Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2015 Ran by Singaya at 2015-08-02 00:02:31 Running from F:\Programy\Instalki\Walka z wirusami\Nowy folder Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM\...\uTorrent) (Version: 3.0.0 - ) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Aktualizacje NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden Archiwizator WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software) CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform) Counter-Strike 1.6 (HKLM-x32\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - ) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd) Football Manager 2012 (HKLM-x32\...\Football Manager 2012_is1) (Version: - ) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2405 - Intel Corporation) Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle) Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{01db25f3-1b76-4d97-88c8-1c90634d88fb}) (Version: 11.0.60610.1 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Mozilla Firefox 12.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 12.0 (x86 pl)) (Version: 12.0 - Mozilla) Mozilla Firefox 39.0 (x86 pl) (HKU\S-1-5-21-3061280923-3253570267-2657071582-1000\...\Mozilla Firefox 39.0 (x86 pl)) (Version: 39.0 - Mozilla) NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 296.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 296.10 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.12.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.12.0 - NVIDIA Corporation) NVIDIA Sterownik graficzny 296.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.10 - NVIDIA Corporation) Panel sterowania NVIDIA 296.10 (Version: 296.10 - NVIDIA Corporation) Hidden Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.) Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform) SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) SopCast 3.9.6 (HKLM-x32\...\SopCast) (Version: 3.9.6 - www.sopcast.com) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN) WapSter AQQ (HKLM-x32\...\AQQ) (Version: 2.4.1.50 - Creative Team S.A.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3061280923-3253570267-2657071582-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\spwizimg.dll (Windows (R) Codename Longhorn DDK provider) ==================== Restore Points ========================= ATTENTION: System Restore is disabled. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ___AC C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {1FE52267-3F81-41A2-B7BA-AA459A64E185} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS) Task: {4A7D6583-250D-4F80-9652-C355DB4DEC2A} - System32\Tasks\avast! Emergency Update => F:\Programy\Programy\Avast\AvastEmUpdate.exe [2015-07-20] (AVAST Software) Task: {4B30F976-C8EA-4C3E-AB72-263D85D2EBFE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd) Task: {8CE9C19B-2F03-4160-9DA9-8F2B0D18DF60} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc ==================== Loaded Modules (whitelisted) ============== 2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 ____C () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\office.odf 2015-03-06 09:16 - 2005-06-07 13:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2012-05-11 16:33 - 2012-05-10 23:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-07-20 16:48 - 2015-07-20 16:48 - 00102864 _____ () F:\Programy\Programy\Avast\log.dll 2015-07-20 16:48 - 2015-07-20 16:48 - 00123976 _____ () F:\Programy\Programy\Avast\JsonRpcServer.dll 2015-08-01 18:44 - 2015-08-01 18:44 - 02959872 _____ () F:\Programy\Programy\Avast\defs\15080101\algo.dll 2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 ____C () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\office.odf 2015-03-14 09:56 - 2012-11-20 17:13 - 00264192 _____ () F:\Gry\Razer Game Booster\D3DX8Wrapper.dll 2015-03-14 09:56 - 2013-11-12 10:57 - 00098304 _____ () F:\Gry\Razer Game Booster\EasyHook32.dll 2012-05-04 09:16 - 2012-05-04 09:16 - 00310272 _____ () F:\Programy\Programy\WapSter AQQ\System\Shared\Plugins\Contact.dll 2012-04-30 11:26 - 2012-04-30 11:26 - 01178624 _____ () F:\Programy\Programy\WapSter AQQ\System\Shared\Plugins\GGNet.dll 2012-05-04 09:24 - 2012-05-04 09:24 - 00971776 _____ () F:\Programy\Programy\WapSter AQQ\System\Shared\Plugins\SMS.dll 2015-07-20 16:48 - 2015-07-20 16:48 - 40540672 _____ () F:\Programy\Programy\Avast\libcef.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Registry Areas ===================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3061280923-3253570267-2657071582-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Singaya\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-3061280923-3253570267-2657071582-500 - Administrator - Disabled) Gość (S-1-5-21-3061280923-3253570267-2657071582-501 - Limited - Disabled) Singaya (S-1-5-21-3061280923-3253570267-2657071582-1000 - Administrator - Enabled) => C:\Users\Singaya ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/01/2015 11:43:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/01/2015 11:43:18 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (08/01/2015 11:32:50 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/01/2015 11:32:37 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (08/01/2015 11:25:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/01/2015 11:24:49 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (08/01/2015 11:04:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/01/2015 11:04:22 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (08/01/2015 10:54:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/01/2015 10:54:07 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. System errors: ============= Error: (08/01/2015 11:41:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Stereoscopic 3D Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/01/2015 11:31:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Stereoscopic 3D Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/01/2015 11:21:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Stereoscopic 3D Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/01/2015 11:02:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Stereoscopic 3D Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/01/2015 10:53:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/01/2015 10:53:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Instalator Windows niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 120000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/01/2015 10:53:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Usługa Usługa udostępniania w sieci programu Windows Media Player niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error: (08/01/2015 10:53:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa RzKLService niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/01/2015 10:53:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Streamer Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (08/01/2015 10:53:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa NVIDIA Network Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Microsoft Office Sessions: ========================= Error: (08/01/2015 11:43:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/01/2015 11:43:18 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (08/01/2015 11:32:50 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/01/2015 11:32:37 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (08/01/2015 11:25:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/01/2015 11:24:49 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (08/01/2015 11:04:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/01/2015 11:04:22 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 Error: (08/01/2015 10:54:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/01/2015 10:54:07 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: 0x800700050x00000000 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz Percentage of memory in use: 29% Total physical RAM: 8096.05 MB Available physical RAM: 5736.13 MB Total Pagefile: 16190.29 MB Available Pagefile: 13632.3 MB Total Virtual: 8192 MB Available Virtual: 8191.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:48.93 GB) (Free:18.21 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Archiwum) (Fixed) (Total:46.98 GB) (Free:23.59 GB) NTFS Drive e: (Filmy i muzyka) (Fixed) (Total:146.48 GB) (Free:89.3 GB) NTFS Drive f: (Gry i programy) (Fixed) (Total:198.36 GB) (Free:99.2 GB) NTFS Drive h: (FM2012) (CDROM) (Total:1.9 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1AECBEE1) Partition 1: (Not Active) - (Size=25 GB) - (Type=1C) Partition 2: (Active) - (Size=48.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=198.4 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=193.5 GB) - (Type=OF Extended) ==================== End Of Log ============================