Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015 Ran by Szymon at 2015-02-03 22:28:17 Running from G:\ Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3380270715-3188171858-2067456427-1000\...\uTorrent) (Version: 3.4.1.31303 - BitTorrent Inc.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH) Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - ) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden ALLPlayer Pilot (HKLM-x32\...\{146BDBDD-ACD9-4B04-A286-C27471841E8E}_is1) (Version: 1.2 - ALLPlayer Group, Ltd.) ALLPlayer V5.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) Bitcoin (HKU\S-1-5-21-3380270715-3188171858-2067456427-1000\...\Bitcoin) (Version: 0.8.6 - Bitcoin project) Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.10.01 - TOSHIBA CORPORATION) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Centrum obsługi urządzeń z systemem Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) Combined Community Codec Pack 2013-11-27 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.11.27.0 - CCCP Project) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Debian-Installer loader (HKLM-x32\...\Debian-Installer Loader) (Version: 0.7.4.7+deb7u1 - The Debian Project) digestIT 2004 - 64-bit Edition (HKLM-x32\...\{5B119660-1788-11D8-8EB8-0050BF643EE7}) (Version: 3.1.2006 - Colony West Software Development) DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden ESET NOD32 Antivirus (HKLM\...\{C8566CCF-0795-4652-9665-42241B1EF38D}) (Version: 8.0.304.2 - ESET, spol s r. o.) f.lux (HKU\S-1-5-21-3380270715-3188171858-2067456427-1000\...\Flux) (Version: - ) ffdshow v1.3.4528 [2014-02-05] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4528.0 - ) FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org) Foxit PDF Editor (HKLM-x32\...\Foxit PDF Editor) (Version: - ) GameRanger (HKU\S-1-5-21-3380270715-3188171858-2067456427-1000\...\GameRanger) (Version: - GameRanger Technologies) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.) Google Drive (HKLM-x32\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden HD Tune Pro 5.50 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software) HMG version 3.3.1 (HKLM-x32\...\{A37C8031-24BA-4750-A6D9-FEF4D454290D}_is1) (Version: 3.3.1 - Roberto Lopez) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden Intel(R) IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32 (HKLM-x32\...\{754854DC-2E0A-49D8-A1A1-426C1F9B1459}) (Version: 5.3.4.087 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation) Intel(R) Network Connections 17.3.63.0 (HKLM\...\PROSetDX) (Version: 17.3.63.0 - Intel) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan) ISO to USB version 1.0 (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: 1.0 - isotousb.com) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.58.2 - JMicron Technology Corp.) LightScribe System Software (HKLM-x32\...\{705B639E-FAAF-40D7-AD58-C445321C7C3F}) (Version: 1.18.18.1 - LightScribe) LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere) Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.) marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1045 - Marvell) Menu Templates - Starter Kit (x32 Version: 9.6.0.0 - Nero AG) Hidden Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation) Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation) Movie Templates - Starter Kit (x32 Version: 9.6.0.0 - Nero AG) Hidden Mozilla Firefox 35.0.1 (x86 pl) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 pl)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla) MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Nero 9 (HKLM-x32\...\{a9a3b52f-a36a-4ad4-ac11-3a28ebdaad7a}) (Version: - Nero AG) Node.js (HKLM\...\{2FAE4331-AEA0-4A3D-B4B3-B1E78823BF1A}) (Version: 0.10.32 - Joyent, Inc. and other Node contributors) Norton Ghost (HKLM-x32\...\{B0255743-165B-4BD5-8DA8-37DFB9930015}) (Version: 15.0.0.35659 - Symantec Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team) NVIDIA Oprogramowanie systemu PhysX 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Sterownik graficzny 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 332.21 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Panel sterowania NVIDIA 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6254 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.) RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder) S.T.A.L.K.E.R.: Lost Alpha version 1.3003 (HKLM-x32\...\S.T.A.L.K.E.R.: Lost Alpha_is1) (Version: 1.3003 - dezowave) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) SMath Studio (HKLM-x32\...\{D1AAF28B-4E67-46B7-97C4-A5D71CB591A1}) (Version: 0.97.5154 - Andrey Ivashov) SolidWorks 2014 x64 Edition SP01 (HKLM-x32\...\SolidWorks Installation Manager 20140-40100-1100-100) (Version: 22.1.0.44 - SolidWorks Corporation) SolidWorks 2014 x64 Edition SP01 (Version: 22.110.44 - SolidWorks) Hidden SolidWorks 2014 x64 Polish Resources (Version: 22.110.44 - SolidWorks) Hidden SolidWorks eDrawings 2014 x64 Edition SP01 (Version: 14.1.116 - Dassault Systemes SolidWorks Corp) Hidden SolidWorks Explorer 2014 SP01 x64 Edition (Version: 22.10.44 - SolidWorks Corporation) Hidden SoundTrax (x32 Version: 4.4.39.0 - Nero AG) Hidden Spintires (HKLM-x32\...\Spintires_is1) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Subtitle Workshop 6.0b (HKLM-x32\...\SubtitleWorkshop) (Version: - ) System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC) System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft) Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - ) VJoy Virtual Joystick Driver 1.2 (HKLM-x32\...\VJoy Virtual Joystick Driver_is1) (Version: - Headsoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Xfire (HKLM-x32\...\Xfire) (Version: - ) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.3 - Xvid Team) Zestaw zautomatyzowanej instalacji systemu Windows (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 1.1.0.0 - Microsoft Corporation) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 03-02-2015 21:46:12 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2015-02-03 22:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {40E24340-D79D-48CA-9C6C-F7A367721467} - System32\Tasks\GoogleUpdateTaskMachineCore1caae56bb0b4ea8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13] (Google Inc.) Task: {9DB6D1CD-46D7-4B65-97BC-3FF5C4770836} - System32\Tasks\GoogleUpdateTaskMachineUA1cfff992c520939 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13] (Google Inc.) Task: {B157759D-3F4C-4EE0-BF89-E067F7DD9C4C} - System32\Tasks\GoogleUpdateTaskMachineUA1cfefbf37da1c1a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13] (Google Inc.) Task: {C456FC93-E62E-4836-ABF0-9184115FA5D8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13] (Google Inc.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1caae56bb0b4ea8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfefbf37da1c1a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff992c520939.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-01-10 20:59 - 2013-12-19 19:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-01-27 12:14 - 2015-01-27 12:15 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:55B41E6A ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: BITS => 3 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: CoordinatorServiceHost => 3 MSCONFIG\Services: FLEXnet Licensing Service => 3 MSCONFIG\Services: GenericMount Helper Service => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: HDDlife HDD Access service => 2 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 2 MSCONFIG\Services: SolidWorks Licensing Service => 3 MSCONFIG\Services: TOSHIBA Bluetooth Service => 3 MSCONFIG\Services: WSearch => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk => C:\Windows\pss\Bluetooth Manager.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks 2014 Fast Start.lnk => C:\Windows\pss\SolidWorks 2014 Fast Start.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks Pobieracz w tle.lnk => C:\Windows\pss\SolidWorks Pobieracz w tle.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Szymon^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HDDlife.lnk => C:\Windows\pss\HDDlife.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: ALLUpdate => "E:\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: Gadu-Gadu => "E:\Gadu-Gadu\gg.exe" /tray MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe MSCONFIG\startupreg: ITSecMng => %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START MSCONFIG\startupreg: JMB36X IDE Setup => C:\Windows\RaidTool\xInsIDE.exe MSCONFIG\startupreg: Norton Ghost 15.0 => "E:\Norton Ghost\Agent\VProTray.exe" MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: TomTomHOME.exe => "E:\TomTom HOME 2\TomTomHOMERunner.exe" -s MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe ========================= Accounts: ========================== Administrator (S-1-5-21-3380270715-3188171858-2067456427-500 - Administrator - Disabled) Gość (S-1-5-21-3380270715-3188171858-2067456427-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-3380270715-3188171858-2067456427-1002 - Limited - Enabled) Szymon (S-1-5-21-3380270715-3188171858-2067456427-1000 - Administrator - Enabled) => C:\Users\Szymon ==================== Faulty Device Manager Devices ============= Name: Microsoft Virtual WiFi Miniport Adapter #3 Description: Karta wirtualnego miniportu WiFi firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (02/03/2015 10:13:22 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/02/2015 07:39:43 PM) (Source: MsiInstaller) (EventID: 11920) (User: Szymon-i7) Description: Product: VMware Workstation -- Error 1920. Service 'VMware Authorization Service' (VMAuthdService) failed to start. Verify that you have sufficient privileges to start system services. Error: (02/02/2015 05:42:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service CyberGhost 5 Client Service since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (02/02/2015 05:42:58 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {0148cc3e-91fb-4cfa-843c-7d584b6c6c98} Error: (02/02/2015 05:42:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service CyberGhost 5 Client Service since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (02/02/2015 05:42:39 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {0148cc3e-91fb-4cfa-843c-7d584b6c6c98} Error: (02/02/2015 05:38:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service CyberGhost 5 Client Service since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (02/02/2015 05:31:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddWin32ServiceFiles: Unable to back up image of service CyberGhost 5 Client Service since QueryServiceConfig API failed System Error: Nie można odnaleźć określonego pliku. . Error: (02/02/2015 05:31:50 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {0148cc3e-91fb-4cfa-843c-7d584b6c6c98} Error: (02/02/2015 05:29:34 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Odmowa dostępu. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operacja: Zbieranie danych modułu zapisującego Kontekst: Identyfikator klasy modułu zapisującego: {e8132975-6f93-4464-a53e-1050253ae220} Nazwa modułu zapisującego: System Writer Identyfikator wystąpienia modułu zapisującego: {0148cc3e-91fb-4cfa-843c-7d584b6c6c98} System errors: ============= Error: (02/03/2015 10:11:58 PM) (Source: VDS Basic Provider) (EventID: 1) (User: ) Description: Nieoczekiwane niepowodzenie. Kod błędu: 490@01010004 Error: (02/03/2015 10:11:57 PM) (Source: VDS Basic Provider) (EventID: 1) (User: ) Description: Nieoczekiwane niepowodzenie. Kod błędu: 490@01010004 Error: (02/03/2015 10:11:56 PM) (Source: VDS Basic Provider) (EventID: 1) (User: ) Description: Nieoczekiwane niepowodzenie. Kod błędu: 490@01010004 Error: (02/03/2015 10:11:55 PM) (Source: VDS Basic Provider) (EventID: 1) (User: ) Description: Nieoczekiwane niepowodzenie. Kod błędu: 490@01010004 Error: (02/03/2015 10:11:54 PM) (Source: VDS Basic Provider) (EventID: 1) (User: ) Description: Nieoczekiwane niepowodzenie. Kod błędu: 490@01010004 Error: (02/03/2015 10:11:53 PM) (Source: VDS Basic Provider) (EventID: 1) (User: ) Description: Nieoczekiwane niepowodzenie. Kod błędu: 490@01010004 Error: (02/03/2015 10:11:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi VMware USB Arbitration Service z powodu następującego błędu: %%2 Error: (02/03/2015 10:11:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: ZARZĄDZANIE NT) Description: Uruchomienie modułu rozszerzalności sieci WLAN nie powiodło się. Ścieżka modułu: C:\Windows\system32\athExt.dll Kod błędu: 126 Error: (02/03/2015 10:11:27 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Inicjowanie zrzutu awaryjnego nie powiodło się! Error: (02/03/2015 10:10:32 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: Usługa PEVSystemStart jest oznaczona jako usługa interakcyjna. System jest jednak skonfigurowany tak, aby nie zezwalać na usługi interakcyjne, dlatego ta usługa może nie działać właściwie. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2015-02-03 22:10:09.591 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-02-03 22:10:09.544 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-02-01 17:29:39.863 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tosrfcom.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-02-01 17:29:39.816 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tosrfcom.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-02-01 17:27:08.878 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tosrfcom.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-02-01 17:27:08.832 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tosrfcom.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-02 07:34:52.246 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\TEMP\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-02 07:34:52.222 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\TEMP\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-02 07:34:52.163 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\AIDA342\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-03-02 07:34:52.139 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\AIDA342\aida32.sa6 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz Percentage of memory in use: 24% Total physical RAM: 8159.09 MB Available physical RAM: 6153.65 MB Total Pagefile: 8157.27 MB Available Pagefile: 5954.83 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:55.8 GB) (Free:16.95 GB) NTFS Drive d: () (Fixed) (Total:140 GB) (Free:27.81 GB) NTFS Drive e: () (Fixed) (Total:50 GB) (Free:26.87 GB) NTFS Drive f: () (Fixed) (Total:50 GB) (Free:39.16 GB) NTFS Drive g: () (Fixed) (Total:1157.27 GB) (Free:366.09 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 136175EC) Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=42) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: CC04AFF0) Partition 1: (Active) - (Size=100 MB) - (Type=17) Partition 2: (Not Active) - (Size=55.8 GB) - (Type=07 NTFS) ==================== End Of Log ============================