Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2014 02 Ran by Dawid at 2014-12-08 19:39:07 Running from C:\Sciagniete Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Arcabit (Enabled - Up to date) {3D4BAC72-8320-7261-922E-53298162DC7D} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Arcabit (Enabled - Up to date) {862A4D96-A51A-7DEF-A89E-685BFAE596C0} FW: Arcabit Firewall (Enabled) {05702D57-C94F-7339-B971-FA1C7FB19B06} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3637111744-2562166582-151774440-1001\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated) Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit) AirMech (HKLM-x32\...\Steam App 206500) (Version: - Carbon Games) Aktualizacje NVIDIA 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment) Arcabit (HKLM\...\Arcabit) (Version: 2014 - Arcabit) Aslain's XVM Mod wersja 4.0.10 (HKLM-x32\...\ZRwTINhSZfduKONYrSCTiCiGPggQZdcLRvoAVxyCOXXpkHeC~1DC3968F_is1) (Version: 4.0.10 - Aslain) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology) ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23028 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform) cFosSpeed v9.64 (HKLM\...\cFosSpeed) (Version: 9.64 - cFos Software GmbH, Bonn) Cyber Tank (HKLM-x32\...\{6F679856-A0AA-40C9-B619-0597BBD21B21}) (Version: 0.2.1.0 - cyber-tank.ru) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dawn of War - Soulstorm (HKLM-x32\...\{20533183-D42D-4261-A125-956736FBEA8C}) (Version: 1.00.0000 - THQ) Dawn of War - Soulstorm (x32 Version: 1.00.0000 - THQ) Hidden Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform) Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit) Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Gunpoint (HKLM-x32\...\Steam App 206190) (Version: - Suspicious Developments) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{D9DB2871-FC6A-4F24-B3BE-6EFB7012A1C6}) (Version: 4.2.40.2439 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation) Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle) Java 7 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle) Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation) Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation) LAV Filters 0.62.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.62.0 - Hendrik Leppkes) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.18.20140626 - LG Electronics) LG United Mobile Drivers (HKLM-x32\...\{15A5D29A-F209-49FD-BA47-5E4C882FF496}) (Version: 3.12.1.0 - LG Electronics) Little Inferno 1.00 (HKLM-x32\...\Little Inferno 1.00) (Version: 1.00 - Cat-A-Cat) Malwarebytes Anti-Malware wersja 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Men of War (Remove Only) (HKLM-x32\...\{137D91E1-2347-4EAC-BB0B-CC06C6B92A52}_is1) (Version: 1.0.2.0 - 505games) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{01db25f3-1b76-4d97-88c8-1c90634d88fb}) (Version: 11.0.60610.1 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mozilla Firefox 33.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 pl)) (Version: 33.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team) NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation) OMC ModPack Client wersja 1.1.7.17 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.1.7.17 - Odem Mortis) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.) Panel sterowania NVIDIA 344.75 (Version: 344.75 - NVIDIA Corporation) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.35.716.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam) SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden Sid Meiers Civilization Beyond Earth (HKLM-x32\...\U2lkTWVpZXJzQ2l2aWxpemF0aW9uQmV5b25kRWFydGg=_is1) (Version: 1 - ) Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) Smart Port Forwarding (HKLM-x32\...\Smart Port Forwarding) (Version: 1.0.0.1 - Brooks Younce Software) Spotify (HKU\S-1-5-21-3637111744-2562166582-151774440-1001\...\Spotify) (Version: 0.9.13.24.g5dbb3103 - Spotify AB) spotimote (HKLM-x32\...\spotimote) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Subtitle Edit 3.4.1 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.4.1.0 - Nikse) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) System Requirements Lab CYRI (HKLM-x32\...\{1110A014-1471-4B66-BFDC-E8EED120CC59}) (Version: 6.0.20.0 - Husdawg, LLC) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) Teleglitch: Die More Edition (HKLM-x32\...\Steam App 234390) (Version: - Test3 Projects) The Binding of Isaac Rebirth 1.0 (HKLM-x32\...\The Binding of Isaac Rebirth 1.0) (Version: 1.0 - Games on Cat-A-Cat.Net) The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts) Thunder Master v1.9 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 1.9.8.5 - Palit Microsystems Ltd.) Unity Web Player (HKU\S-1-5-21-3637111744-2562166582-151774440-1001\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft) UsbFix (HKLM-x32\...\Usbfix) (Version: 7.806 - El Desaparecido - www.usbfix.net - www.sosvirus.net) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) World of Tanks - Common Test (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1) (Version: - Wargaming.net) World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net) Wyprawa na Północ (HKLM-x32\...\Wyprawa na Północ) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 08-12-2014 17:04:37 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {2A60028C-F339-40EA-9225-A95921CFB342} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {515D948E-A10E-4A35-BFE3-3D672FD1D6CD} - System32\Tasks\ASC8_SkipUac_Dawid => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-11-07] (IObit) Task: {7004A675-EFBB-40C1-89C3-E7C552786CA5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {B50B1E51-83E1-4BDF-B403-62E44A1CD2D0} - System32\Tasks\Driver Booster Beta SkipUAC (Dawid) => C:\Program Files (x86)\IObit\Driver Booster Beta\DriverBooster.exe Task: {C00FF49B-2829-4450-90F7-ECBDB5812E85} - System32\Tasks\ThunderMaster => C:\Program Files (x86)\Thunder Master\THPanel.exe [2013-11-08] (Palit Microsystems Ltd.) Task: {C989D943-7F60-40E7-B487-185050904B23} - System32\Tasks\Driver Booster SkipUAC (Dawid) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-11-06] (IObit) Task: {D059B696-A083-4541-9A75-A3F81DD840EA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-11-12] (Microsoft Corporation) Task: {D5045E4F-DE64-4CB3-ACF7-91956FE8615F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd) Task: {E026A02B-80E2-44C1-AEB9-601EA659CBCF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-18] (Google Inc.) Task: {E26FBC9F-E422-4851-A6D6-924179D0EE17} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-18] (Google Inc.) Task: {E549F406-AF2A-43A8-9B51-8C3654CB4948} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3637111744-2562166582-151774440-1001 Task: {E873A808-064C-45AD-B244-35854FB8EA05} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25] (Adobe Systems Incorporated) Task: {EC34BE87-4360-44B8-8DEA-1304A8C785A1} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2014-11-10] (IObit) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\ASC8_SkipUac_Dawid.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-01-23 13:38 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-08-30 01:05 - 2014-11-20 20:31 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe 2014-09-21 14:58 - 2014-09-21 14:58 - 00247016 _____ () c:\program files\arcabit\common\localps.dll 2014-08-18 21:40 - 2014-08-18 21:40 - 02840488 _____ () C:\Program Files (x86)\spotimote\spotimote.exe 2014-11-24 16:43 - 2014-12-04 17:53 - 00066824 _____ () C:\Program Files\Arcabit\arcavir\arcascan\scanenginedll.dll 2014-09-21 14:58 - 2014-12-04 17:53 - 00397384 _____ () C:\Program Files\Arcabit\Common\ProtocolFilters.dll 2014-09-21 14:58 - 2014-12-04 17:53 - 00162544 _____ () C:\Program Files\Arcabit\Common\nfapi.dll 2014-09-21 14:58 - 2014-09-21 14:58 - 00317056 _____ () C:\Program Files\Arcabit\arcavir\avshell.dll 2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2014-11-24 16:43 - 2014-12-05 17:46 - 00369120 _____ () C:\Program Files\Arcabit\arcavir\arcascan\ScanEngineCon.exe 2014-11-21 19:43 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl 2014-11-21 19:43 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl 2014-11-21 19:43 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl 2014-11-21 19:43 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\ProductStatistics.dll 2014-08-18 21:40 - 2014-08-18 21:40 - 00113064 _____ () C:\Program Files (x86)\spotimote\msgdll.dll 2014-08-18 21:40 - 2014-08-18 21:40 - 01515432 _____ () C:\Program Files (x86)\spotimote\libspotify.dll 2014-08-18 21:40 - 2014-08-18 21:40 - 00261032 _____ () C:\Program Files (x86)\spotimote\CrashRpt1403.dll 2014-03-07 14:04 - 2014-06-04 10:31 - 00175104 _____ () C:\Games\World_of_Tanks\voip.dll 2014-03-07 14:04 - 2014-02-05 18:41 - 00270336 _____ () C:\Games\World_of_Tanks\libcurl.dll 2014-03-07 14:04 - 2014-04-09 17:57 - 00323568 _____ () C:\Games\World_of_Tanks\ortp.dll 2014-10-03 15:23 - 2014-09-30 10:20 - 00109424 _____ () C:\Games\World_of_Tanks\librsync.dll 2014-03-07 14:04 - 2014-02-05 18:41 - 00386600 _____ () C:\Games\World_of_Tanks\NxCooking.dll 2014-03-07 14:04 - 2014-02-05 18:41 - 00071208 _____ () C:\Games\World_of_Tanks\PhysXLoader.dll 2014-11-11 10:35 - 2014-11-11 10:35 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-03-21 15:34 - 2014-03-21 15:34 - 01020928 _____ () C:\Users\Dawid\AppData\Roaming\Mozilla\Firefox\Profiles\y7mfx2lg.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Dawid\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) ME Service => 2 MSCONFIG\Services: ISCTAgent => 2 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NvNetworkService => 2 MSCONFIG\Services: NvStreamSvc => 2 MSCONFIG\Services: nvsvc => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Steam Client Service => 3 HKLM\...\StartupApproved\StartupFolder: => "iSCTsysTray.lnk" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run: => "ARCACLEAN" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "NvBackend" HKLM\...\StartupApproved\Run32: => "IAStorIcon" HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher" HKLM\...\StartupApproved\Run32: => "LogMeIn GUI" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "Gameiki" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKU\S-1-5-21-3637111744-2562166582-151774440-1001\...\StartupApproved\StartupFolder: => "fabulous_08181036.lnk" HKU\S-1-5-21-3637111744-2562166582-151774440-1001\...\StartupApproved\Run: => "THPanel" HKU\S-1-5-21-3637111744-2562166582-151774440-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-3637111744-2562166582-151774440-1001\...\StartupApproved\Run: => "RGSC" HKU\S-1-5-21-3637111744-2562166582-151774440-1001\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-3637111744-2562166582-151774440-1001\...\StartupApproved\Run: => "Facebook Update" HKU\S-1-5-21-3637111744-2562166582-151774440-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3637111744-2562166582-151774440-1001\...\StartupApproved\Run: => "fabulous_08181036" HKU\S-1-5-21-3637111744-2562166582-151774440-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-3637111744-2562166582-151774440-1001\...\StartupApproved\Run: => "Advanced SystemCare 7" HKU\S-1-5-21-3637111744-2562166582-151774440-1001\...\StartupApproved\Run: => "REPORT" HKU\S-1-5-21-3637111744-2562166582-151774440-1001\...\StartupApproved\Run: => "Advanced SystemCare 8" ========================= Accounts: ========================== Administrator (S-1-5-21-3637111744-2562166582-151774440-500 - Administrator - Disabled) Dawid (S-1-5-21-3637111744-2562166582-151774440-1001 - Administrator - Enabled) => C:\Users\Dawid Gość (S-1-5-21-3637111744-2562166582-151774440-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3637111744-2562166582-151774440-1005 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Synaptics SMBus Driver Description: Synaptics SMBus Driver Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Synaptics Service: SmbDrvI Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Event log errors: ========================= Application errors: ================== Error: (12/08/2014 07:17:49 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program UsbFix.exe w wersji 0.0.0.0 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: ba0 Godzina rozpoczęcia: 01d013127fc885d4 Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\UsbFix\UsbFix.exe Identyfikator raportu: 830317b8-7f06-11e4-82bf-bc5ff4ef5eeb Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (12/08/2014 07:17:34 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: arcavir.exe, wersja: 2014.0.0.298, sygnatura czasowa: 0x5464b1d6 Nazwa modułu powodującego błąd: ArcaLogsViewer.dll_unloaded, wersja: 2012.0.0.135, sygnatura czasowa: 0x53ff18dc Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000000aa29 Identyfikator procesu powodującego błąd: 0xcec Godzina uruchomienia aplikacji powodującej błąd: 0xarcavir.exe0 Ścieżka aplikacji powodującej błąd: arcavir.exe1 Ścieżka modułu powodującego błąd: arcavir.exe2 Identyfikator raportu: arcavir.exe3 Pełna nazwa pakietu powodującego błąd: arcavir.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: arcavir.exe5 Error: (12/08/2014 05:10:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: ZARZĄDZANIE NT) Description: There was an error with the Windows Location Provider database Error: (12/08/2014 03:23:17 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [0] Error: (12/08/2014 03:23:17 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to open Audio Capture session [6] Error: (12/07/2014 07:23:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: arcamainsv.exe, wersja: 1.0.5441.25867, sygnatura czasowa: 0x5473311b Nazwa modułu powodującego błąd: ns.dll, wersja: 2014.0.0.255, sygnatura czasowa: 0x545b3878 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000002889a Identyfikator procesu powodującego błąd: 0x60 Godzina uruchomienia aplikacji powodującej błąd: 0xarcamainsv.exe0 Ścieżka aplikacji powodującej błąd: arcamainsv.exe1 Ścieżka modułu powodującego błąd: arcamainsv.exe2 Identyfikator raportu: arcamainsv.exe3 Pełna nazwa pakietu powodującego błąd: arcamainsv.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: arcamainsv.exe5 Error: (12/07/2014 02:31:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: arcamainsv.exe, wersja: 1.0.5441.25867, sygnatura czasowa: 0x5473311b Nazwa modułu powodującego błąd: ns.dll, wersja: 2014.0.0.255, sygnatura czasowa: 0x545b3878 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000000000002889a Identyfikator procesu powodującego błąd: 0x734 Godzina uruchomienia aplikacji powodującej błąd: 0xarcamainsv.exe0 Ścieżka aplikacji powodującej błąd: arcamainsv.exe1 Ścieżka modułu powodującego błąd: arcamainsv.exe2 Identyfikator raportu: arcamainsv.exe3 Pełna nazwa pakietu powodującego błąd: arcamainsv.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: arcamainsv.exe5 Error: (12/07/2014 01:46:48 PM) (Source: PerfNet) (EventID: 2006) (User: ) Description: Error: (12/07/2014 01:40:48 PM) (Source: PerfNet) (EventID: 2005) (User: ) Description: Error: (12/07/2014 01:40:48 PM) (Source: PerfNet) (EventID: 2006) (User: ) Description: System errors: ============= Error: (12/08/2014 07:35:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi ABMainSV. Error: (12/08/2014 07:35:24 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi ABMainSV. Error: (12/08/2014 07:34:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi ABMainSV. Error: (12/08/2014 07:34:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (12/08/2014 07:34:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (12/08/2014 07:34:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (12/08/2014 07:32:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (12/08/2014 07:32:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (12/08/2014 07:32:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (12/08/2014 07:27:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1058 Microsoft Office Sessions: ========================= Error: (12/08/2014 07:17:49 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: UsbFix.exe0.0.0.0ba001d013127fc885d44294967295C:\UsbFix\UsbFix.exe830317b8-7f06-11e4-82bf-bc5ff4ef5eeb Error: (12/08/2014 07:17:34 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: arcavir.exe2014.0.0.2985464b1d6ArcaLogsViewer.dll_unloaded2012.0.0.13553ff18dcc0000005000000000000aa29cec01d01313106697b3C:\Program Files\Arcabit\ArcaVir\arcavir.exeArcaLogsViewer.dll7b102a53-7f06-11e4-82bf-bc5ff4ef5eeb Error: (12/08/2014 05:10:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: ZARZĄDZANIE NT) Description: -2147024883 Error: (12/08/2014 03:23:17 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [0] Error: (12/08/2014 03:23:17 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to open Audio Capture session [6] Error: (12/07/2014 07:23:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: arcamainsv.exe1.0.5441.258675473311bns.dll2014.0.0.255545b3878c0000005000000000002889a6001d012223ab6bfa5C:\Program Files\Arcabit\arcavir\arcamainsv.exeC:\Program Files\Arcabit\arcavir\ns.dll29cff2b2-7e3e-11e4-82be-bc5ff4ef5eeb Error: (12/07/2014 02:31:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: arcamainsv.exe1.0.5441.258675473311bns.dll2014.0.0.255545b3878c0000005000000000002889a73401d0120dd91cd473C:\Program Files\Arcabit\arcavir\arcamainsv.exeC:\Program Files\Arcabit\arcavir\ns.dll68706422-7e15-11e4-82be-bc5ff4ef5eeb Error: (12/07/2014 01:46:48 PM) (Source: PerfNet) (EventID: 2006) (User: ) Description: Error: (12/07/2014 01:40:48 PM) (Source: PerfNet) (EventID: 2005) (User: ) Description: Error: (12/07/2014 01:40:48 PM) (Source: PerfNet) (EventID: 2006) (User: ) Description: CodeIntegrity Errors: =================================== Date: 2014-09-21 14:12:12.339 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-09-21 14:12:12.139 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-09-21 14:12:11.921 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-09-21 14:12:11.806 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-09-21 14:12:03.163 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-09-21 14:12:03.046 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-09-21 14:12:02.558 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-09-21 14:12:01.517 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-09-20 14:26:01.461 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-09-20 14:26:01.269 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz Percentage of memory in use: 76% Total physical RAM: 4035.32 MB Available physical RAM: 955.5 MB Total Pagefile: 7535.32 MB Available Pagefile: 3414.71 MB Total Virtual: 131072 MB Available Virtual: 131071.83 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:450.5 GB) (Free:130.85 GB) NTFS Drive i: () (Removable) (Total:7.49 GB) (Free:3.35 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 7FEB8C43) Partition: GPT Partition Type. ======================================================== Disk: 3 (Size: 7.5 GB) (Disk ID: 017FAEF6) Partition 1: (Active) - (Size=7.5 GB) - (Type=0B) ==================== End Of Log ============================