Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-08-2015 03 Ran by artur (2015-08-22 12:18:36) Running from C:\Users\artur\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3900382419-439258320-73892896-500 - Administrator - Disabled) artur (S-1-5-21-3900382419-439258320-73892896-1000 - Administrator - Enabled) => C:\Users\artur Gość (S-1-5-21-3900382419-439258320-73892896-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3900382419-439258320-73892896-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 3DMark 11 Demo (HKLM-x32\...\Steam App 221870) (Version: - Futuremark) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Futuremark SystemInfo (HKLM-x32\...\{AFBB2F94-A43D-46AD-8F77-66ACB3C71EDF}) (Version: 4.39.552.0 - Futuremark) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Mozilla Firefox 40.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 pl)) (Version: 40.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla) Raptr (HKLM-x32\...\Raptr) (Version: - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH) Total Uninstall 6.15.0 (HKLM\...\Total Uninstall 6_is1) (Version: 6.15.0 - Gavrila Martau) World of Tanks (HKU\S-1-5-21-3900382419-439258320-73892896-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 14-08-2015 22:22:47 Windows Update 15-08-2015 22:04:31 Windows Update 16-08-2015 15:32:15 Zainstalowany program DirectX 19-08-2015 22:00:11 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {08D6C273-4918-4ABF-B443-0F5674EB8F27} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-20] (Google Inc.) Task: {42315423-96A3-4956-B89B-91482832F804} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-20] (Google Inc.) Task: {4B7949AD-1549-4474-BD4E-38CF3B1E306E} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {EA36D500-0014-46D8-B544-53BDC96824B6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-18] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-08-04 09:54 - 2015-08-04 09:54 - 00179176 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll 2015-08-04 09:53 - 2015-08-04 09:53 - 00103400 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll 2015-08-04 09:54 - 2015-08-04 09:54 - 00108008 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll 2015-08-04 09:54 - 2015-08-04 09:54 - 00312296 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll 2015-08-04 09:54 - 2015-08-04 09:54 - 00483816 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll 2015-07-17 15:10 - 2015-07-17 15:10 - 00318976 _____ () C:\Program Files\TeamSpeak 3 Client\ssleay32.dll 2015-07-17 15:10 - 2015-07-17 15:10 - 01718784 _____ () C:\Program Files\TeamSpeak 3 Client\LIBEAY32.dll 2015-08-13 22:40 - 2015-07-03 18:12 - 00778240 _____ () D:\Steam\SDL2.dll 2015-08-13 22:40 - 2015-07-03 18:12 - 04962816 _____ () D:\Steam\v8.dll 2015-08-13 22:40 - 2015-07-03 18:12 - 01556992 _____ () D:\Steam\icui18n.dll 2015-08-13 22:40 - 2015-07-03 18:12 - 01187840 _____ () D:\Steam\icuuc.dll 2015-08-13 22:40 - 2015-08-19 22:39 - 02413248 _____ () D:\Steam\video.dll 2015-08-13 22:40 - 2014-12-01 23:31 - 02396672 _____ () D:\Steam\libavcodec-56.dll 2015-08-13 22:40 - 2014-12-01 23:31 - 00442880 _____ () D:\Steam\libavutil-54.dll 2015-08-13 22:40 - 2014-12-01 23:31 - 00479744 _____ () D:\Steam\libavformat-56.dll 2015-08-13 22:40 - 2014-12-01 23:31 - 00332800 _____ () D:\Steam\libavresample-2.dll 2015-08-13 22:40 - 2014-12-01 23:31 - 00485888 _____ () D:\Steam\libswscale-3.dll 2015-08-13 22:40 - 2015-08-19 22:39 - 00704192 _____ () D:\Steam\bin\chromehtml.DLL 2015-08-13 22:40 - 2015-07-27 03:13 - 00171008 _____ () D:\Steam\bin\openvr_api.dll 2015-08-13 22:40 - 2015-07-03 18:12 - 39553928 _____ () D:\Steam\bin\libcef.dll 2015-08-18 18:57 - 2015-08-18 18:57 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3900382419-439258320-73892896-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\artur\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{1F48BFBF-B2CF-4ECD-A3AE-112179450D51}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{81B3D5B2-3FE7-48D5-A05D-3E1223751E46}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E713CAC1-355C-4E37-9E60-CDBA2A71B0D2}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{F48A82B4-57D6-48A3-9AF4-F476918961C0}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{2E1009E6-7834-49EF-BD0F-9605D1102141}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{16EE5EDA-BBE9-40B2-9882-4F5FC7D1D83F}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{339FD70F-8B38-4FF5-86C6-EED434E4C5C7}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{37FD7360-7E0A-4AE1-9D67-F7EAA857E605}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{D2034B96-E27B-4D5C-9F2D-01866353EA8F}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{2F537362-7BEC-45CF-8C0B-85C860C5C3C6}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{1BEFE75E-183D-4BDE-85D7-AE9AA52E8F81}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{FBA290F0-8E10-4623-AD24-D40AF5B19D0A}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{1DFBD5D2-8BE8-42A5-AF7F-92465EB4C5E9}D:\wot\wotlauncher.exe] => (Allow) D:\wot\wotlauncher.exe FirewallRules: [UDP Query User{DD1B4D75-9775-4B67-A861-099B0101C6C0}D:\wot\wotlauncher.exe] => (Allow) D:\wot\wotlauncher.exe FirewallRules: [TCP Query User{E8841467-0037-454F-8350-48502B064F93}D:\wot\worldoftanks.exe] => (Allow) D:\wot\worldoftanks.exe FirewallRules: [UDP Query User{4487912A-AD6D-4805-87F3-339AA54735D3}D:\wot\worldoftanks.exe] => (Allow) D:\wot\worldoftanks.exe FirewallRules: [{EE6E28B1-612C-46DA-ACE7-4A9A819097FF}] => (Allow) D:\Steam\steamapps\common\3DMark 11\3DMarkLauncher.exe FirewallRules: [{7DA888E8-2917-4F8A-AD20-3A078AF20CCE}] => (Allow) D:\Steam\steamapps\common\3DMark 11\3DMarkLauncher.exe FirewallRules: [{67A31B0B-AD0C-40DE-A336-F00AB992B59D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/22/2015 12:16:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/22/2015 08:36:53 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/22/2015 12:29:17 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2015 09:38:27 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: Wystąpił błąd harmonogramu aktywacji licencji (sppuinotify.dll), kod błędu: 0x80070005 Error: (08/21/2015 08:38:27 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: Wystąpił błąd harmonogramu aktywacji licencji (sppuinotify.dll), kod błędu: 0x80070005 Error: (08/21/2015 07:38:27 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: Wystąpił błąd harmonogramu aktywacji licencji (sppuinotify.dll), kod błędu: 0x80070005 Error: (08/21/2015 06:38:27 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: Wystąpił błąd harmonogramu aktywacji licencji (sppuinotify.dll), kod błędu: 0x80070005 Error: (08/21/2015 05:38:27 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: Wystąpił błąd harmonogramu aktywacji licencji (sppuinotify.dll), kod błędu: 0x80070005 Error: (08/21/2015 04:54:48 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2015 04:16:22 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: Wystąpił błąd harmonogramu aktywacji licencji (sppuinotify.dll), kod błędu: 0x80070005 System errors: ============= Error: (08/21/2015 05:38:26 PM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (08/21/2015 04:53:02 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Poprzednie zamknięcie systemu przy 16:50:53 na ‎2015-‎08-‎21 było nieoczekiwane. Error: (08/21/2015 10:16:22 AM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (08/21/2015 09:30:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Instalator modułów systemu Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/21/2015 09:30:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Ochrona oprogramowania niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/21/2015 09:30:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/21/2015 09:30:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/21/2015 09:30:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Bufor wydruku niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 60000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/21/2015 09:30:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa AMD External Events Utility niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/20/2015 10:19:44 AM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Microsoft Office: ========================= Error: (08/22/2015 12:16:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/22/2015 08:36:53 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/22/2015 12:29:17 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2015 09:38:27 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 Error: (08/21/2015 08:38:27 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 Error: (08/21/2015 07:38:27 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 Error: (08/21/2015 06:38:27 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 Error: (08/21/2015 05:38:27 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 Error: (08/21/2015 04:54:48 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/21/2015 04:16:22 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: 0x80070005 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz Percentage of memory in use: 23% Total physical RAM: 8131.52 MB Available physical RAM: 6251.26 MB Total Virtual: 16261.23 MB Available Virtual: 14204.49 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:195.21 GB) (Free:152.51 GB) NTFS Drive d: () (Fixed) (Total:369.14 GB) (Free:340.15 GB) NTFS Drive e: () (Fixed) (Total:367.06 GB) (Free:366.96 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 71401B2F) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=369.1 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=367.1 GB) - (Type=07 NTFS) ==================== End of log ============================