Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015 Ran by Grzegorz at 2015-05-12 10:49:39 Running from D:\Users\Grzegorz\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1558899207-2086174334-889782467-500 - Administrator - Disabled) Gość (S-1-5-21-1558899207-2086174334-889782467-501 - Limited - Disabled) Grzegorz (S-1-5-21-1558899207-2086174334-889782467-1001 - Administrator - Enabled) => D:\Users\Grzegorz HomeGroupUser$ (S-1-5-21-1558899207-2086174334-889782467-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Bitdefender Ochrona antywirusowa (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D} AS: Bitdefender Antyszpieg (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Zapora sieciowa (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.) Ashampoo Burning Studio 2012 v10.0.15 (HKLM-x32\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG) Ashampoo Home Designer Pro v.1.0.1 (HKLM-x32\...\{4D1A0101-17A2-4fca-9119-4734EDBDA12D}_is1) (Version: 1.0.1 - Creative Amadeo GmbH) ATI AVIVO64 Codecs (Version: 10.10.0.40914 - ATI Technologies Inc.) Hidden Atlas Zwierzęta Świata (HKLM-x32\...\Atlas Zwierzęta Świata1.0) (Version: 1.0 - Langloo.com) Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 18.19.0.1369 - Bitdefender) BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden CameraHelperMsi (x32 Version: 13.30.1395.0 - Logitech) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform) Centrum obsługi urządzeń z systemem Windows Mobile — aktualizacja sterowników (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation) Centrum obsługi urządzeń z systemem Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) Chicken Invaders: Ultimate Omelette (Easter Edition) v4.17 (HKLM-x32\...\Chicken Invaders: Ultimate Omelette (Easter Edition)_is1) (Version: - InterAction studios) CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.) D1500 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Damnation (x32 Version: 1.00.0000 - Codemasters) Hidden DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden DJ_SF_03_D1500_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden Driver: Parallel Lines (HKLM-x32\...\{31CB0D80-1866-462A-9455-88614410971F}) (Version: 1.00.0000 - Ubisoft) Edimax Wireless LAN (HKLM-x32\...\{E91E8912-769D-42F0-8408-0E329443BABC}) (Version: 1.00.0000 - Edimax) ELISOFT Faktury 2014 wersja 9.0.0.0 (HKLM-x32\...\ELISOFT Faktury 2014_is1) (Version: 9.0.0.0 - ELISOFT) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden Firebird 2.0.7.13318 (win32) (HKLM-x32\...\FBDBServer_2_0_is1) (Version: 2.0.7.13318 - Firebird Project) FormatFactory 2.90 (HKLM-x32\...\FormatFactory) (Version: 2.90 - Free Time) Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.3.76.410 - Foxit Software Inc.) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.) Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: - HDS) HP Deskjet 3520 series Basic Device Software (HKLM\...\{A0A03B53-927D-4454-A456-CB0A72A4912F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC) HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan) JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) jetAudio Basic (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.1.0 - COWON) Komputer Świat Plus (HKLM-x32\...\Komputer Świat Plus_is1) (Version: 1.4.5.110 - Komputer Świat) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.) LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mozilla Firefox 37.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 pl)) (Version: 37.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}) (Version: 9.10.0223 - NVIDIA Corporation) OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.) OLYMPUS Viewer 2 (HKLM-x32\...\{AEE39224-92BE-4389-9493-E57FF73BB96A}) (Version: 1.3.1 - OLYMPUS IMAGING CORP.) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Pakiet języka polskiego do jetAudio 8.x (HKLM-x32\...\Pakiet języka polskiego do jetAudio 8.x) (Version: - ) Pakiet sterowników systemu Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.) Piotrus Pan (HKLM-x32\...\{0391F4AA-B20A-460D-A6A4-4694C47211F1}) (Version: 1.0.0 - AidemMedia) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.) Sandboxie 4.16 (64-bit) (HKLM\...\Sandboxie) (Version: 4.16 - Sandboxie Holdings, LLC) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden SiSoftware Sandra Lite 2013.SP1a (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 19.29.2013.3 - SiSoftware) Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.) Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden Sony Ericsson PC Suite 6.011.00 (HKLM-x32\...\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}) (Version: 6.011.00 - Sony Ericsson) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN) WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR 4.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) Zemana AntiLogger Free Packages (HKU\S-1-5-21-1558899207-2086174334-889782467-1001\...\Zemana AntiLogger Free Packages) (Version: - ) <==== ATTENTION ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2012-03-02 18:25 - 00000736 ____R D:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05F75BDC-D40D-4351-B60A-E1F1972D5038} - System32\Tasks\Adobe Acrobat Update Task => D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {09B90357-D482-4BF9-922F-C06EC0A83C1D} - System32\Tasks\AutoKMSDaily => D:\Windows\AutoKMS.exe [2015-04-14] () Task: {1FB1E602-C75E-4058-A07D-F484BFE05B0A} - System32\Tasks\{5A2009E5-6320-4D3B-A0DB-B65318DCC085} => pcalua.exe -a E:\Friends2\Setup.exe -d E:\Friends2 Task: {24E9BA84-4959-4239-9D75-D7AD29384DDC} - System32\Tasks\Launch HTC Sync Loader => D:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03] () Task: {341BCCB6-C7AF-43F9-81A7-C657AAA4A638} - System32\Tasks\{64219EC1-8128-4FB3-9570-CDD6E4F3230A} => pcalua.exe -a D:\Users\Grzegorz\Downloads\irfanview_lang_polski.exe -d "D:\Windows.old\Program Files (x86)\Mozilla Firefox" Task: {515A6F63-8FDD-4B6F-8979-4ECE1E84331F} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Grzegorz => D:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [2013-01-18] (H.D.S. Hungary) Task: {630E32C9-1D4F-47FC-9AFF-6D7BFC15CAFE} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1558899207-2086174334-889782467-1001 Task: {771254C5-4C59-47F7-B655-3F28CE64AB3A} - System32\Tasks\{9A78C34F-C038-4D46-BDCF-351D737B21BA} => pcalua.exe -a F:\startuj.exe -d F:\ Task: {79B41034-7BF4-4BBF-8F10-7E3FE3833EC8} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd) Task: {7D61BB9C-32E8-435A-89F9-8FAAC88A63BF} - System32\Tasks\AutoKMS => D:\Windows\AutoKMS.exe [2015-04-14] () Task: {849F1AB7-4252-48BD-96C1-A1A26574DFD7} - System32\Tasks\Norton Identity Safe\Norton Error Processor => D:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.0.26\SymErr.exe Task: {9BF1D99A-1594-4B05-B002-9CD3CB538150} - System32\Tasks\{2E74451B-3AF2-474E-83F6-D22461150861} => pcalua.exe -a D:\Users\Grzegorz\Downloads\splinter_cell_chaos_theory_1.00_To_1.05_euro.exe -d "D:\Windows.old\Program Files (x86)\Mozilla Firefox" Task: {AA94ECA0-421A-410F-91FE-7ACD25C28CED} - \{FCCEDEE0-E01C-496C-8726-EE30BEA9B2C4} No Task File <==== ATTENTION Task: {B0F7360C-C3D9-4992-9B3B-D617228A0DF8} - System32\Tasks\Adobe Flash Player Updater => D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated) Task: {BFDCDE43-F85A-42D3-9444-01763F9C6AAA} - System32\Tasks\{B9EC3D08-51AB-4D83-8FC4-A52E5EF1FB2F} => pcalua.exe -a D:\Users\Grzegorz\Downloads\Sims3_1.29.55.014017_from_1.26.89.013017.exe -d "D:\Windows.old\Program Files (x86)\Mozilla Firefox" Task: {CEF68548-7B8B-4E22-929D-84FFB126103F} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => D:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.0.26\SymErr.exe Task: {D0289035-C57F-4163-9794-410F559F2268} - System32\Tasks\{459348B8-5B57-4F28-8D64-9D39FAFF2EEB} => H:\start.exe Task: {E102499C-F43E-48A4-8BE4-94A2452E3F29} - \{37F04893-F64D-4A04-803F-48442CA068F6} No Task File <==== ATTENTION Task: {F9784703-5FEA-4AA9-A7AE-9119E09A3570} - System32\Tasks\{DA10C2B5-B8F0-494A-8E9A-64362960C238} => pcalua.exe -a "E:\saints row 2\steam.exe" -c steam://uninstall/9480 Task: D:\Windows\Tasks\Adobe Flash Player Updater.job => Task: D:\Windows\Tasks\AutoKMS.job => Task: D:\Windows\Tasks\AutoKMSDaily.job => ==================== Loaded Modules (whitelisted) ============== 2015-04-30 11:32 - 2014-08-27 16:31 - 00265080 _____ () D:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll 2015-04-30 11:32 - 2013-09-03 14:29 - 00101328 _____ () D:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll 2015-04-30 11:32 - 2014-12-02 15:47 - 00003072 _____ () D:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui 2015-04-30 11:32 - 2012-10-29 14:22 - 00152816 _____ () D:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll 2015-05-06 11:32 - 2015-05-06 11:32 - 00790368 _____ () D:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_003\ashttpbr.mdl 2015-05-06 11:32 - 2015-05-06 11:32 - 00711064 _____ () D:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_003\ashttpdsp.mdl 2015-05-06 11:32 - 2015-05-06 11:32 - 02683520 _____ () D:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_003\ashttpph.mdl 2015-05-06 11:32 - 2015-05-06 11:32 - 01326504 _____ () D:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_003\ashttprbl.mdl 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () D:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2012-09-28 16:44 - 2012-09-28 16:44 - 00210944 _____ () D:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2012-09-23 14:53 - 2012-09-23 14:53 - 00748544 _____ () D:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll 2012-09-23 14:53 - 2012-09-23 14:53 - 03645952 _____ () D:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll 2012-09-28 16:43 - 2012-09-28 16:43 - 00073728 _____ () D:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2012-10-04 11:19 - 2009-04-30 11:23 - 00090112 _____ () D:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe 2012-09-20 09:54 - 2007-12-26 14:17 - 00053760 _____ () D:\Program Files (x86)\EDIMAX\Common\RalinkRegistryWriter.exe 2015-04-08 21:53 - 2015-04-08 21:53 - 00050688 _____ () D:\Program Files\CCleaner\lang\lang-1045.dll 2012-09-28 16:43 - 2012-09-28 16:43 - 00103424 _____ () D:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () D:\Windows\SysWOW64\msjetoledb40.dll 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () D:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2011-08-12 13:18 - 2011-08-12 13:18 - 02145304 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll 2011-08-12 13:18 - 2011-08-12 13:18 - 07956504 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll 2011-08-12 13:18 - 2011-08-12 13:18 - 00342552 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll 2011-08-12 13:18 - 2011-08-12 13:18 - 00029208 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll 2011-08-12 13:18 - 2011-08-12 13:18 - 00128536 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: D:\Windows\SysWOW64\FlashPlayerInstaller.exe:BDU AlternateDataStreams: D:\ProgramData\TEMP:905844AA AlternateDataStreams: D:\Users\Grzegorz\Downloads\ccsetup505.exe:BDU AlternateDataStreams: D:\Users\Grzegorz\Downloads\FoxitReader706.1126_prom_enu_Setup.exe:BDU AlternateDataStreams: D:\Users\Grzegorz\Downloads\FRST64.exe:BDU AlternateDataStreams: D:\Users\Grzegorz\Downloads\RemoveWAT 2.2.exe:BDU AlternateDataStreams: D:\Users\Grzegorz\Downloads\SpyHunter-Installer.exe:BDU ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1558899207-2086174334-889782467-1001\Control Panel\Desktop\\Wallpaper -> D:\Users\Grzegorz\AppData\Roaming\Mozilla\Firefox\Tapeta pulpitu.bmp DNS Servers: 156.154.70.22 - 156.154.71.22 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: D:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => D:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "D:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml MSCONFIG\startupreg: BCSSync => "D:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: CyberGhost => "D:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: GG => MSCONFIG\startupreg: HP Software Update => D:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: Live Update 5 => MSCONFIG\startupreg: Sony Ericsson PC Suite => "D:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon MSCONFIG\startupreg: Steam => MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe ==================== FirewallRules (whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [{4557CC38-F677-415C-9014-2F18EF10ECDA}] => (Allow) D:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{B099923C-008D-451D-916A-BBC3A1703E90}] => (Allow) D:\Program Files (x86)\Common Files\MicroWorld\Agent\MWAGENT.EXE FirewallRules: [{ABE5A264-788C-4232-9919-A938BFF592D8}] => (Allow) D:\Program Files (x86)\Common Files\MicroWorld\Agent\MWAGENT.EXE FirewallRules: [{E7C3BCF0-CB1C-4A39-8BB0-2DEBDCA95398}] => (Allow) D:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{3034A668-0537-4BF0-9F0F-5D455B84221E}] => (Allow) D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1a\RpcAgentSrv.exe FirewallRules: [{AA6DA4D0-CED0-4779-B682-81FA5AE8FA7B}] => (Allow) D:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe FirewallRules: [{4D2BDECA-9294-47C4-9A98-57ADE0467A67}] => (Allow) D:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{403EFB2E-B189-4491-8DC5-7E33DC9DDD20}] => (Allow) D:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{7501E202-3569-412D-A88F-7C9F9C8029CD}] => (Allow) D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1a\WNt500x64\RpcSandraSrv.exe FirewallRules: [{826F7479-6295-43FF-B142-840AE87EB798}] => (Allow) D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1a\WNt500x64\RpcSandraSrv.exe FirewallRules: [{33CB199F-8864-451B-ACA9-4BFF2259BD71}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F7321055-08F2-41D5-A16D-16C5549DF14F}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{DE315BC8-DDBE-477D-BA6C-D3D4C8BFCCB2}D:\program files (x86)\mozilla firefox\firefox.exe] => (Block) D:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{E5581D3C-4548-4A7F-90F5-17314D1711DC}D:\program files (x86)\mozilla firefox\firefox.exe] => (Block) D:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{A6209327-2FE8-42B7-8751-9BE7E6630B1E}D:\windows\kmsemulator.exe] => (Allow) D:\windows\kmsemulator.exe FirewallRules: [UDP Query User{07D7AD4C-795F-45F4-AAD2-4380CBE47971}D:\windows\kmsemulator.exe] => (Allow) D:\windows\kmsemulator.exe FirewallRules: [{7CAFCA76-1E78-464C-A848-1261705A290C}] => (Block) D:\windows\kmsemulator.exe FirewallRules: [{D8318FB9-3D2E-46A2-836C-73F58584D34E}] => (Block) D:\windows\kmsemulator.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/12/2015 09:34:04 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informacje Usługi kopiowania woluminów w tle: nie można uruchomić serwera usługi COM z identyfikatorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} i nazwą Coordinator. [0x80070005, Odmowa dostępu. ] Error: (05/12/2015 09:23:48 AM) (Source: Firebird SQL Server) (EventID: 0) (User: ) Description: Missing configuration file: D:\Program Files (x86)\Firebird\Firebird_2_0\firebird.conf, exiting Error: (05/11/2015 09:08:56 PM) (Source: Firebird SQL Server) (EventID: 0) (User: ) Description: Missing configuration file: D:\Program Files (x86)\Firebird\Firebird_2_0\firebird.conf, exiting Error: (05/11/2015 03:40:20 PM) (Source: Firebird SQL Server) (EventID: 0) (User: ) Description: Missing configuration file: D:\Program Files (x86)\Firebird\Firebird_2_0\firebird.conf, exiting Error: (05/11/2015 11:01:02 AM) (Source: Firebird SQL Server) (EventID: 0) (User: ) Description: Missing configuration file: D:\Program Files (x86)\Firebird\Firebird_2_0\firebird.conf, exiting Error: (05/10/2015 07:39:26 PM) (Source: Firebird SQL Server) (EventID: 0) (User: ) Description: Missing configuration file: D:\Program Files (x86)\Firebird\Firebird_2_0\firebird.conf, exiting Error: (05/10/2015 00:04:23 PM) (Source: Firebird SQL Server) (EventID: 0) (User: ) Description: Missing configuration file: D:\Program Files (x86)\Firebird\Firebird_2_0\firebird.conf, exiting Error: (05/09/2015 09:40:30 PM) (Source: Windows Activation Technologies) (EventID: 3) (User: ) Description: Błąd testu kondycji: hr = 0x8004FE21, StanKondycji: 0x000000000001EFF0 Error: (05/09/2015 09:37:24 PM) (Source: Firebird SQL Server) (EventID: 0) (User: ) Description: Missing configuration file: D:\Program Files (x86)\Firebird\Firebird_2_0\firebird.conf, exiting Error: (05/09/2015 05:47:19 PM) (Source: Firebird SQL Server) (EventID: 0) (User: ) Description: Missing configuration file: D:\Program Files (x86)\Firebird\Firebird_2_0\firebird.conf, exiting System errors: ============= Error: (05/12/2015 10:43:45 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Windows Defender zakończyła działanie; wystąpił następujący błąd: %%-2147023113 Error: (05/12/2015 10:38:52 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu D: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (05/12/2015 10:35:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.197.2184.0). Error: (05/12/2015 09:34:04 AM) (Source: DCOM) (EventID: 10016) (User: Komputer) Description: właściwe dla aplikacjiLokalnyAktywacja{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}{56BE716B-2F76-4DFA-8702-67AE10044F0B}KomputerGrzegorzS-1-5-21-1558899207-2086174334-889782467-1001LocalHost (użycie LRPC) Error: (05/12/2015 09:27:37 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Windows Defender zakończyła działanie; wystąpił następujący błąd: %%-2147023113 Error: (05/12/2015 09:25:19 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: GLogin Error: (05/12/2015 09:25:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Usługa Firebird Guardian - DefaultInstance niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error: (05/12/2015 09:23:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi AODDriver4.2 z powodu następującego błędu: %%2 Error: (05/11/2015 09:32:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x800706f7: Aktualizacja systemu Windows 7 dla komputerów z procesorami x64 (KB3006137). Error: (05/11/2015 09:32:23 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x800706f7: Aktualizacja zabezpieczeń systemu Windows 7 dla systemów opartych na procesorach x64 (KB3046269). Microsoft Office Sessions: ========================= Error: (05/12/2015 09:34:04 AM) (Source: VSS) (EventID: 13) (User: ) Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}Coordinator0x80070005, Odmowa dostępu. Error: (05/12/2015 09:23:48 AM) (Source: Firebird SQL Server) (EventID: 0) (User: ) Description: Missing configuration file: D:\Program Files (x86)\Firebird\Firebird_2_0\firebird.conf, exiting Error: (05/11/2015 09:08:56 PM) (Source: Firebird SQL Server) (EventID: 0) (User: ) Description: Missing configuration file: D:\Program Files (x86)\Firebird\Firebird_2_0\firebird.conf, exiting Error: (05/11/2015 03:40:20 PM) (Source: Firebird SQL Server) (EventID: 0) (User: ) Description: Missing configuration file: D:\Program Files (x86)\Firebird\Firebird_2_0\firebird.conf, exiting Error: (05/11/2015 11:01:02 AM) (Source: Firebird SQL Server) (EventID: 0) (User: ) Description: Missing configuration file: D:\Program Files (x86)\Firebird\Firebird_2_0\firebird.conf, exiting Error: (05/10/2015 07:39:26 PM) (Source: Firebird SQL Server) (EventID: 0) (User: ) Description: Missing configuration file: D:\Program Files (x86)\Firebird\Firebird_2_0\firebird.conf, exiting Error: (05/10/2015 00:04:23 PM) (Source: Firebird SQL Server) (EventID: 0) (User: ) Description: Missing configuration file: D:\Program Files (x86)\Firebird\Firebird_2_0\firebird.conf, exiting Error: (05/09/2015 09:40:30 PM) (Source: Windows Activation Technologies) (EventID: 3) (User: ) Description: 0x8004FE210x000000000001EFF0 Error: (05/09/2015 09:37:24 PM) (Source: Firebird SQL Server) (EventID: 0) (User: ) Description: Missing configuration file: D:\Program Files (x86)\Firebird\Firebird_2_0\firebird.conf, exiting Error: (05/09/2015 05:47:19 PM) (Source: Firebird SQL Server) (EventID: 0) (User: ) Description: Missing configuration file: D:\Program Files (x86)\Firebird\Firebird_2_0\firebird.conf, exiting CodeIntegrity Errors: =================================== Date: 2015-04-07 10:10:49.545 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\COMODO\COMODO Internet Security\cmdguard.sys because the set of per-page image hashes could not be found on the system. Date: 2015-04-07 10:10:48.876 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\COMODO\COMODO Internet Security\cmdguard.sys because the set of per-page image hashes could not be found on the system. Date: 2015-04-07 10:10:48.199 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\COMODO\COMODO Internet Security\cmdguard.sys because the set of per-page image hashes could not be found on the system. Date: 2015-04-07 10:10:47.486 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\COMODO\COMODO Internet Security\cmdguard.sys because the set of per-page image hashes could not be found on the system. Date: 2015-04-04 19:08:28.096 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\system32\drivers\cmdGuard.sys because the set of per-page image hashes could not be found on the system. Date: 2015-04-04 19:08:27.349 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\system32\drivers\cmdGuard.sys because the set of per-page image hashes could not be found on the system. Date: 2015-04-04 19:08:26.611 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\system32\drivers\cmdGuard.sys because the set of per-page image hashes could not be found on the system. Date: 2015-04-04 19:08:25.884 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\system32\drivers\cmdGuard.sys because the set of per-page image hashes could not be found on the system. Date: 2015-04-04 09:41:15.127 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\COMODO\COMODO Internet Security\cmdguard.sys because the set of per-page image hashes could not be found on the system. Date: 2015-04-04 09:41:14.361 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\COMODO\COMODO Internet Security\cmdguard.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD Phenom(tm) II X2 550 Processor Percentage of memory in use: 60% Total physical RAM: 4095.24 MB Available physical RAM: 1628.66 MB Total Pagefile: 8189.43 MB Available Pagefile: 5226.42 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:78.13 GB) (Free:49.87 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:78.13 GB) (Free:10.21 GB) NTFS Drive e: () (Fixed) (Total:309.5 GB) (Free:281.34 GB) NTFS Drive g: (DH2005) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C9A46344) Partition 1: (Active) - (Size=78.1 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=387.6 GB) - (Type=OF Extended) ==================== End Of Log ============================