Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-12-2014 01 Ran by Kacper at 2014-12-21 18:28:22 Running from C:\Users\Kacper\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) AC3Filter 2.6.0b (HKLM\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky) Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated) Aktualizacje NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden ATI Catalyst Install Manager (HKLM\...\{95CFA0AC-D8D2-69B8-A0DF-36EF81303ABE}) (Version: 3.0.774.0 - ATI Technologies, Inc.) Counter-Strike (HKLM\...\Steam App 10) (Version: - Valve) Counter-Strike Nexon: Zombies (HKLM\...\Steam App 273110) (Version: - Nexon) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) EA SPORTS FIFA World (HKLM\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 9.3.0.58666 - Electronic Arts, Inc.) ESET NOD32 Antivirus (HKLM\...\{E05A8D1F-7A42-4FD9-B3E7-761B366B9F8E}) (Version: 8.0.304.2 - ESET, spol s r. o.) ESL Wire 1.18.0 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH) GG (HKU\S-1-5-21-200585039-1766280871-1148817938-1000\...\GG) (Version: 12 - GG Network S.A.) Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.9.1.130 - PandoraTV) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Need For Speed™ World (HKLM\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1599 - Electronic Arts) NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation) NVIDIA Sterownik graficzny 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) OpenFM (HKU\S-1-5-21-200585039-1766280871-1148817938-1000\...\OpenFM) (Version: 2 - GG Network S.A.) Origin (HKLM\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.) Panel sterowania NVIDIA 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden QbQbQb (HKLM\...\Steam App 329320) (Version: - Rezoner) Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.100 - Skype Technologies S.A.) Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKU\S-1-5-21-200585039-1766280871-1148817938-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Total Commander PowerPack 2.0 beta (HKLM\...\TC PowerPack 2) (Version: 2.0 beta - bukox.net Adam Bukowiński) WinRAR 5.11 (32-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-200585039-1766280871-1148817938-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Kacper\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {152918A9-4F76-431A-99FD-40A3DCDDB630} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-11] (Google Inc.) Task: {DF74763A-54B7-48C9-B4A9-47C8AE69E31E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11] (Adobe Systems Incorporated) Task: {E701E544-AFEB-46D3-8E44-ED0C2153D177} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-11] (Google Inc.) Task: {EABC87CE-5DFA-4DA8-988D-B6DC6ECE15F9} - System32\Tasks\{2BA924AA-08E3-4EE9-B811-B79DB85E7A93} => pcalua.exe -a J:\drivers\R257296\Setup.exe -d J:\drivers\R257296 (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-12-12 00:10 - 2014-07-02 20:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2014-12-12 16:47 - 2014-01-28 11:40 - 00614416 _____ () D:\EslWire\service\WireHelperSvc.exe 2014-12-12 16:47 - 2014-10-09 14:43 - 00165888 _____ () D:\EslWire\service\NocIPC32.dll 2014-12-11 22:33 - 2014-11-11 19:48 - 01171456 _____ () J:\Steam\libavcodec-56.dll 2014-12-11 22:33 - 2014-11-11 19:48 - 00442368 _____ () J:\Steam\libavutil-54.dll 2014-12-11 22:33 - 2014-11-11 19:48 - 00332800 _____ () J:\Steam\libavresample-2.dll 2014-12-11 22:33 - 2014-11-11 19:47 - 00774656 _____ () J:\Steam\SDL2.dll 2014-12-11 22:33 - 2014-11-18 21:23 - 02227904 _____ () J:\Steam\video.dll 2014-12-11 22:33 - 2014-11-11 19:48 - 00403968 _____ () J:\Steam\libavformat-56.dll 2014-12-11 22:33 - 2014-11-11 19:48 - 00485888 _____ () J:\Steam\libswscale-3.dll 2014-12-11 22:33 - 2014-11-18 21:23 - 00690880 _____ () J:\Steam\bin\chromehtml.DLL 2014-12-11 22:33 - 2014-11-11 19:48 - 34589888 _____ () J:\Steam\bin\libcef.dll 2014-12-11 22:33 - 2014-11-11 19:48 - 00837824 _____ () J:\Steam\bin\ffmpegsumo.dll 2014-12-11 19:13 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\libglesv2.dll 2014-12-11 19:13 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\libegl.dll 2014-12-11 19:13 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\pdf.dll 2014-12-11 19:13 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll 2014-12-11 19:13 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-200585039-1766280871-1148817938-500 - Administrator - Disabled) Gość (S-1-5-21-200585039-1766280871-1148817938-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-200585039-1766280871-1148817938-1002 - Limited - Enabled) Kacper (S-1-5-21-200585039-1766280871-1148817938-1000 - Administrator - Enabled) => C:\Users\Kacper ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/21/2014 05:16:17 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (12/20/2014 08:14:49 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (12/20/2014 08:14:49 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (12/20/2014 08:14:49 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD endpoint registration failed [0] Error: (12/19/2014 08:50:51 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (12/19/2014 04:37:43 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {0713e421-7824-4b1d-a6dd-b8452690c4d5} Error: (12/19/2014 03:43:06 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (12/19/2014 03:43:06 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (12/19/2014 03:43:06 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD endpoint registration failed [0] Error: (12/19/2014 02:18:01 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program Explorer.EXE w wersji 6.1.7601.17567 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 70c Godzina rozpoczęcia: 01d01b8ddad37818 Godzina zakończenia: 16 Ścieżka aplikacji: C:\Windows\Explorer.EXE Identyfikator raportu: 6ea33367-8781-11e4-ae0c-001966b0864f System errors: ============= Error: (12/20/2014 08:15:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na odpowiedź transakcji z usługi LanmanServer. Error: (12/20/2014 08:14:55 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk5\DR5. Error: (12/20/2014 08:14:53 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk3\DR3. Error: (12/20/2014 08:14:51 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk4\DR4. Error: (12/20/2014 08:14:49 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk2\DR2. Error: (12/20/2014 08:14:00 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: ZARZĄDZANIE NT) Description: Niektóre funkcje zarządzania energią procesora w czasie wydajności zostały wyłączone z powodu znanego problemu z oprogramowaniem układowym. Skontaktuj się z producentem komputera w celu uzyskania aktualizacji oprogramowania układowego. Error: (12/20/2014 08:14:41 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 20:13:18 na ‎2014-‎12-‎20 było nieoczekiwane. Error: (12/20/2014 05:05:07 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk5\DR5. Error: (12/20/2014 05:05:04 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk3\DR3. Error: (12/20/2014 05:05:02 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk4\DR4. Microsoft Office Sessions: ========================= Error: (12/21/2014 05:16:17 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\ati technologies\ATI.ACE\core-static\SLSTaskbar64.exe Error: (12/20/2014 08:14:49 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (12/20/2014 08:14:49 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (12/20/2014 08:14:49 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD endpoint registration failed [0] Error: (12/19/2014 08:50:51 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\ati technologies\ATI.ACE\core-static\SLSTaskbar64.exe Error: (12/19/2014 04:37:43 PM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005, Odmowa dostępu. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {0713e421-7824-4b1d-a6dd-b8452690c4d5} Error: (12/19/2014 03:43:06 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (12/19/2014 03:43:06 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (12/19/2014 03:43:06 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD endpoint registration failed [0] Error: (12/19/2014 02:18:01 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Explorer.EXE6.1.7601.1756770c01d01b8ddad3781816C:\Windows\Explorer.EXE6ea33367-8781-11e4-ae0c-001966b0864f ==================== Memory info =========================== Processor: AMD Athlon(tm) X2 440 Percentage of memory in use: 41% Total physical RAM: 3327.3 MB Available physical RAM: 1931.18 MB Total Pagefile: 6652.9 MB Available Pagefile: 4847.11 MB Total Virtual: 2047.88 MB Available Virtual: 1867.95 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:37.27 GB) (Free:10.58 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Nowy) (Fixed) (Total:100.71 GB) (Free:100.35 GB) NTFS Drive j: (Nowy) (Fixed) (Total:197.38 GB) (Free:180.02 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 37.3 GB) (Disk ID: AE3D7A95) Partition 1: (Active) - (Size=37.3 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 298.1 GB) (Disk ID: 00000001) Partition 1: (Not Active) - (Size=100.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=197.4 GB) - (Type=07 NTFS) ==================== End Of Log ============================