyfikator raportu: e4936d15-67e2-11e7-ac1b-6c626db4247e Error: (07/13/2017 10:46:24 AM) (Source: ESENT) (EventID: 482) (User: ) Description: taskhost (2660) WebCacheLocal: Próba zapisu do pliku "C:\Users\Kamil\AppData\Local\Microsoft\Windows\WebCache\V01res00003.jrs" na pozycji względnej 0 (0x0000000000000000) w ilości 393216 (0x00060000) bajtów zakończyła się niepomyślnie po 0 s z błędem systemowym 112 (0x00000070): "Za mało miejsca na dysku. ". Operacja zapisu zostanie zakończona z błędem -1808 (0xfffff8f0). Jeśli ta sytuacja będzie się powtarzać, plik może być uszkodzony i może być konieczne przywrócenie go z wcześniejszej kopii zapasowej. Error: (07/13/2017 10:45:48 AM) (Source: ESENT) (EventID: 482) (User: ) Description: taskhost (2660) WebCacheLocal: Próba zapisu do pliku "C:\Users\Kamil\AppData\Local\Microsoft\Windows\WebCache\V01res00002.jrs" na pozycji względnej 0 (0x0000000000000000) w ilości 393216 (0x00060000) bajtów zakończyła się niepomyślnie po 0 s z błędem systemowym 112 (0x00000070): "Za mało miejsca na dysku. ". Operacja zapisu zostanie zakończona z błędem -1808 (0xfffff8f0). Jeśli ta sytuacja będzie się powtarzać, plik może być uszkodzony i może być konieczne przywrócenie go z wcześniejszej kopii zapasowej. Error: (07/13/2017 10:45:07 AM) (Source: ESENT) (EventID: 428) (User: ) Description: taskhost (2660) WebCacheLocal: Aparat bazy danych odrzuca operacje aktualizacji z powodu zbyt małej ilości miejsca na dysku dziennika. Error: (07/13/2017 10:38:09 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: MSI_LiveUpdate_Service.exe, wersja: 1.0.0.36, sygnatura czasowa: 0x582408af Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7601.18247, sygnatura czasowa: 0x521ea8e7 Kod wyjątku: 0xc0000374 Przesunięcie błędu: 0x000ce753 Identyfikator procesu powodującego błąd: 0xd8 Godzina uruchomienia aplikacji powodującej błąd: 0x01d2d7d834708a55 Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe Ścieżka modułu powodującego błąd: C:\Windows\SysWOW64\ntdll.dll Identyfikator raportu: 990d3fda-67a6-11e7-ac1b-6c626db4247e System errors: ============= Error: (07/14/2017 08:51:26 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Windows Update zawiesiła się podczas uruchamiania. Error: (07/14/2017 08:48:55 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Windows Search zawiesiła się podczas uruchamiania. Error: (07/14/2017 08:43:59 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Usługa Samsung AllShare PC zawiesiła się podczas uruchamiania. Error: (07/14/2017 08:34:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa OracleMTSRecoveryService zakończyła działanie; wystąpił następujący błąd: Upłynął limit czasu operacji oczekiwania. Error: (07/14/2017 08:34:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Logitech CPU Core Tempurature z powodu następującego błędu: System Windows nie może zweryfikować podpisu cyfrowego tego pliku. Ostatnia zmiana sprzętu lub oprogramowania mogła spowodować zainstalowanie pliku, który jest niepoprawnie podpisany lub uszkodzony. Możliwe także, że jest to złośliwe oprogramowanie pochodzące z nieznanego źródła. Error: (07/13/2017 10:38:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa MSI Live Update Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (06/24/2017 06:42:44 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {F9717507-6651-4EDB-BFF7-AE615179BCCF} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (05/31/2017 11:21:40 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (05/28/2017 11:18:03 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (05/28/2017 07:41:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa OracleServiceRDFDB niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. CodeIntegrity: =================================== Date: 2017-07-14 20:34:28.582 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-07-14 20:34:28.551 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-05-28 19:31:12.785 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-05-28 19:31:12.566 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-04-19 18:04:36.555 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-04-19 18:04:36.524 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-03-16 20:23:05.095 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-03-16 20:23:05.064 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-02-13 18:38:03.334 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-02-13 18:38:03.303 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz Percentage of memory in use: 47% Total physical RAM: 8162.13 MB Available physical RAM: 4301.29 MB Total Virtual: 16322.44 MB Available Virtual: 11251.55 MB ==================== Drives ================================ Drive c: (Windows 7) (Fixed) (Total:48.83 GB) (Free:3 GB) NTFS Drive d: (Kamil) (Fixed) (Total:214.84 GB) (Free:12.16 GB) NTFS Drive e: (Pliki) (Fixed) (Total:182.55 GB) (Free:17.72 GB) NTFS Drive f: (Nowy) (Fixed) (Total:19.43 GB) (Free:13.88 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C846C846) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=19.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=446.2 GB) - (Type=OF Extended) ==================== End of Addition.txt ============================