Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-10-2016 Ran by Szymon (26-10-2016 10:14:11) Running from C:\Users\Szymon\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2016-04-14 03:28:26) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1828617473-2846505221-2361362635-500 - Administrator - Disabled) Guest (S-1-5-21-1828617473-2846505221-2361362635-501 - Limited - Disabled) Szymon (S-1-5-21-1828617473-2846505221-2361362635-1000 - Administrator - Enabled) => C:\Users\Szymon ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) "BioShock Infinite" (HKLM-x32\...\{D081C29C-1DDC-4C55-BCBF-DF8519636331}_is1) (Version: 1.1.25.5165 - ) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated) Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.185 - Adobe Systems Incorporated) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated) amuleC (HKLM-x32\...\{418DDAC3-E16C-47C2-B5FE-4FBCAB0E10D0}) (Version: 1.0.0 - amuleC) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.8 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS) Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) BitTorrent (HKU\S-1-5-21-1828617473-2846505221-2361362635-1000\...\BitTorrent) (Version: 7.9.9.42607 - BitTorrent Inc.) Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden i-Menu version 4.3.6 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.3.6 - AOC) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.7.248 - Intel Corporation) K-Lite Mega Codec Pack 12.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.1.0 - KLCP) LG Mobile Drivers (HKLM-x32\...\{D8D0327A-72B4-4C79-9883-1B6B6C20ED2B}) (Version: 4.0.3 - LG Electronics) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Mozilla Firefox 49.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 pl)) (Version: 49.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NetCracker Professional 4.1 (HKLM-x32\...\NetCracker Professional 4.1) (Version: - ) NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation) NVIDIA Graphics Driver 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) PowerISO (HKLM-x32\...\PowerISO) (Version: 6.5 - Power Software Ltd) Python 2.7 (64-bit) (HKLM\...\{20c31435-2a0a-4580-be8b-ac06fc243ca5}) (Version: 2.7.150 - Python Software Foundation) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.98.107.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.) RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd) RuneScape Launcher 2.2.2 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.2 - Jagex Ltd) Screen+ version Screen+ 1.4.2 (HKLM\...\Screen+_is1) (Version: Screen+ 1.4.2 - AOC) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden Skype Web Plugin (HKLM-x32\...\{DF6DC2FB-6783-4340-8B98-401CB656AD3A}) (Version: 7.26.0.48 - Skype Technologies S.A.) Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.) Sublime Text Build 3114 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) Telegram Desktop version 0.9.56 (HKU\S-1-5-21-1828617473-2846505221-2361362635-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.56 - Telegram Messenger LLP) Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.) Ventrilo Server (HKLM-x32\...\{1D46A3A0-B37D-423A-91C2-101A49E2FF80}) (Version: 3.0.3 - Flagship Industries, Inc.) Vulkan Run Time Libraries 1.0.5.1 (HKLM\...\VulkanRT1.0.5.1) (Version: 1.0.5.1 - LunarG, Inc.) Winamp (remove only) (HKLM-x32\...\Winamp) (Version: - ) Windows Driver Package - ASUS (ATP) Mouse (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS) WinRAR 5.31 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1828617473-2846505221-2361362635-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-1828617473-2846505221-2361362635-1000_Classes\CLSID\{BB384F15-7676-403E-B797-1F9D935525A3}\InprocServer32 -> C:\Users\Szymon\AppData\Local\SkypePlugin\7.26.0.48\GatewayActiveX-x64.dll (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-1828617473-2846505221-2361362635-1000_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Szymon\AppData\Local\SkypePlugin\7.26.0.48\EdgeCalling.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-1828617473-2846505221-2361362635-1000_Classes\CLSID\{EE77E2C8-7CCF-4449-AC4D-C885C28FAEA2}\localserver32 -> C:\Users\Szymon\AppData\Local\SkypePlugin\7.26.0.48\GatewayVersion-x64.exe (Skype Technologies S.A.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {3E39430F-1A3D-46CD-98CB-EC93448BD71E} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION Task: {49AB391D-9DDB-4AD5-8A0B-8AE78799E15D} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-04-18] () Task: {65AD51AF-6198-4AD6-B000-B37A694B9706} - System32\Tasks\AdobeAAMUpdater-1.0-Szymon-PC-Szymon => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated) Task: {6D7F08C8-1DA2-4AFF-BB5E-E4554118F149} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2013-09-09] (ASUSTek Computer Inc.) Task: {817A4564-A2D7-4029-ACB9-2370A4E741A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-18] (Google Inc.) Task: {8BCF5675-C3C0-4DFB-A028-8860B3BA481A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe Task: {A31A683D-256B-442F-BC1E-821068BF55A7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-18] (Google Inc.) Task: {ABA96221-4827-4290-9D5B-5B9F86F382AA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-11] (Adobe Systems Incorporated) Task: {D0AC38C3-3303-43EE-843A-F5C094E0B26D} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-12-12] (AsusTek) Task: {E0177DDD-4727-401E-9278-DBA5ED2225BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {E34F52B3-CCB4-468B-B976-F5C538C4D49C} - System32\Tasks\8d710389a9c763b3644f88e1c10ff747 => Rundll32.exe "C:\Program Files (x86)\NVIDIA Corporation\tnys8n.dll",e62dc6c6547f46bda862da2d05af6862 (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-04-16 11:10 - 2016-03-22 06:12 - 00020536 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2016-04-16 11:17 - 2016-03-22 04:25 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-10-25 10:11 - 2016-10-25 10:11 - 00142848 ____H () C:\local64spl.dll 2016-10-25 10:11 - 2016-10-25 10:11 - 00142848 ____H () D:\Dokumenty\local64spl.dll 2016-10-25 10:11 - 2016-10-25 10:11 - 00142848 ____H () D:\Dokumenty_\local64spl.dll 2016-10-25 10:11 - 2016-10-25 10:11 - 00142848 ____H () D:\Gry\local64spl.dll 2016-10-25 10:11 - 2016-10-25 10:11 - 00142848 ____H () D:\Gry_\local64spl.dll 2016-10-25 10:11 - 2016-10-25 10:11 - 00142848 ____H () D:\Torrenty\local64spl.dll 2016-10-25 10:11 - 2016-10-25 10:11 - 00142848 ____H () D:\Torrenty_\local64spl.dll 2016-10-25 10:11 - 2016-10-25 10:11 - 00142848 ____H () D:\Web Development\local64spl.dll 2016-10-25 10:11 - 2016-10-25 10:11 - 00142848 ____H () D:\Web Development_\local64spl.dll 2016-04-16 11:18 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-04-16 11:18 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-04-16 11:18 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2016-04-16 11:18 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2016-04-16 11:18 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-04-16 11:18 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-04-16 11:18 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-04-16 11:18 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2016-04-16 11:18 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-04-16 11:18 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2016-10-26 09:48 - 2016-10-26 04:41 - 00337920 _____ () c:\program files (x86)\winarcher\archer.dll 2016-04-16 11:10 - 2016-03-22 06:12 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2016-10-26 09:48 - 2016-10-26 04:49 - 00218624 _____ () c:\programdata\winsapsvc\winsap.dll 2016-04-16 11:18 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1828617473-2846505221-2361362635-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Szymon\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 217.144.192.2 - 217.144.192.33 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: Gitter => "C:\Users\Szymon\AppData\Local\Programs\Gitter\Gitter.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{59613747-5F2C-4D8D-A065-DC9ADF1F0F95}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{86967B9D-4709-4ACC-9176-DAF66CBEABE2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{19F3C8C6-F29B-4097-8955-4652B2E82568}] => (Allow) C:\Users\Szymon\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{BC146689-29CF-49D0-81AE-2BE82D797CFE}] => (Allow) C:\Users\Szymon\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{3EF27FDB-E959-4052-AA27-988C8976279D}] => (Allow) C:\Users\Szymon\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{AC6F3D7E-DB5F-437B-AC6F-A28BE4098B1D}] => (Allow) C:\Users\Szymon\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{8E027372-3AFC-48A9-AA67-FA7E698588E0}] => (Allow) C:\Users\Szymon\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{9DF7DD3C-78E2-4C0C-88FA-0E9BC0CE28F9}] => (Allow) C:\Users\Szymon\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{6F0BDA45-4D9D-4A79-A4CD-0ACB8DDC16E3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{91EF2B43-3434-4C5E-897D-541D8E56E18C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{D43F4DB4-1991-458C-B704-437D1B404A53}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{8F9ED0D9-0740-42C8-89A0-26B6A0D07880}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{4DEB35DA-2AAE-455D-8CF8-078CBCFFE2CE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{607B3B4B-D260-4ACF-866E-027B92580407}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8005C1A5-41D2-40DC-A7E9-AE6E71109792}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{41766FED-CD0A-4A7C-B378-795BB6BE37D3}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe FirewallRules: [{A6859074-F8B5-47A2-8D1B-42092499A147}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe FirewallRules: [TCP Query User{681B07E4-0CF5-4F4E-9B2C-D54199BFF330}C:\program files (x86)\ventsrv\ventrilo_srv.exe] => (Allow) C:\program files (x86)\ventsrv\ventrilo_srv.exe FirewallRules: [UDP Query User{B0F735F8-F87F-468E-8E26-09B98B10008B}C:\program files (x86)\ventsrv\ventrilo_srv.exe] => (Allow) C:\program files (x86)\ventsrv\ventrilo_srv.exe FirewallRules: [TCP Query User{DD7F00B1-876F-4683-8DBF-962D55E4BE98}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{A4F3546C-18ED-4D67-83A9-A3CE0C39296D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [TCP Query User{049BF900-C8F6-466D-B637-72554D7D1BDF}C:\railsinstaller\ruby2.2.0\bin\ruby.exe] => (Allow) C:\railsinstaller\ruby2.2.0\bin\ruby.exe FirewallRules: [UDP Query User{BA404630-A26B-4663-B303-DEA59B583BFA}C:\railsinstaller\ruby2.2.0\bin\ruby.exe] => (Allow) C:\railsinstaller\ruby2.2.0\bin\ruby.exe FirewallRules: [{CC9DDE35-ECA9-40BF-A137-B6A6D1145B4D}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{BC42E1EF-08F2-4F18-BB04-412ADA9BA234}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [TCP Query User{D0AC8124-E58E-4706-AED4-6D394E684D21}C:\users\szymon\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\szymon\appdata\local\skypeplugin\pluginhost.exe FirewallRules: [UDP Query User{F3A38514-B4CB-4D9C-9CAD-5B040A65B07A}C:\users\szymon\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\szymon\appdata\local\skypeplugin\pluginhost.exe FirewallRules: [{CE4FC353-70CA-44C4-AB6B-D7F6F250BC25}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{F09E5740-EDBA-4C97-AA91-2F604AD36DBC}D:\gry\counter-strike 1.6\hl.exe] => (Allow) D:\gry\counter-strike 1.6\hl.exe FirewallRules: [UDP Query User{2A31B17F-AEA4-4B5C-B027-A0A2B249E8DF}D:\gry\counter-strike 1.6\hl.exe] => (Allow) D:\gry\counter-strike 1.6\hl.exe FirewallRules: [{0F756E88-E417-482A-A4D5-6A4E6764191E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{924FD62F-749B-4482-A0AE-34C12BA05C7E}] => (Allow) D:\Gry\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe FirewallRules: [{F189C396-20EA-485D-B200-F324CEA258D2}] => (Allow) D:\Gry\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe FirewallRules: [{0E98654D-1D13-4A22-8DAD-9465CE6BAE01}] => (Allow) C:\Users\Szymon\AppData\Local\Temp\inst_buychannel_06.exe FirewallRules: [{ED259800-5482-46E9-BC2B-291836A36295}] => (Allow) C:\Users\Szymon\AppData\Local\Temp\inst_buychannel_06.exe FirewallRules: [{F6F83DB8-CC27-48BC-B9DE-A53AD654D1CD}] => (Allow) C:\Program Files (x86)\LuDaShi\ComputerZTray.exe FirewallRules: [{426DC032-F801-42FA-8289-261DB450BF2B}] => (Allow) C:\Program Files (x86)\LuDaShi\ComputerZTray.exe FirewallRules: [{F0325083-6981-4093-B324-7C7F7D2DAFE8}] => (Allow) C:\Program Files (x86)\LuDaShi\Utils\mininews.exe FirewallRules: [{C17AADD7-9E4D-4388-81CA-EFCF3E997126}] => (Allow) C:\Program Files (x86)\LuDaShi\Utils\mininews.exe ==================== Restore Points ========================= 03-09-2016 23:28:30 Scheduled Checkpoint 02-10-2016 23:46:02 Scheduled Checkpoint 11-10-2016 19:37:54 Scheduled Checkpoint 12-10-2016 23:12:01 Installed LG Mobile Drivers. 16-10-2016 14:52:14 Installed Evernote v. 6.3.3 16-10-2016 15:09:32 Removed Evernote v. 6.3.3 19-10-2016 19:23:13 Installed DirectX 20-10-2016 18:11:21 Removed Traffic Exchange ==================== Faulty Device Manager Devices ============= Name: Microsoft Teredo Tunneling Adapter Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (10/26/2016 10:10:25 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/26/2016 09:50:15 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/26/2016 09:50:03 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: QQBrowser.exe, version: 7.3.11251.400, time stamp: 0x51d4fd5d Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000001 Faulting process id: 0x134c Faulting application start time: 0x01d22f5d8c980184 Faulting application path: C:\Program Files (x86)\interhpx_00000000\QQBrowser.exe Faulting module path: unknown Report Id: cd0060f5-9b50-11e6-a8c7-240a645993be Error: (10/25/2016 06:28:55 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/25/2016 02:05:37 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/25/2016 10:20:37 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/25/2016 10:01:18 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/21/2016 08:53:04 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/20/2016 11:43:11 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (10/20/2016 11:40:50 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. System errors: ============= Error: (10/26/2016 10:08:50 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (10/26/2016 10:08:47 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (10/26/2016 10:08:47 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT AUTHORITY) Description: Task Scheduler service failed to load tasks at service startup. Additional Data: Error Value: 2147942402. Error: (10/26/2016 09:51:08 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The InterHop service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (10/26/2016 09:51:06 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The UvConverter service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (10/26/2016 09:51:03 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The ed2k idle service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (10/26/2016 09:48:54 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The InterHop service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (10/26/2016 09:48:35 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (10/26/2016 09:48:33 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (10/25/2016 11:24:21 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. CodeIntegrity: =================================== Date: 2016-10-08 17:34:42.370 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\GMLXDFltr01.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-10-08 17:34:42.369 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\GMLXDFltr01.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-10-08 17:33:33.739 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\GMLXDFltr01.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-10-08 17:33:33.739 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\GMLXDFltr01.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-10-08 17:33:17.669 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\GMLXDFltr01.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-10-08 17:33:17.669 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\GMLXDFltr01.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-10-08 17:24:50.888 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\GMLXDFltr01.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-10-08 17:24:50.888 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\GMLXDFltr01.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-10-08 17:21:33.201 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\GMLXDFltr01.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-10-08 17:21:33.201 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\GMLXDFltr01.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz Percentage of memory in use: 24% Total physical RAM: 8077.62 MB Available physical RAM: 6104.38 MB Total Virtual: 16153.42 MB Available Virtual: 14078.93 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:200 GB) (Free:134.97 GB) NTFS Drive d: () (Fixed) (Total:233.66 GB) (Free:98.23 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 75080024) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=200 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=233.7 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=32 GB) - (Type=05) ==================== End of Addition.txt ============================