Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015 Ran by Marcin at 2015-05-04 18:35:42 Running from C:\Users\Marcin\Downloads\Programs Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2442405527-2749528334-1709621355-500 - Administrator - Disabled) Gość (S-1-5-21-2442405527-2749528334-1709621355-501 - Limited - Disabled) Marcin (S-1-5-21-2442405527-2749528334-1709621355-1000 - Administrator - Enabled) => C:\Users\Marcin ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2442405527-2749528334-1709621355-1000\...\uTorrent) (Version: 3.4.2.32691 - BitTorrent Inc.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adrenaline Gamer (HKLM-x32\...\Adrenaline Gamer) (Version: 6.6 STEAM - bullit@planethalflife.com) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Ares 2.2.8 (HKLM-x32\...\Ares) (Version: 2.2.8-Build#3052 - Seekar Ltd) Ashampoo Burning Studio 2015 v.1.15.0 (HKLM-x32\...\{91B33C97-21E3-DF34-9630-2EE80DDE1648}_is1) (Version: 1.15.0 - Ashampoo GmbH & Co. KG) ASUS VGA Driver (x32 Version: 3.0.0.1 - Nazwa firmy) Hidden Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve) Driver Cleaner 3 (HKLM-x32\...\Driver Cleaner) (Version: 3.3 - Ruud Ketelaars) Driver Sweeper wersja 3.2.0 (HKLM-x32\...\{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1) (Version: 3.2.0 - Phyxion.net) Dropbox (HKU\S-1-5-21-2442405527-2749528334-1709621355-1000\...\Dropbox) (Version: 2.10.45 - Dropbox, Inc.) EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski) Foxit Advanced PDF Editor 3 (HKLM-x32\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.0.0 - Foxit Corporation) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) GG (HKU\S-1-5-21-2442405527-2749528334-1709621355-1000\...\GG) (Version: 12 - GG Network S.A.) GTA San Andreas (HKLM-x32\...\GTA San Andreas) (Version: - ) Half-Life (HKLM-x32\...\Steam App 70) (Version: - Valve) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) InterVideo DeviceService (HKLM-x32\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo) Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle) K-Lite Codec Pack 10.6.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - ) Komunikator WTW 1.6.0.4630 (HKLM\...\{1DF5019A-68B5-4ba1-8E59-E185C7B7FF11}) (Version: 1.6.0.4630 - K2T.eu) Malwarebytes Anti-Malware wersja 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Mozilla Firefox 37.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 pl)) (Version: 37.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.10.0) (Version: 4.0.10.0 - Locktime Software) NetLimiter 4 (Version: 4.0.10.0 - Locktime Software) Hidden Nitro Reader 3 (HKLM\...\{9EA981E5-EE67-4662-86F1-58937D31FE07}) (Version: 3.5.6.5 - Nitro) NokiaFREE Unlock Codes Calculator (HKLM-x32\...\NokiaFREE Unlock Codes Calculator) (Version: - ) OpenFM (HKU\S-1-5-21-2442405527-2749528334-1709621355-1000\...\OpenFM) (Version: 2 - GG Network S.A.) OpenOffice 4.1.0 (HKLM-x32\...\{7EB1185B-6319-42D7-B103-707570BFB0D8}) (Version: 4.10.9764 - Apache Software Foundation) Opera Stable 23.0.1522.60 (HKLM-x32\...\Opera 23.0.1522.60) (Version: 23.0.1522.60 - Opera Software ASA) OSCAR Editor (x32 Version: 12.03.0004 - A4TECH) Hidden PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden PIT Format 2014 (HKLM-x32\...\PIT Format 2014_is1) (Version: - Biuro Informatyki Stosowanej FORMAT) PowerStrip 3 (remove only) (HKLM-x32\...\PowerStrip 3 (remove only)) (Version: - ) Real Alternative 2.0.2 (HKLM-x32\...\RealAlt_is1) (Version: 2.0.2 - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7399 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games) Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Spotify (HKU\S-1-5-21-2442405527-2749528334-1709621355-1000\...\Spotify) (Version: 1.0.2.6.g9977a14b - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH) TP-LINK TL-WN781ND Driver (HKLM-x32\...\{87C7B472-9BC2-43C8-9F03-86D2908E1A51}) (Version: 1.3.1 - TP-LINK) TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK) Ulead VideoStudio 11 (HKLM-x32\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) VideoStudio (x32 Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WinAVI Video Converter 9.0 (HKLM-x32\...\WinAVI Video Converter 9.09.0) (Version: 9.0 - WinAVI Video Converter 9.0) X7 Oscar Editor (HKLM-x32\...\InstallShield_{3C2379D2-337A-4FFA-9017-BDFB80EC0931}) (Version: 12.03.0004 - A4TECH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2442405527-2749528334-1709621355-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Marcin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2442405527-2749528334-1709621355-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Marcin\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) CustomCLSID: HKU\S-1-5-21-2442405527-2749528334-1709621355-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2442405527-2749528334-1709621355-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2442405527-2749528334-1709621355-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2442405527-2749528334-1709621355-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2442405527-2749528334-1709621355-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2442405527-2749528334-1709621355-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2442405527-2749528334-1709621355-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2442405527-2749528334-1709621355-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Marcin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= 04-11-2014 19:50:21 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 04-11-2014 19:50:33 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 04-11-2014 19:51:20 Instalacja pakietu sterownika urządzenia: Advanced Micro Devices, Inc. Karty graficzne 05-11-2014 19:52:54 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 05-11-2014 19:54:09 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 05-11-2014 19:55:12 Instalacja pakietu sterownika urządzenia: Advanced Micro Devices, Inc. Karty graficzne 06-11-2014 18:46:55 Removed TP-LINK Wireless Configuration Utility and Driver 06-11-2014 18:47:46 Removed TP-LINK Wireless Configuration Utility 06-11-2014 18:49:41 Installed TP-LINK Wireless Configuration Utility and Driver 06-11-2014 18:50:05 Installed TP-LINK Wireless Configuration Utility 15-11-2014 19:15:43 avast! antivirus system restore point 16-11-2014 14:17:17 Installed NetLimiter 4 21-11-2014 18:29:21 avast! antivirus system restore point 24-11-2014 20:20:25 SlimDrivers Installing Drivers 25-11-2014 19:27:49 Removed NetLimiter 4 26-11-2014 18:00:30 Zainstalowane Ulead VideoStudio 05-01-2015 21:45:03 Usunięte Gothic III 07-01-2015 18:32:59 Zainstalowane Realtek High Definition Audio Driver 28-01-2015 19:03:48 Installed NetLimiter 4 07-02-2015 14:17:25 SlimDrivers Installing Drivers 07-02-2015 14:45:21 Usunięte Realtek High Definition Audio Driver 07-02-2015 14:50:00 Zainstalowane Realtek High Definition Audio Driver 10-02-2015 18:32:48 Windows Update 10-02-2015 19:13:28 Windows Update 11-03-2015 21:58:19 Installed Nitro Reader 3 12-03-2015 09:38:15 Removed Grand Theft Auto IV 16-03-2015 20:29:31 Removed NetLimiter 4 16-03-2015 21:51:18 Installed NetLimiter 3 16-03-2015 21:54:52 Installed NetLimiter 3 16-03-2015 21:56:05 Installed NetLimiter 4 16-03-2015 22:11:48 Removed NetLimiter 4 16-03-2015 22:31:00 Installed NetLimiter 3 17-03-2015 16:28:58 Installed NetLimiter 3 17-03-2015 16:32:02 Installed NetLimiter 4 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {3D5B01E5-4B6A-4DA4-B680-0AE54B93A01E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd) Task: {858116A5-7213-4856-86C5-E429289BD5D6} - System32\Tasks\Opera scheduled Autoupdate 1405358594 => D:\Program Files\launcher.exe [2014-07-18] (Opera Software) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-Komputer-Marcin.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe ==================== Loaded Modules (whitelisted) ============== 2014-03-20 11:43 - 2014-03-20 11:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2014-07-14 19:13 - 2015-03-10 08:37 - 00775680 _____ () D:\Program Files\Steam\SDL2.dll 2015-01-20 16:25 - 2014-12-02 02:29 - 05002752 _____ () D:\Program Files\Steam\v8.dll 2015-01-20 16:25 - 2014-12-02 02:29 - 01612800 _____ () D:\Program Files\Steam\icui18n.dll 2015-01-20 16:25 - 2014-12-02 02:29 - 01210368 _____ () D:\Program Files\Steam\icuuc.dll 2014-07-14 19:13 - 2015-04-14 01:44 - 02371776 _____ () D:\Program Files\Steam\video.dll 2014-08-29 08:20 - 2014-12-01 23:31 - 02396672 _____ () D:\Program Files\Steam\libavcodec-56.dll 2014-08-29 08:20 - 2014-12-01 23:31 - 00442880 _____ () D:\Program Files\Steam\libavutil-54.dll 2014-08-29 08:20 - 2014-12-01 23:31 - 00479744 _____ () D:\Program Files\Steam\libavformat-56.dll 2014-08-29 08:20 - 2014-12-01 23:31 - 00332800 _____ () D:\Program Files\Steam\libavresample-2.dll 2014-08-29 08:20 - 2014-12-01 23:31 - 00485888 _____ () D:\Program Files\Steam\libswscale-3.dll 2014-07-14 19:13 - 2015-04-14 01:44 - 00702656 _____ () D:\Program Files\Steam\bin\chromehtml.DLL 2014-07-14 19:13 - 2015-02-25 03:58 - 34641288 _____ () D:\Program Files\Steam\bin\libcef.dll 2014-08-15 16:00 - 2015-02-25 03:58 - 01709960 _____ () D:\Program Files\Steam\bin\ffmpegsumo.dll 2014-07-22 12:32 - 2014-07-22 12:32 - 00880248 _____ () D:\Program Files\23.0.1522.60\libglesv2.dll 2014-07-22 12:32 - 2014-07-22 12:32 - 00135800 _____ () D:\Program Files\23.0.1522.60\libegl.dll 2014-07-22 12:32 - 2014-07-22 12:32 - 00957048 _____ () D:\Program Files\23.0.1522.60\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2442405527-2749528334-1709621355-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 10.0.0.1 - 217.8.168.244 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "D:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: Adobe Speed Launcher => 1427401774 MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: DriverMax => "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -agent MSCONFIG\startupreg: DriverMax_RESTART => "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -RESTART MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot MSCONFIG\startupreg: NetLimiter => "C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe" /minimized MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spotify => "C:\Users\Marcin\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Marcin\AppData\Roaming\Spotify\SpotifyWebHelper.exe" MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: UVS11 Preload => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio 11\uvPL.exe ==================== FirewallRules (whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [{58B1D402-C0D0-408D-8C14-9BD760B51F31}] => (Allow) D:\Program Files\Steam\Steam.exe FirewallRules: [{DDA15010-374D-4010-98CF-9F168B0703D6}] => (Allow) D:\Program Files\Steam\Steam.exe FirewallRules: [{398B957B-BECA-4CDF-A396-92D21E084E5C}] => (Allow) D:\Program Files\Steam\SteamApps\common\Half-Life\hl.exe FirewallRules: [{199C43AC-7FE0-486F-89E8-082F57EFA83D}] => (Allow) D:\Program Files\Steam\SteamApps\common\Half-Life\hl.exe FirewallRules: [TCP Query User{22DC70C2-7019-4305-8E2A-F46E3DF624AB}D:\program files (x86)\total\totalcmd\totalcmd64.exe] => (Allow) D:\program files (x86)\total\totalcmd\totalcmd64.exe FirewallRules: [UDP Query User{339CC6E5-419C-4892-8C60-6D2F5C6E9F71}D:\program files (x86)\total\totalcmd\totalcmd64.exe] => (Allow) D:\program files (x86)\total\totalcmd\totalcmd64.exe FirewallRules: [TCP Query User{6149765E-C01D-40AC-902D-F7B1C9D252AD}D:\program files (x86)\ares\ares.exe] => (Allow) D:\program files (x86)\ares\ares.exe FirewallRules: [UDP Query User{B68BA559-3DD8-4B25-921A-F69C43F377EF}D:\program files (x86)\ares\ares.exe] => (Allow) D:\program files (x86)\ares\ares.exe FirewallRules: [{A54AA21B-A678-4167-9BE4-49DD8F8943FB}] => (Allow) C:\Users\Marcin\AppData\Roaming\Spotify\spotify.exe FirewallRules: [{6BD50986-9512-4F35-A952-655B7FA4473F}] => (Allow) C:\Users\Marcin\AppData\Roaming\Spotify\spotify.exe FirewallRules: [{21D587E2-86AA-41F7-8211-A1F00CBAD804}] => (Allow) C:\Users\Marcin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{56C2E5F2-27BD-4BDD-915F-DADA76920B6D}] => (Allow) C:\Users\Marcin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{DABBA135-149C-4C58-92C0-94E8DE038046}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe FirewallRules: [{BD8C9327-A236-4933-9026-151E9469B051}] => (Allow) D:\Program Files\Steam\bin\steamwebhelper.exe FirewallRules: [{657DD0BD-3C6F-4CC6-B6A8-B25DE4E72C58}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe FirewallRules: [{FC793AF2-A187-4269-A6DB-33417F36E9AF}] => (Allow) D:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe FirewallRules: [{CB63F78E-76EF-481E-A480-AEE89B0ADF1B}] => (Allow) D:\Program Files\Steam\SteamApps\common\dota 2 beta\dota.exe FirewallRules: [{C9FE8663-B14C-4FB7-B058-D6EC0CD4C799}] => (Allow) C:\Users\Marcin\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{6A4A4BEC-78AC-49AD-8101-3AB260B77BEB}] => (Allow) C:\Users\Marcin\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{342FCE88-90CB-4517-BE3B-CC56915D93A6}D:\hl ns\half-life\hl.exe] => (Allow) D:\hl ns\half-life\hl.exe FirewallRules: [UDP Query User{FC15E631-6EE8-46EF-8A4A-92BF8D4E42D3}D:\hl ns\half-life\hl.exe] => (Allow) D:\hl ns\half-life\hl.exe FirewallRules: [{EC2F5E7B-CD1E-474D-A7A7-843DCFDC596A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F1DC779A-4440-4AAF-9F24-C4662CBF46F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{33A12400-8138-4C4E-BB33-740A7DE4825A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{0CFB2530-50C1-41A6-8E03-F74A199828F8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{B81E91B2-7F42-4B91-A9F8-057EF372EB4A}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{0322F0A7-CBDC-4DA5-BE52-4E0BC3BDF0FD}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{B89C9453-5B70-4BE6-979A-8DACD7E1992D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{1A7B17EA-5FB2-4B36-AF33-D2488F4D579E}D:\program files (x86)\ares\chatserver.exe] => (Block) D:\program files (x86)\ares\chatserver.exe FirewallRules: [UDP Query User{2A6CF033-BDFB-4B0D-9638-74621B94B51D}D:\program files (x86)\ares\chatserver.exe] => (Block) D:\program files (x86)\ares\chatserver.exe FirewallRules: [{C3C890F7-2ADF-4C31-AC2A-CC0E04AB1A24}] => (Allow) D:\Program Files\K2T\WTW\wtw.exe FirewallRules: [{122803B4-3252-4C59-B9C1-9396215C2B7A}] => (Allow) D:\Program Files\K2T\WTW\wtw.exe ==================== Faulty Device Manager Devices ============= Name: Realtek PCIe GBE Family Controller Description: Realtek PCIe GBE Family Controller Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: RTL8167 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/20/2014 06:29:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: gta_sa.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x427101ca Nazwa modułu powodującego błąd: gta_sa.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x427101ca Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000dd5a3 Identyfikator procesu powodującego błąd: 0xa1c Godzina uruchomienia aplikacji powodującej błąd: 0xgta_sa.exe0 Ścieżka aplikacji powodującej błąd: gta_sa.exe1 Ścieżka modułu powodującego błąd: gta_sa.exe2 Identyfikator raportu: gta_sa.exe3 Error: (07/20/2014 06:29:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: gta_sa.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x427101ca Nazwa modułu powodującego błąd: gta_sa.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x427101ca Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000dd5a3 Identyfikator procesu powodującego błąd: 0x9e0 Godzina uruchomienia aplikacji powodującej błąd: 0xgta_sa.exe0 Ścieżka aplikacji powodującej błąd: gta_sa.exe1 Ścieżka modułu powodującego błąd: gta_sa.exe2 Identyfikator raportu: gta_sa.exe3 Error: (07/20/2014 06:19:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: gta_sa.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x427101ca Nazwa modułu powodującego błąd: gta_sa.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x427101ca Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000dd5a3 Identyfikator procesu powodującego błąd: 0xb74 Godzina uruchomienia aplikacji powodującej błąd: 0xgta_sa.exe0 Ścieżka aplikacji powodującej błąd: gta_sa.exe1 Ścieżka modułu powodującego błąd: gta_sa.exe2 Identyfikator raportu: gta_sa.exe3 Error: (07/20/2014 06:16:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: gta_sa.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x427101ca Nazwa modułu powodującego błąd: gta_sa.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x427101ca Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x000dd5a3 Identyfikator procesu powodującego błąd: 0x2cc Godzina uruchomienia aplikacji powodującej błąd: 0xgta_sa.exe0 Ścieżka aplikacji powodującej błąd: gta_sa.exe1 Ścieżka modułu powodującego błąd: gta_sa.exe2 Identyfikator raportu: gta_sa.exe3 Error: (07/20/2014 10:29:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: fraps.exe, wersja: 3.5.9.15586, sygnatura czasowa: 0x503f67ec Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bdb3b Kod wyjątku: 0xc0000374 Przesunięcie błędu: 0x000cdcbb Identyfikator procesu powodującego błąd: 0x908 Godzina uruchomienia aplikacji powodującej błąd: 0xfraps.exe0 Ścieżka aplikacji powodującej błąd: fraps.exe1 Ścieżka modułu powodującego błąd: fraps.exe2 Identyfikator raportu: fraps.exe3 System errors: ============= Error: (03/28/2015 04:56:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: nltdi Error: (03/28/2015 04:56:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi lirsgt z powodu następującego błędu: %%577 Error: (03/28/2015 04:56:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi atksgt z powodu następującego błędu: %%577 Error: (03/28/2015 04:55:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Harmonogram zadań zależy od usługi Dziennik zdarzeń systemu Windows, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (07/23/2014 08:44:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Instalator modułów systemu Windows zakończyła działanie; wystąpił następujący błąd: %%16405 Error: (07/22/2014 10:12:05 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (07/22/2014 10:12:04 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (07/22/2014 10:12:04 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (07/22/2014 10:12:03 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (07/21/2014 03:14:12 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 15:12:53 na ‎2014-‎07-‎21 było nieoczekiwane. Microsoft Office Sessions: ========================= Error: (07/20/2014 06:29:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: gta_sa.exe0.0.0.0427101cagta_sa.exe0.0.0.0427101cac0000005000dd5a3a1c01cfa437caafd960C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exeC:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe12ef844c-102b-11e4-ae75-50e54930843f Error: (07/20/2014 06:29:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: gta_sa.exe0.0.0.0427101cagta_sa.exe0.0.0.0427101cac0000005000dd5a39e001cfa437ad782c5bC:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exeC:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exef8a230e5-102a-11e4-ae75-50e54930843f Error: (07/20/2014 06:19:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: gta_sa.exe0.0.0.0427101cagta_sa.exe0.0.0.0427101cac0000005000dd5a3b7401cfa4365bbbff4fC:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exeC:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exea4eceb94-1029-11e4-ae75-50e54930843f Error: (07/20/2014 06:16:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: gta_sa.exe0.0.0.0427101cagta_sa.exe0.0.0.0427101cac0000005000dd5a32cc01cfa435dcd69e66C:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exeC:\Program Files (x86)\Rockstar Games\GTA San Andreas\gta_sa.exe2949a281-1029-11e4-ae75-50e54930843f Error: (07/20/2014 10:29:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: fraps.exe3.5.9.15586503f67ecntdll.dll6.1.7600.163854a5bdb3bc0000374000cdcbb90801cfa3f4708cadcfD:\Program Files\Fraps\fraps.exeC:\Windows\SysWOW64\ntdll.dll0869c67a-0fe8-11e4-ae75-50e54930843f CodeIntegrity Errors: =================================== Date: 2015-03-28 15:56:17.404 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-03-28 15:56:17.248 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-03-28 15:56:16.967 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-03-28 15:56:16.904 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-07-15 19:59:22.190 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Marcin\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-07-15 19:59:22.186 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\Marcin\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-07-15 19:59:21.920 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-07-15 19:59:21.918 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz Percentage of memory in use: 49% Total physical RAM: 4079.24 MB Available physical RAM: 2071.4 MB Total Pagefile: 8156.67 MB Available Pagefile: 5925.39 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:134.86 GB) (Free:29.31 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:217.33 GB) (Free:156.56 GB) NTFS Drive e: (Grzesiek) (Fixed) (Total:289.03 GB) (Free:272 GB) NTFS Drive f: (Marcin) (Fixed) (Total:290.3 GB) (Free:284.51 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0D1A42AC) Partition 1: (Active) - (Size=134.9 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=289 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=290.3 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=217.3 GB) - (Type=OF Extended) ==================== End Of Log ============================