Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2014 03 Ran by HolloW at 2014-12-12 20:05:50 Running from C:\Users\HolloW\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-400919767-554095329-431794452-1000\...\uTorrent) (Version: 3.4.1.30768 - BitTorrent Inc.) µTorrent (HKU\S-1-5-21-400919767-554095329-431794452-1003\...\uTorrent) (Version: 3.4.1.30768 - BitTorrent Inc.) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) ALLConverter PRO 1.3 (HKLM-x32\...\{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1) (Version: - ALLCinema, Inc.) ALLMediaServer (HKLM-x32\...\{FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1) (Version: 0.95 - ALLCinema Ltd.) ALLPlayer V5.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLCinema Ltd.) AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies) AVG 2015 (Version: 15.0.4235 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden AviSynth 2.5 (HKLM-x32\...\Avisynth) (Version: - ) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version: - cbrreader.com) CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n) ChomikBox (HKLM-x32\...\{26050F54-3928-4D9C-849A-C48A9E831E6F}) (Version: 2.0.5.0 - Chomikuj.pl) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) CPUID CPU-Z 1.63.0 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) DC Universe Online (HKLM-x32\...\Steam App 24200) (Version: - Sony Online Entertainment) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - ) Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Fallout 3 (HKU\S-1-5-21-400919767-554095329-431794452-1003\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks) FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line) foobar2000 v1.2.6 (HKLM-x32\...\foobar2000) (Version: 1.2.6 - Peter Pawlowski) GG (HKU\S-1-5-21-400919767-554095329-431794452-1000\...\GG) (Version: 11 - GG Network S.A.) GG (HKU\S-1-5-21-400919767-554095329-431794452-1003\...\GG) (Version: 11 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games) HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - ) HyperCam 2 (HKLM\...\HyperCam 2) (Version: 2.27.01 - Hyperionics Technology LLC) I-Doser Free (HKLM-x32\...\I-Doser) (Version: 5.1 - I-Doser.com) IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) InfiniteCrisis_410193F41CAE (HKLM-x32\...\InfiniteCrisis_410193F41CAE) (Version: - Turbine, Inc) Injustice: Gods Among Us Ultimate Edition (HKLM-x32\...\SW5qdXN0aWNlR29kc0Ftb25nVXNVbHRpbWF0ZUVkaXRpb24=_is1) (Version: 1 - ) ipla 2.6.4 (HKLM-x32\...\ipla) (Version: 2.6.4 - Redefine Sp z o.o.) Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle) Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle) League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games) Little Fighter 2 version 2.0a (HKLM-x32\...\Little Fighter 2 version 2.0a) (Version: - ) Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.) LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MotioninJoy ds3 driver version 0.6.0001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.5.0001 - www.motioninjoy.com) Mozilla Firefox 34.0.5 (x86 pl) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 pl)) (Version: 34.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden NapiProjekt (2.1.1.2314) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation) Obsługa programów Apple (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Qtrax Player (HKLM-x32\...\{84178AE8-C22D-48CB-A6BA-D116FD3FE469}) (Version: 01.001.0001 - Qtrax) Qtrax Player (HKU\S-1-5-21-400919767-554095329-431794452-1003\...\2394451002.portal.qtrax.com) (Version: - portal.qtrax.com) QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0142 - REALTEK Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Strife (HKLM-x32\...\Strife) (Version: - S2 Games) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TP-LINK TL-WN725N_TL-WN723N Driver (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version: - ) Vegas Pro 12.0 (64-bit) (HKLM\...\{87CEB7C0-1D35-11E2-8F19-F04DA23A5C58}) (Version: 12.0.394 - Sony) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN) Windows 7 Codec Pack 4.0.6 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.6 - Windows 7 Codec Pack) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR 4.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-400919767-554095329-431794452-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\HolloW\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Restore Points ========================= 10-12-2014 11:29:31 Windows Update 11-12-2014 13:34:40 Removed Hi-Rez Studios Games 12-12-2014 13:51:24 Installed AVG 2015 12-12-2014 13:51:45 Installed AVG 2015 12-12-2014 18:05:47 Zainstalowany program DirectX 12-12-2014 18:07:15 Installed Fallout 3 12-12-2014 19:19:15 Removed Fallout 3 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 02:34 - 2014-12-11 14:07 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {2724D264-9F0A-4532-94C4-7E230BD75DB3} - System32\Tasks\RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION Task: {31312730-746F-4854-A5B6-5F981F2A164A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-27] (Google Inc.) Task: {3FB5F7AA-2883-420E-8B88-15B92CE70DEE} - System32\Tasks\{0D8742BB-7A83-4D0E-A8FE-7194F9A46058} => Firefox.exe http://ui.skype.com/ui/0/6.2.0.106/pl/abandoninstall?source=lightinstaller&page=tsInstall Task: {44B3CA83-DC0E-48E6-B9FE-BCE7CCC81435} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-400919767-554095329-431794452-1000UA => C:\Users\HolloW\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-18] (Facebook Inc.) Task: {55A62958-C3C0-4226-B6F5-543ED323139D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {69190F3F-D8F8-4CA6-9EDA-999DCAE8CE2B} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe Task: {93559E62-E5E9-4971-8C39-AE45C9CCA6DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-27] (Google Inc.) Task: {9884EBB9-77FE-4200-8550-4699962EA48A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {A9FA6F9D-D29B-491C-A9FF-F9AA863A61B7} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {B3547192-8E82-4399-B625-F5A23A124062} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe Task: {C3B8FB87-0244-43B8-9FDA-1D6608D15D7A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {C5DCE44A-F262-4A4E-A6FF-DFBD573C9845} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-400919767-554095329-431794452-1000Core => C:\Users\HolloW\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-18] (Facebook Inc.) Task: {EEA28CC0-9CAE-47F9-9552-88937E20E65E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-400919767-554095329-431794452-1000Core.job => C:\Users\HolloW\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-400919767-554095329-431794452-1000UA.job => C:\Users\HolloW\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-08-23 02:31 - 2013-08-23 02:31 - 03233806 _____ () C:\Program Files (x86)\Tor\tor.exe 2014-10-14 23:27 - 2014-10-14 23:27 - 08897696 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2013-02-25 14:50 - 2013-02-25 14:50 - 00704520 _____ () C:\Windows\SysWOW64\C2MP\TrayMenu.exe 2014-12-09 20:56 - 2014-12-09 20:56 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-10-14 23:28 - 2014-10-14 23:28 - 08897696 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2014-12-09 20:48 - 2014-12-09 20:48 - 16841392 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:E41EAF13 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: ALLUpdate => "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: ChomikBox => C:\Program Files (x86)\ChomikBox\chomikbox.exe MSCONFIG\startupreg: IPLA! => C:\Program Files (x86)\ipla\ipla.exe /autorun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent MSCONFIG\startupreg: uTorrent => "C:\Users\HolloW\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED ========================= Accounts: ========================== Administrator (S-1-5-21-400919767-554095329-431794452-500 - Administrator - Disabled) Dom (S-1-5-21-400919767-554095329-431794452-1003 - Limited - Enabled) => C:\Users\Dom Gość (S-1-5-21-400919767-554095329-431794452-501 - Limited - Disabled) HolloW (S-1-5-21-400919767-554095329-431794452-1000 - Administrator - Enabled) => C:\Users\HolloW HomeGroupUser$ (S-1-5-21-400919767-554095329-431794452-1002 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler magistrali zarządzania systemem Description: Kontroler magistrali zarządzania systemem Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler Ethernet Description: Kontroler Ethernet Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler PCI Simple Communications Description: Kontroler PCI Simple Communications Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (12/12/2014 01:37:01 PM) (Source: Google Update) (EventID: 20) (User: DaHollowz) Description: Network Request Error. Error: 0x80072efd. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=FireFox, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072efd. Http status code 0. trying WinHTTP. Send request returned 0x80072efd. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=FireFox, direct connection. trying CUP:WinHTTP. Send request returned 0x80072efd. Http status code 0. trying WinHTTP. Send request returned 0x80072efd. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x Error: (12/12/2014 11:11:12 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (12/12/2014 11:02:54 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/11/2014 08:14:14 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/11/2014 07:48:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/11/2014 02:10:54 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/11/2014 01:41:12 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Usługa Windows Search jest zatrzymywana, ponieważ wystąpił problem z indeksatorem: The catalog is corrupt. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. 0xc0041801 (0xc0041801) Error: (12/11/2014 01:41:12 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Usługa wyszukiwania wykryła uszkodzone pliki danych w indeksie {id=2350}. Usługa podejmie próbę automatycznego rozwiązania tego problemu przez odbudowanie indeksu. Szczegóły: Wykaz indeksów zawartości jest uszkodzony. 0xc0041801 (0xc0041801) Error: (12/11/2014 00:38:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: rads_user_kernel.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4e65c1ac Nazwa modułu powodującego błąd: rads_user_kernel.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x4e65c1ac Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000b8554 Identyfikator procesu powodującego błąd: 0x12f4 Godzina uruchomienia aplikacji powodującej błąd: 0xrads_user_kernel.exe0 Ścieżka aplikacji powodującej błąd: rads_user_kernel.exe1 Ścieżka modułu powodującego błąd: rads_user_kernel.exe2 Identyfikator raportu: rads_user_kernel.exe3 Error: (12/11/2014 00:37:13 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 System errors: ============= Error: (12/12/2014 07:47:28 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 193 Error: (12/12/2014 06:53:29 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Przeglądarka główna odebrała anons serwera z komputera EWA-PC. Komputer ten zachowuje się tak, jakby był przeglądarką główną dla domeny w transporcie NetBT_Tcpip_{056C930B-E90C-4737-9CF3-0806EF691444}. Przeglądarka główna właśnie jest zatrzymywana albo wymuszany jest wybór. Error: (12/12/2014 06:37:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 193 Error: (12/12/2014 05:32:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 193 Error: (12/12/2014 05:24:21 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 193 Error: (12/12/2014 05:21:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 193 Error: (12/12/2014 05:18:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 193 Error: (12/12/2014 01:40:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 193 Error: (12/12/2014 01:33:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 193 Error: (12/12/2014 01:30:55 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\Rtlihvs.dll Kod błędu: 193 Microsoft Office Sessions: ========================= Error: (12/12/2014 01:37:01 PM) (Source: Google Update) (EventID: 20) (User: DaHollowz) Description: Network Request Error. Error: 0x80072efd. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=FireFox, direct connection. trying CUP:WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying WinHTTP. Send request returned 0x80072ee2. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=auto, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x80072efd. Http status code 0. trying WinHTTP. Send request returned 0x80072efd. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=FireFox, direct connection. trying CUP:WinHTTP. Send request returned 0x80072efd. Http status code 0. trying WinHTTP. Send request returned 0x80072efd. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x Error: (12/12/2014 11:11:12 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (12/12/2014 11:02:54 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/11/2014 08:14:14 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/11/2014 07:48:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/11/2014 02:10:54 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/11/2014 01:41:12 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Szczegóły: Wykaz indeksów zawartości jest uszkodzony. 0xc0041801 (0xc0041801) The catalog is corrupt Error: (12/11/2014 01:41:12 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Szczegóły: Wykaz indeksów zawartości jest uszkodzony. 0xc0041801 (0xc0041801) 2350 Error: (12/11/2014 00:38:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: rads_user_kernel.exe0.0.0.04e65c1acrads_user_kernel.exe0.0.0.04e65c1acc0000005000b855412f401d0153f5286368eC:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exeC:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe9273c8d9-8132-11e4-b6bd-cacd2a3b669f Error: (12/11/2014 00:37:13 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 CodeIntegrity Errors: =================================== Date: 2014-12-11 14:06:40.614 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-12-11 14:06:40.556 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz Percentage of memory in use: 71% Total physical RAM: 4054.51 MB Available physical RAM: 1147.13 MB Total Pagefile: 8107.2 MB Available Pagefile: 4952.93 MB Total Virtual: 8192 MB Available Virtual: 8191.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:100.45 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 68051BB0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== End Of Log ============================