Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-10-2016 Ran by marcin (03-11-2016 00:16:50) Running from C:\Users\marcin\Downloads Windows 7 Enterprise Service Pack 1 (X64) (2013-07-17 23:26:09) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3897112681-2335061952-3470262197-500 - Administrator - Disabled) Guest (S-1-5-21-3897112681-2335061952-3470262197-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3897112681-2335061952-3470262197-1003 - Limited - Enabled) marcin (S-1-5-21-3897112681-2335061952-3470262197-1000 - Administrator - Enabled) => C:\Users\marcin ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\uTorrent) (Version: 3.3.2.30570 - BitTorrent Inc.) µTorrent (HKU\S-1-5-21-3897112681-2335061952-3470262197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.3.2.30570 - BitTorrent Inc.) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated) Aktualizacje NVIDIA 2.4.5.28 (Version: 2.4.5.28 - NVIDIA Corporation) Hidden ALLPlayer V5.X (HKLM-x32\...\ALLPlayer_is1) (Version: - ALLPlayer Group, Ltd.) ASUS Xonar U1 Audio (HKLM\...\C-Media CM112 Like Sound Driver) (Version: - ) Awesomenauts (HKLM-x32\...\Steam App 204300) (Version: - Ronimo Games) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.237 - NC Interactive, LLC) Blade & Soul (x32 Version: 1.0.63.237 - NC Interactive, LLC) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform) ChomikBox (HKLM-x32\...\{26050F54-3928-4D9C-849A-C48A9E831E6F}) (Version: 2.0.5.0 - Chomikuj.pl) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd) Detektor Winampa (HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Detektor Winampa (HKU\S-1-5-21-3897112681-2335061952-3470262197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Droid4X (HKLM-x32\...\Droid4X) (Version: 0.8.7 - Haiyu Dongxiang Co.,Ltd.) ESL Wire 1.19.0 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH) GG (HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\GG) (Version: 12 - GG Network S.A.) GG (HKU\S-1-5-21-3897112681-2335061952-3470262197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GG) (Version: 12 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.) Google Photos Backup (HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.) Google Photos Backup (HKU\S-1-5-21-3897112681-2335061952-3470262197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Heroes of Might and Magic V (HKLM-x32\...\{C0086B27-8E52-42D4-8393-236391EF18F6}) (Version: 1.00.0000 - Ubisoft) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) K-Lite Codec Pack 9.9.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.9.5 - ) Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - ) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0415-0000-0000000FF1CE}) (Version: 12.0.6334.5000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Mozilla Firefox 49.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 pl)) (Version: 49.0.2 - Mozilla) Mumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT) NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA Sterownik graficzny 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation) NVIDIA Sterownik kontrolera 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) Oracle VM VirtualBox 4.3.12_ZZZZ (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation) Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios) Panel sterowania NVIDIA 355.82 (Version: 355.82 - NVIDIA Corporation) Hidden Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version: - Daum Kakao Corp.) Prince Of Persia (HKLM-x32\...\{F3B0AC10-3636-4166-81CF-86CD7A8B0123}) (Version: 1.0 - Ubisoft) Rayman Origins (HKLM-x32\...\Steam App 207490) (Version: - UBIart Montpellier) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden SMPlayer 16.9.0 (x64) (HKLM\...\SMPlayer) (Version: 16.9.0 - Ricardo Villalba) Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony) SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Super Panda Adventures (HKLM-x32\...\Steam App 311190) (Version: - Paul Schneider) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.64 - Nullsoft, Inc) WinRAR 4.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) X7 Oscar Keyboard Editor (HKLM-x32\...\InstallShield_{705D6406-AA83-4BBD-8036-EEB4A1F69B5B}) (Version: 10.12.0004 - A4TECH) X7 Oscar Keyboard Editor (x32 Version: 10.12.0004 - A4TECH) Hidden Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\marcin\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\marcin\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\marcin\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\marcin\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) CustomCLSID: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\marcin\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\marcin\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\marcin\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\marcin\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\marcin\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) CustomCLSID: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\marcin\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {4BAC7F58-28A3-46BD-9F42-D3BF2DA106D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3897112681-2335061952-3470262197-1000UA => C:\Users\marcin\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-13] (Google Inc.) Task: {7AA130ED-F9AB-4AD3-9F0E-EDFD91157E3B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {873F16A5-CD4C-49E8-B724-0AF00AD25B0D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated) Task: {8C2EE73F-8B3D-4B14-939B-2ECE06666282} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {C9DA2D53-C378-4010-955D-109BFF6CFD10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd) Task: {CA6EBF34-D2B0-410B-A8D1-C2CC60AD399A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3897112681-2335061952-3470262197-1000Core => C:\Users\marcin\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-13] (Google Inc.) Task: {CD979448-65DC-4BBB-BCBB-42C6941027E7} - System32\Tasks\{9759FEFA-244A-4927-A05F-0FED9B13AA39} => pcalua.exe -a C:\Users\marcin\AppData\Roaming\sweet-page\UninstallManager.exe Task: {E7EADD5D-9451-4622-AF1D-FC50D4E89DDF} - System32\Tasks\cFosSpeedTR => C:\Program Files\cFosSpeed\CFSTR.exe [2013-02-03] (BB) Task: {E9C4315A-EFB1-4F0B-AAE7-8A996BF06E37} - System32\Tasks\{0BBA2727-6FE3-4F42-9B3C-5DB376BC14B0} => pcalua.exe -a "C:\Users\marcin\Downloads\cFosSpeed_9.02\cFosSpeed_9.02_Build_2032_Final\TRial-Reset by BBs\CFS.TR.Setup.BBs.exe" -d "C:\Users\marcin\Downloads\cFosSpeed_9.02\cFosSpeed_9.02_Build_2032_Final\TRial-Reset by BBs" Task: {EE7414EE-6AF5-4C26-995C-8DF903437DFE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-26] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3897112681-2335061952-3470262197-1000Core.job => C:\Users\marcin\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3897112681-2335061952-3470262197-1000UA.job => C:\Users\marcin\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2013-07-17 11:32 - 2015-08-25 15:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-11-13 03:28 - 2015-11-13 03:28 - 00269312 _____ () C:\Program Files (x86)\Droid4X\Droid4XService.exe 2013-07-18 00:11 - 2016-04-12 13:39 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe 2013-07-18 00:11 - 2016-04-14 09:38 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll 2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2013-07-17 11:55 - 2008-07-11 14:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe 2013-07-17 11:55 - 2008-07-11 14:03 - 00282112 ____N () C:\Windows\system\HsMgr64.exe 2013-07-17 11:55 - 2008-03-18 12:48 - 00229376 ____N () C:\Windows\system\Cm112eye.exe 2015-06-09 22:30 - 2015-05-23 02:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2013-07-17 11:55 - 2011-04-19 13:56 - 00143360 ____N () C:\Program Files\ASUS Xonar U1 Audio\customapp\program\Vmix112.dll 2013-07-17 11:55 - 2006-07-17 16:49 - 00491520 ____N () C:\Windows\system\CmAudioL.dll 2013-07-17 11:55 - 2008-04-03 14:48 - 00049152 ____N () C:\Windows\system\Cm112Eye.dll 2013-07-17 11:55 - 2011-04-19 13:56 - 00143360 ____N () C:\Windows\VMix112.dll 2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-09-25 13:09 - 2014-09-23 05:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll 2014-09-25 13:09 - 2014-09-23 05:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll 2014-09-25 13:09 - 2014-09-23 05:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll 2014-09-25 13:09 - 2014-09-23 05:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll 2014-09-25 13:09 - 2014-09-23 05:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll 2015-07-15 14:42 - 2015-07-13 09:14 - 16307888 _____ () C:\Users\marcin\AppData\Local\Google\Chrome\User Data\PepperFlash\18.0.0.209\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows\SysWOW64\èp¿”Xeh¡W§an c²ÿrô­OÉ35£LIÖÉ¢tÒêʾJx@M[i® [0] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7865 more sites. IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\...\123simsen.com -> www.123simsen.com There are 7865 more sites. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2014-05-14 20:34 - 00450990 ____R C:\Windows\system32\Drivers\etc\hosts 255.255.255.255 easyanticheat.se 255.255.255.255 www.easyanticheat.se 255.255.255.255 easyanticheat.com 255.255.255.255 www.easyanticheat.com 255.255.255.255 easyanticheat.info 255.255.255.255 www.easyanticheat.info 255.255.255.255 easyanticheat.org 255.255.255.255 www.easyanticheat.org127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com There are 15468 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3897112681-2335061952-3470262197-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\marcin\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupfolder: C:^Users^marcin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk => C:\Windows\pss\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk.Startup MSCONFIG\startupreg: AdAwareTray => "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe" MSCONFIG\startupreg: ALLUpdate => "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: ChomikBox => D:\Chomikbox\chomikbox.exe MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: ESL Wire => "C:\Program Files\EslWire\wire.exe" --tray MSCONFIG\startupreg: GG => "C:\Users\marcin\AppData\Local\GG\Application\gghub.exe" MSCONFIG\startupreg: Google Photos Backup => "C:\Users\marcin\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart MSCONFIG\startupreg: Google Update => "C:\Users\marcin\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: OscarEditor => "C:\Program Files (x86)\X7 Oscar Keyboard Editor\\OscarEditor.exe" Minimum MSCONFIG\startupreg: OscarKeyboard => "C:\Program Files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe" Minimum MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{A2300D14-76CF-4FB8-B2C1-0528DA0A5D7E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{AF4CA23D-1700-4927-A51F-10E7CA1B2D68}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{8B15FFB5-4559-410C-B9EC-81BD814FD74D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{413E93D9-56C2-400B-8F93-CD9F30013843}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{FF008A16-58DE-41F5-A84B-BC26E2FE332D}] => (Allow) C:\Program Files\EslWire\wire.exe FirewallRules: [{3EF49C3C-A2D0-43DA-AE72-0F12C2426EEC}] => (Allow) C:\Program Files\EslWire\wire.exe FirewallRules: [TCP Query User{29E7D933-65CC-43D0-A26B-2F73F6AFA51A}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{CCAF54C0-A753-43E4-A612-D0EBDB7C651A}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [{1B069D00-68B2-4A37-A887-40E02CDA1299}] => (Allow) %ProgramFiles%\Zune\Zune.exe FirewallRules: [{AA0DA1AF-6E14-4F06-AEDC-F9941A2AACD4}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{31C393F7-E8F6-4319-850A-5EA92137B079}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{2D470D9E-45E1-45E4-B830-26E56794756F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{91A2FA32-5F45-42D8-AFE0-C7123B954E4A}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{EA02B64B-A3CD-4026-A47C-67308CC1F92A}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{BDA87854-EC1E-4839-B514-209D3AF78B24}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{5589E4A5-19F0-4E77-BC92-0E269BD5220B}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [{16F81BFC-0DB0-4BEA-A7BF-805AFF912D9F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe FirewallRules: [TCP Query User{C62CD9A5-939F-4B32-9E2C-2A78117C2729}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{876A69A5-C4FB-4F19-A5BB-6163E6E1C1B8}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe FirewallRules: [TCP Query User{E227D2DB-3D3B-4E59-9114-171F06E9AFEF}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe FirewallRules: [UDP Query User{CE26F31E-AAC7-4078-856B-E3EA9B3687C4}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe FirewallRules: [{C825329D-2DF6-44EC-8A77-6F4A35862D57}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{C7146185-BE0E-433A-A627-99339619181B}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{B71CD05A-45AD-4334-AEC9-24B5BEB29151}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{8524419A-6B58-4649-98D2-21082BDCC311}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{FA07493C-4EC5-44A0-8DE6-1A18BA184F4D}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{5876766C-C2B1-4781-89EE-46669B7CD421}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{2B223C52-CFD9-4C9A-A1A2-2EEA3EEA185C}] => (Allow) C:\Program Files (x86)\Ubisoft\Prince of Persia\Prince of Persia.exe FirewallRules: [{590BE520-128C-4D7B-89F2-EFFA62E210AC}] => (Allow) C:\Program Files (x86)\Ubisoft\Prince of Persia\Prince of Persia.exe FirewallRules: [{A70F6848-2833-488B-8A46-BE71A5AFAA85}] => (Allow) C:\Program Files (x86)\Ubisoft\Prince of Persia\PrinceOfPersia_Launcher.exe FirewallRules: [{B5EDDFE3-C9D2-42DE-9220-85006F7A2391}] => (Allow) C:\Program Files (x86)\Ubisoft\Prince of Persia\PrinceOfPersia_Launcher.exe FirewallRules: [{557CA1DB-A955-4C98-9666-0A9F1CF8251E}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{D19376DA-93FE-4A83-9D18-09075B9CF0DE}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{35B92795-E99D-4383-A134-FBC5A159D65A}C:\users\marcin\downloads\gw2.exe] => (Allow) C:\users\marcin\downloads\gw2.exe FirewallRules: [UDP Query User{609CAA64-32AA-42C3-9819-4697F5F40DDD}C:\users\marcin\downloads\gw2.exe] => (Allow) C:\users\marcin\downloads\gw2.exe FirewallRules: [{FB5CEAFF-01F2-4080-BAD2-09480CFC059E}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{BA033E4C-F3BF-4E39-B8B9-D371C8353A01}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{EE062EB9-648C-4729-8D64-F6AC1BDE8EEF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe FirewallRules: [{C698F3E3-0BB3-46F3-B50E-713E6F8192D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe FirewallRules: [{EB061831-ABEE-4419-921A-6A79FD5C1284}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{EEB2AECD-BA37-4AE7-A9B5-D3BDF56D1632}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{2571A7B2-A57C-43E2-85CB-83673C94CF15}] => (Allow) C:\Users\marcin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{30630917-3BE3-4D07-9E0E-31FAAC8A6955}] => (Allow) C:\Users\marcin\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{BFCD21D7-2E62-415A-8EB7-A0699B65D326}C:\users\marcin\downloads\utorrent.exe] => (Allow) C:\users\marcin\downloads\utorrent.exe FirewallRules: [UDP Query User{7F18013C-8A6E-4438-8993-082A24C9DA9C}C:\users\marcin\downloads\utorrent.exe] => (Allow) C:\users\marcin\downloads\utorrent.exe FirewallRules: [TCP Query User{170BE39B-E41D-49CC-B6B4-E6EBD7287E51}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.1_31139.exe] => (Allow) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.1_31139.exe FirewallRules: [UDP Query User{A9DC7BAD-2274-4B83-8B3E-8460A4BBCAC1}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.1_31139.exe] => (Allow) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.1_31139.exe FirewallRules: [{662F4D27-2883-4CC7-A56F-D0F80023AF81}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{C92B2884-6516-4E0B-97CC-267FFAD18079}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{E50B08B2-A76D-483B-A7B7-0FDA8C7871C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{919AE0D2-3C07-4FFF-B9A9-90D6CDF4248B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{C2032355-5B2E-46E2-AFE9-EF2DC89C80A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{4CC63A2A-BEF1-4A86-B7F9-0EEA3475F178}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{4AFB7CA8-8260-442A-B995-914BDCC35C40}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{DDA82311-1DF5-403D-9294-7FA67F5E1EA7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{A377B476-571C-4D6D-85E4-4E395AE89589}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{B64695F4-60E6-4195-BD9F-78BD35042CCC}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{416EED57-A4A3-4729-8FF7-9C99B48A24B5}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{3A187F63-6F20-41A6-A8A3-C9BA8EAC65C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{D6FB5C07-F400-467C-B640-4F7F6B3A099B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpeedRunners\SpeedRunners.exe FirewallRules: [{730F2457-5B73-4E6A-9E49-EEA563AAC540}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{643548F3-C9B1-4CC6-88A2-A5134AD602CD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{DD38EA91-34DD-49E2-BA97-8D70BC98E0F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Panda Adventures\Super Panda Adventures.exe FirewallRules: [{A73F6A07-9085-4734-9F74-722E80516CC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Panda Adventures\Super Panda Adventures.exe FirewallRules: [{A92619DA-D6D4-47A8-9D8A-1D24D3F6BAAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe FirewallRules: [{7587137B-F623-49F1-B394-FDB531B77740}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Awesomenauts\AwesomenautsLauncher.exe FirewallRules: [TCP Query User{63127BC3-4965-4FC9-A900-A225EF0E4C12}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe FirewallRules: [UDP Query User{BFC08E2E-A4DE-4D78-8D24-3413E0F32E63}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe FirewallRules: [TCP Query User{BE45330A-E617-40CC-816A-89CD12F1EC76}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{72BE3E78-B68A-48FA-8AE7-6A3F075020C6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{5EA88F49-B109-4FAC-B315-78318ECB659D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bastion\Bastion.exe FirewallRules: [{13258A6D-DA2B-4848-BB69-D2FF930647E4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bastion\Bastion.exe FirewallRules: [{7C1CB6B8-C8D0-4FF5-847D-571A9FD3A3FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ValveTestApp207490\Rayman Origins.exe FirewallRules: [{0F8B196E-AA57-487D-AC49-E4F3103CF4B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ValveTestApp207490\Rayman Origins.exe FirewallRules: [TCP Query User{29439474-0D1C-498B-A773-5F2C0E77EB86}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Block) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.3_40298.exe FirewallRules: [UDP Query User{72790006-4318-4FB9-8E9A-93FCEF057C06}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Block) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.3_40298.exe FirewallRules: [{027B86E3-BD3C-440A-B22D-3B123E664C3D}] => (Allow) C:\Battle.net\Battle.net.exe FirewallRules: [{B74496CE-FBA8-457A-9AC0-1D99F0A9DB58}] => (Allow) C:\Battle.net\Battle.net.exe FirewallRules: [TCP Query User{AEB196CC-E97D-4903-853D-52A3D26A50D6}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{37375BF7-9268-46C0-B6FD-FBA27E1B4C84}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{83E0845E-27A6-42BA-AF5A-18B96E99EB64}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41073.exe] => (Block) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41073.exe FirewallRules: [UDP Query User{09A25E21-653A-4B21-9F0B-299C80DEB7AA}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41073.exe] => (Block) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41073.exe FirewallRules: [TCP Query User{E05A7ECD-E84E-42DC-9EF5-0745DA1C7DE3}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41162.exe] => (Block) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41162.exe FirewallRules: [UDP Query User{147A4B08-5D46-4165-A0B3-DD55922C7F6A}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41162.exe] => (Block) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41162.exe FirewallRules: [{EE750D64-A527-440C-ABD9-4DD7E7BD6E3D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8A5B3EEA-3EC5-4371-B21F-463E82B1DAAE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{4B985EEC-6000-4E60-8FDA-C9820E01C4B1}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41372.exe FirewallRules: [UDP Query User{DCED4870-E1B0-4CA9-8A64-C5AAE5A4E034}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41372.exe FirewallRules: [TCP Query User{8A56641A-A105-4DD4-8590-DC3799A3C29F}C:\users\marcin\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Allow) C:\users\marcin\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe FirewallRules: [{2E97F265-A548-4FD9-93D6-F320B6B0F2E6}] => (Allow) C:\Program Files (x86)\Droid4X\Droid4X.exe FirewallRules: [{FAFAC779-3C2A-4E14-9060-CA44E0C796DB}] => (Allow) C:\Program Files (x86)\Droid4X\download\MiniThunderPlatform.exe FirewallRules: [{8A549AC3-3324-4F60-AD5A-3BFB208AB9A0}] => (Allow) C:\Program Files\Oracle\VirtualBox\vboxheadless.exe FirewallRules: [{7C2A49BC-7DD5-4A8E-A43A-644B52FF3D35}] => (Allow) C:\Program Files (x86)\Droid4X\MultiMgr.exe FirewallRules: [TCP Query User{7E18DA4D-96E3-4D74-98E1-CCB34E683A14}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41712.exe] => (Block) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41712.exe FirewallRules: [UDP Query User{A1CB7C11-FF7B-412C-8844-BFB4309ACE44}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41712.exe] => (Block) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41712.exe FirewallRules: [TCP Query User{3DC26FD7-B160-4756-8D27-46FD79E42D53}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41865.exe] => (Block) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41865.exe FirewallRules: [UDP Query User{BFB56391-4229-4EE0-9DB9-1212FA850D17}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41865.exe] => (Block) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.5_41865.exe FirewallRules: [TCP Query User{D10B3511-8B12-4F34-A9BC-EFC3E410017B}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.7_42330.exe] => (Block) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.7_42330.exe FirewallRules: [UDP Query User{20D6748B-BCAE-4829-9C9F-20B4EC59A873}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.7_42330.exe] => (Block) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.7_42330.exe FirewallRules: [TCP Query User{B379C598-B448-4545-A6E6-3587D5C17C97}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.8_42449.exe] => (Allow) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.8_42449.exe FirewallRules: [UDP Query User{8EE3DF88-F4A2-4C57-AA85-58330086FF35}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.8_42449.exe] => (Allow) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.8_42449.exe FirewallRules: [TCP Query User{8AD9D159-2461-442B-96E4-D7A92F28FD3A}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.8_42576.exe] => (Allow) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.8_42576.exe FirewallRules: [UDP Query User{D461A3DD-2F9F-4401-95AA-7E71659ED725}C:\users\marcin\appdata\roaming\utorrent\updates\3.4.8_42576.exe] => (Allow) C:\users\marcin\appdata\roaming\utorrent\updates\3.4.8_42576.exe FirewallRules: [TCP Query User{6D35BA79-BE65-4953-9981-BB8028D68779}C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{814F52A7-00C0-40E5-9154-A6A680FDB30A}C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe FirewallRules: [{1CE0A6EE-E7A0-49E6-A55A-0C1EDAAAFFDF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [{9FE3224E-AA04-484B-A64F-2F9A42A747F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Paladins\Binaries\Win32\HirezBridge.exe FirewallRules: [TCP Query User{B05937A7-F061-4021-9D23-801024E5CEEB}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{F72273DB-166D-484C-9981-030F15A9B5A2}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe ==================== Restore Points ========================= 15-10-2016 16:03:28 Zaplanowany punkt kontrolny 24-10-2016 15:33:09 Zaplanowany punkt kontrolny 25-10-2016 20:32:44 Zainstalowane Heroes of Might and Magic V 25-10-2016 20:35:53 Zainstalowany program DirectX 29-10-2016 01:39:27 Installed Hi-Rez Studios Games 29-10-2016 01:41:24 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 29-10-2016 01:42:06 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 29-10-2016 01:42:42 Zainstalowany program DirectX ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Karta tunelowania Teredo firmy Microsoft Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (11/02/2016 11:37:21 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/02/2016 11:36:11 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (11/02/2016 11:22:25 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (11/02/2016 11:19:16 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/01/2016 10:21:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: steamwebhelper.exe, wersja: 3.65.13.80, sygnatura czasowa: 0x57fed9f2 Nazwa modułu powodującego błąd: steamwebhelper.exe, wersja: 3.65.13.80, sygnatura czasowa: 0x57fed9f2 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00037b59 Identyfikator procesu powodującego błąd: 0x448 Godzina uruchomienia aplikacji powodującej błąd: 0x01d234693387d51d Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe Identyfikator raportu: 1f93cf87-a079-11e6-8591-94de803ccca7 Error: (11/01/2016 06:55:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: steamwebhelper.exe, wersja: 3.65.13.80, sygnatura czasowa: 0x57fed9f2 Nazwa modułu powodującego błąd: steamwebhelper.exe, wersja: 3.65.13.80, sygnatura czasowa: 0x57fed9f2 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00037b59 Identyfikator procesu powodującego błąd: 0x1200 Godzina uruchomienia aplikacji powodującej błąd: 0x01d23464fcaf6fea Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe Identyfikator raportu: 705e09b2-a05c-11e6-8591-94de803ccca7 Error: (11/01/2016 02:50:47 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: Z powodu wystąpienia problemu dane Programu poprawy jakości obsługi klienta nie zostały wysłane do firmy Microsoft. (Błąd 80004005). Error: (11/01/2016 02:42:02 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/01/2016 02:41:00 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x80070005. Error: (10/31/2016 11:29:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: steamwebhelper.exe, wersja: 3.65.13.80, sygnatura czasowa: 0x57fed9f2 Nazwa modułu powodującego błąd: steamwebhelper.exe, wersja: 3.65.13.80, sygnatura czasowa: 0x57fed9f2 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00037b59 Identyfikator procesu powodującego błąd: 0x158c Godzina uruchomienia aplikacji powodującej błąd: 0x01d233be0e36a77e Ścieżka aplikacji powodującej błąd: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe Ścieżka modułu powodującego błąd: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe Identyfikator raportu: 8a10b769-9fb9-11e6-8b4f-94de803ccca7 System errors: ============= Error: (11/02/2016 11:38:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Google Update Service (gupdate) z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (11/02/2016 11:19:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Google Update Service (gupdate) z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (11/01/2016 02:42:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Google Update Service (gupdate) z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/31/2016 06:19:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Google Update Service (gupdate) z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/30/2016 03:17:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Google Update Service (gupdate) z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/29/2016 10:56:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Google Update Service (gupdate) z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/29/2016 12:13:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Google Update Service (gupdate) z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/29/2016 01:57:01 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: Serwer {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (10/28/2016 02:18:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Google Update Service (gupdate) z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (10/27/2016 02:20:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Google Update Service (gupdate) z powodu następującego błędu: Nie można odnaleźć określonego pliku. CodeIntegrity: =================================== Date: 2016-04-11 21:17:51.789 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ESLWireACD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-11 21:17:51.747 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ESLWireACD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-11 21:17:11.752 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ESLWireACD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-11 21:17:11.683 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ESLWireACD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-11 21:16:39.538 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ESLWireACD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-11 21:16:39.495 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ESLWireACD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-11 21:16:32.232 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ESLWireACD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-11 21:16:32.188 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ESLWireACD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-11 21:16:24.385 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ESLWireACD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-04-11 21:16:24.346 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ESLWireACD.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz Percentage of memory in use: 50% Total physical RAM: 4038.53 MB Available physical RAM: 2003.74 MB Total Virtual: 8075.25 MB Available Virtual: 5798.17 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:540.89 GB) (Free:86.85 GB) NTFS Drive d: () (Fixed) (Total:390.53 GB) (Free:123.69 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4007E27B) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=390.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================