Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-12-2015 Ran by Karol (2015-12-10 17:14:29) Running from D:\Programy\FRST Windows 8.1 Pro (X64) (2014-01-17 18:19:42) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2774745869-3052220403-4266378736-500 - Administrator - Disabled) Guest (S-1-5-21-2774745869-3052220403-4266378736-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2774745869-3052220403-4266378736-1004 - Limited - Enabled) Karol (S-1-5-21-2774745869-3052220403-4266378736-1001 - Administrator - Enabled) => C:\Users\Karol UpdatusUser (S-1-5-21-2774745869-3052220403-4266378736-1002 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 60 Seconds 1.0.0.2 (HKLM-x32\...\60 Seconds 1.0.0.2) (Version: 1.0.0.2 - Čăđű íŕ Cat-A-Cat.NET) 888poker (HKLM-x32\...\888poker) (Version: - ) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated) Any Video Converter Professional 5.0.8 (HKLM-x32\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com) ArcaniA - Gothic 4 (HKLM-x32\...\ArcaniA) (Version: - JoWooD Entertainment AG) Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - ) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB) BitTorrent (HKU\S-1-5-21-2774745869-3052220403-4266378736-1001\...\BitTorrent) (Version: 7.9.1.30889 - BitTorrent Inc.) CodeBlocks (HKU\S-1-5-21-2774745869-3052220403-4266378736-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version: - Ubisoft) Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.01 - Ubisoft) Farming Simulator 2013 (HKLM-x32\...\Farming Simulator 20132.0.0.9) (Version: 2.0.0.9 - GIANTS Software GmbH) FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Gameforge Live 2.0.4 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.4 - Gameforge) GameRanger (HKU\S-1-5-21-2774745869-3052220403-4266378736-1001\...\GameRanger) (Version: - GameRanger Technologies) Gaming Mouse (HKLM-x32\...\{A7B243AA-6D4C-4575-A873-6F01A1EFC5E2}}_is1) (Version: - ) General Module (HKLM-x32\...\{F80DDFFD-D030-4CCC-AF03-BD8EEE5E20ED}) (Version: 1.0.5 - PixArt Imaging Inc.) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com) gogrisen (HKLM\...\{6bd41b13-a359-4b67-811b-48b41f7a63ef}.sdb) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.73 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games) Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) GRID 2 (c) Codemasters version 1 (HKLM-x32\...\R1JJRDI=_is1) (Version: 1 - ) GRID Autosport (HKLM-x32\...\R1JJREF1dG9zcG9ydA==_is1) (Version: 1 - ) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of Might and Magic 3 Complete (HKLM-x32\...\Heroes of Might and Magic 3 Complete_is1) (Version: - GOG.com) Icy Tower v1.5.1 (HKLM-x32\...\Icy Tower v1.5.1_is1) (Version: - Free Lunch Design) KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - ) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) LBOTS Top Keyboard Driver (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 1.0 - ) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Life Is Strange (HKLM-x32\...\Life Is Strange_is1) (Version: - SQUARE ENIX) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.303 - LogMeIn, Inc.) Hidden Łatka polonizacyjna GTA IV v0.99 (HKLM-x32\...\Łatka polonizacyjna GTA IV v0.99) (Version: 0.99 - GTAPOLSKA.PL) Metro: Last Light (c) Deep Silver version 1 (HKLM-x32\...\TWV0cm9MYXN0TGlnaHQ=_is1) (Version: 1 - ) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 42.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 pl)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.3.0.0 - Electronic Arts) Nostale(PL) (HKLM-x32\...\NosTale(PL)_is1) (Version: - Gameforge 4D GmbH) NVIDIA 3D Vision Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation) NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation) NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.) osu! (HKLM-x32\...\{7d1b2de3-a0e5-4b31-8f18-54437b8ae6a9}) (Version: latest - ppy Pty Ltd) Papers, Please PL (HKU\S-1-5-21-2774745869-3052220403-4266378736-1001\...\Papers, Please PL) (Version: 1.0 - GameSub) PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software) Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.) Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver) Risen (HKLM-x32\...\GOGPACKRISEN_is1) (Version: 2.0.0.6 - GOG.com) Robocraft version 0.3.290 (HKU\S-1-5-21-2774745869-3052220403-4266378736-1001\...\{9F101691-69D3-422E-BB5C-8CAD7110781B}_is1) (Version: 0.3.290 - Freejam) Rocket League (HKLM-x32\...\Rocket League_is1) (Version: - Psyonix) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.8 - Rockstar Games) Saints Row IV (HKLM-x32\...\U2FpbnRzUm93SVY=_is1) (Version: 1 - ) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation) Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) Sleeping Dogs (HKLM-x32\...\Sleeping Dogs_is1) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Stupid Invaders (HKLM-x32\...\Stupid Invaders) (Version: - ) Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH) The Binding of Isaac Rebirth 1.0 (HKLM-x32\...\The Binding of Isaac Rebirth 1.0) (Version: 1.0 - Games on Cat-A-Cat.Net) The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\The Witcher 2 - Assassins of Kings Enhanced Edition_is1) (Version: - GOG.com) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.8.2 - GOG.com) The Witcher 3: Wild Hunt - Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com) The Witcher 3: Wild Hunt - Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com) The Witcher 3: Wild Hunt - New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com) The Witcher 3: Wild Hunt - Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com) The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\GOGPACKWITCHEREEDC_is1) (Version: 2.0.0.12 - GOG.com) TmUnitedForever Update 2010-03-15 (HKLM-x32\...\TmUnitedForever_is1) (Version: - Nadeo) Turbo Sliders (remove only) (HKLM-x32\...\Turbo Sliders) (Version: - ) Unity Web Player (HKU\S-1-5-21-2774745869-3052220403-4266378736-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton) Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft) USB2.0 PC Camera(0050.2010.0326.3015) (HKLM-x32\...\{C6A0FD8A-F107-44CA-AA1B-49341936F76A}) (Version: 0050.2010.0326.3015 - PixArt) VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN) WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft) WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) World of Tanks (HKU\S-1-5-21-2774745869-3052220403-4266378736-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net) World of Warships (HKU\S-1-5-21-2774745869-3052220403-4266378736-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2774745869-3052220403-4266378736-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Karol\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2774745869-3052220403-4266378736-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Karol\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2774745869-3052220403-4266378736-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Karol\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.) ==================== Restore Points ========================= 21-11-2015 12:31:29 Scheduled Checkpoint 28-11-2015 12:41:30 Scheduled Checkpoint 06-12-2015 09:38:05 Scheduled Checkpoint 09-12-2015 19:26:12 Windows Update 10-12-2015 16:58:41 Removed Google Talk Plugin 10-12-2015 16:59:07 Removed Java 7 Update 65 (64-bit) 10-12-2015 16:59:42 Removed Java 8 Update 25 10-12-2015 17:06:19 Restore Point Created by FRST ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2015-12-10 17:00 - 00000830 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {07B0358C-EDF0-4F9C-9D64-ABF376FEA6CA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-08] (Adobe Systems Incorporated) Task: {20737ED1-1FD0-48E7-BB62-A2F025E08FFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2774745869-3052220403-4266378736-1001UA => C:\Users\Karol\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {5E9A859E-F557-48E2-B4DA-99E85D976891} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-12-09] (Microsoft Corporation) Task: {AD417203-DB1C-4555-984C-F001910CD44E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-27] (Google Inc.) Task: {E62A7272-0923-4C69-9013-BD2E4FE7F428} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-03] (AVAST Software) Task: {E95577D4-48E5-4F72-B508-38A885E1B375} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2774745869-3052220403-4266378736-1001Core => C:\Users\Karol\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {EA3C637D-D55F-4807-B192-38938910F444} - System32\Tasks\avast! Emergency Update => D:\Programy\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.) Task: {FEA1D9AC-E211-49D3-B413-BDC4DE9B0660} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-27] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2774745869-3052220403-4266378736-1001Core.job => C:\Users\Karol\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2774745869-3052220403-4266378736-1001UA.job => C:\Users\Karol\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2014-01-17 19:27 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-01-19 10:48 - 2014-09-06 12:12 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-04-12 15:50 - 2012-06-07 09:11 - 00262656 _____ () D:\Programy\GamingMouse\hid.exe 2015-05-26 14:01 - 2013-05-15 09:58 - 00745472 _____ () C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE 2014-04-12 15:50 - 2011-11-22 13:18 - 00256512 _____ () D:\Programy\GamingMouse\trayicon.exe 2015-04-15 22:39 - 2015-04-15 22:39 - 00104400 _____ () D:\Programy\Avast\log.dll 2015-04-15 22:39 - 2015-04-15 22:39 - 00081728 _____ () D:\Programy\Avast\JsonRpcServer.dll 2015-12-10 14:02 - 2015-12-10 14:02 - 02803200 _____ () D:\Programy\Avast\defs\15121000\algo.dll 2015-04-15 22:39 - 2015-04-15 22:39 - 40540672 _____ () D:\Programy\Avast\libcef.dll 2014-04-12 15:50 - 2011-11-22 13:18 - 00061440 _____ () D:\Programy\GamingMouse\HidDevice.dll 2015-05-26 14:01 - 2012-08-14 06:49 - 00057344 _____ () C:\Program Files (x86)\Gaming Keyboard\lan.dll 2015-05-26 14:01 - 2012-08-14 21:41 - 00061440 _____ () C:\Program Files (x86)\Gaming Keyboard\hiddriver.dll 2014-04-12 15:50 - 2011-11-22 13:18 - 00249856 _____ () D:\Programy\GamingMouse\language.dll 2015-05-19 15:31 - 2015-09-10 13:12 - 45069312 _____ () C:\Program Files (x86)\GalaxyClient\libcef.dll 2015-05-19 15:31 - 2015-09-10 13:12 - 00566272 _____ () C:\Program Files (x86)\GalaxyClient\PocoUtil.dll 2015-05-19 15:31 - 2015-09-10 13:12 - 01202176 _____ () C:\Program Files (x86)\GalaxyClient\PocoNet.dll 2015-05-19 15:31 - 2015-09-10 13:12 - 02579456 _____ () C:\Program Files (x86)\GalaxyClient\PocoData.dll 2015-05-19 15:31 - 2015-09-10 13:12 - 00476672 _____ () C:\Program Files (x86)\GalaxyClient\PocoDataSQLite.dll 2015-05-19 15:31 - 2015-09-10 13:12 - 00515072 _____ () C:\Program Files (x86)\GalaxyClient\PocoXML.dll 2015-05-19 15:31 - 2015-09-10 13:12 - 00340480 _____ () C:\Program Files (x86)\GalaxyClient\PocoZip.dll 2015-05-19 15:31 - 2015-09-10 13:12 - 01785344 _____ () C:\Program Files (x86)\GalaxyClient\PocoFoundation.dll 2015-05-19 15:31 - 2015-09-10 13:12 - 00332288 _____ () C:\Program Files (x86)\GalaxyClient\PocoNetSSL.dll 2015-05-19 15:31 - 2015-09-10 13:12 - 00414208 _____ () C:\Program Files (x86)\GalaxyClient\PocoJSON.dll 2015-05-19 15:31 - 2015-09-10 13:12 - 00666624 _____ () C:\Program Files (x86)\GalaxyClient\sqlite.dll 2015-05-19 15:31 - 2015-04-09 14:52 - 00139776 _____ () C:\Program Files (x86)\GalaxyClient\expat.dll 2015-05-19 15:31 - 2015-09-10 13:12 - 00412672 _____ () C:\Program Files (x86)\GalaxyClient\pcre.dll 2015-05-19 15:31 - 2015-04-09 14:52 - 00094208 _____ () C:\Program Files (x86)\GalaxyClient\zlib.dll 2015-05-19 15:31 - 2015-09-10 13:12 - 00172032 _____ () C:\Program Files (x86)\GalaxyClient\PocoCrypto.dll 2015-05-19 15:31 - 2015-04-09 14:52 - 00107520 _____ () C:\Program Files (x86)\GalaxyClient\ZLIB1.dll 2015-05-19 15:31 - 2015-09-10 13:12 - 01643008 _____ () C:\Program Files (x86)\GalaxyClient\libglesv2.dll 2015-05-19 15:31 - 2015-09-10 13:12 - 00074752 _____ () C:\Program Files (x86)\GalaxyClient\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData:NT AlternateDataStreams: C:\ProgramData:NT2 AlternateDataStreams: C:\Users\All Users:NT AlternateDataStreams: C:\Users\All Users:NT2 AlternateDataStreams: C:\ProgramData\Application Data:NT AlternateDataStreams: C:\ProgramData\Application Data:NT2 AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 AlternateDataStreams: C:\Users\Karol\Application Data:NT AlternateDataStreams: C:\Users\Karol\Application Data:NT2 AlternateDataStreams: C:\Users\Karol\AppData\Roaming:NT AlternateDataStreams: C:\Users\Karol\AppData\Roaming:NT2 ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2774745869-3052220403-4266378736-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2774745869-3052220403-4266378736-1001\...\StartupApproved\Run: => "NextLive" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Faulty Device Manager Devices ============= Name: Kontroler PCI Simple Communications Description: Kontroler PCI Simple Communications Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Kontroler magistrali zarządzania systemem Description: Kontroler magistrali zarządzania systemem Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (12/10/2015 05:06:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (12/10/2015 05:06:19 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Access is denied. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {e14d4df7-5fbb-4f62-ab99-9dfca2d11e37} Error: (12/10/2015 04:59:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (12/10/2015 04:59:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (12/10/2015 04:58:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (12/10/2015 01:42:38 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program firefox.exe w wersji 42.0.0.5780 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 1be8 Godzina rozpoczęcia: 01d13344900161ff Godzina zakończenia: 4294967295 Ścieżka aplikacji: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Identyfikator raportu: 7da4886c-9f3b-11e5-82f4-bc5ff4ef04a1 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (12/10/2015 01:42:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: plugin-container.exe, wersja: 42.0.0.5780, sygnatura czasowa: 0x5632d0a4 Nazwa modułu powodującego błąd: mozglue.dll, wersja: 42.0.0.5780, sygnatura czasowa: 0x5632ba58 Kod wyjątku: 0x80000003 Przesunięcie błędu: 0x0000ed50 Identyfikator procesu powodującego błąd: 0x1328 Godzina uruchomienia aplikacji powodującej błąd: 0xplugin-container.exe0 Ścieżka aplikacji powodującej błąd: plugin-container.exe1 Ścieżka modułu powodującego błąd: plugin-container.exe2 Identyfikator raportu: plugin-container.exe3 Pełna nazwa pakietu powodującego błąd: plugin-container.exe4 Identyfikator aplikacji względem pakietu powodującego błąd: plugin-container.exe5 Error: (12/10/2015 01:06:24 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Program adwcleaner_5.024.exe w wersji 5.0.2.4 przestał współpracować z systemem Windows i został zamknięty. Aby sprawdzić, czy jest dostępnych więcej informacji na temat tego problemu, sprawdź historię problemu w aplecie Centrum akcji w Panelu sterowania. Identyfikator procesu: 17f8 Godzina rozpoczęcia: 01d13342cc600d86 Godzina zakończenia: 4294967295 Ścieżka aplikacji: D:\Download\adwcleaner_5.024.exe Identyfikator raportu: 6e264c51-9f36-11e5-82f4-bc5ff4ef04a1 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd: Error: (12/09/2015 07:26:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Przetwarzanie wywołania OnIdentity() w obiekcie System Writer przez Usługi kryptograficzne nie powiodło się. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (12/06/2015 04:42:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: KarolPC) Description: Działanie pakietu Microsoft.WindowsSoundRecorder_6.3.9600.20280_x64__8wekyb3d8bbwe+App zostało zakończone, ponieważ operacja wstrzymywania pakietu trwała zbyt długo. System errors: ============= Error: (12/10/2015 05:06:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Installer niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (12/10/2015 05:06:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa WMI Performance Adapter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (12/10/2015 05:06:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Media Player Network Sharing Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (12/10/2015 05:06:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Update Service Daemon niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/10/2015 05:06:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Restart the service. Error: (12/10/2015 05:06:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa LogMeIn Hamachi Tunneling Engine niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/10/2015 05:06:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa WdMan Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/10/2015 05:06:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa PnkBstrA niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/10/2015 05:06:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa LMIGuardianSvc niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (12/10/2015 05:06:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Skype Click to Call PNR Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz Percentage of memory in use: 16% Total physical RAM: 8111.44 MB Available physical RAM: 6749.38 MB Total Virtual: 9391.44 MB Available Virtual: 7909.27 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.45 GB) (Free:53.58 GB) NTFS Drive d: (Baza Operacyjna) (Fixed) (Total:931.51 GB) (Free:350.61 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: EA3C95A3) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D607DBFB) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================