Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2015 Ran by Damian at 2015-05-20 16:42:35 Running from C:\Users\Damian\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1461562640-103210102-4150413856-500 - Administrator - Disabled) Damian (S-1-5-21-1461562640-103210102-4150413856-1000 - Administrator - Enabled) => C:\Users\Damian Guest (S-1-5-21-1461562640-103210102-4150413856-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1461562640-103210102-4150413856-1002 - Limited - Enabled) UpdatusUser (S-1-5-21-1461562640-103210102-4150413856-1003 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1461562640-103210102-4150413856-1000\...\uTorrent) (Version: 3.4.3.40097 - BitTorrent Inc.) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Aktualizacje NVIDIA 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation) APLUS 14.032 (HKLM-x32\...\APLUS_is1) (Version: - APLUS) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AutoCAD 2014 — Polski (Polish) (Version: 19.1.108.0 - Autodesk) Hidden AutoCAD 2014 — Polski (Polish) (Version: 19.1.18.0 - Autodesk) Hidden AutoCAD 2014 Language Pack – Polski (Polish) (Version: 19.1.18.0 - Autodesk) Hidden Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk) Autodesk AutoCAD 2014 — Polski (Polish) (HKLM\...\AutoCAD 2014 — Polski (Polish)) (Version: 19.1.18.0 - Autodesk) Autodesk AutoCAD 2014 — Polski (Polish) SP1 (HKLM\...\AutoCAD 2014 — Polski (Polish) SP1) (Version: 1 - Autodesk) Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk) Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk) Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk) Autodesk Robot Structural Analysis Professional 2014 - Polish regional settings (Version: 2014.0.0.4556 - Autodesk) Hidden Autodesk Robot Structural Analysis Professional 2014 (HKLM\...\Autodesk Robot Structural Analysis Professional 2014) (Version: 2014.0.0.4556 - Autodesk, Inc.) Autodesk Robot Structural Analysis Professional 2014 (Version: 2014.0.0.4556 - Autodesk, Inc.) Hidden Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Broadcom Gigabit Integrated Controller (HKLM\...\{49F3D04B-B849-4C89-AB31-2366A004EA28}) (Version: 12.24.01 - Broadcom Corporation) Buderus C.O. - Deinstalacja programu (HKLM-x32\...\Buderus C.O. 3.6_is1) (Version: wersja 3.6 - SANKOM Sp. z o.o.) Buderus OZC - Deinstalacja programu (HKLM-x32\...\Buderus OZC 6.1_is1) (Version: wersja 6.1 - SANKOM Sp. z o.o.) CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd) Dolby Control Center (HKLM\...\{20387B45-18A4-4D48-ABD9-A23D2CBE42B3}) (Version: 2.2.1 - Dolby) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.0.2 - Nazwa firmy) Energy Management (x32 Version: 6.0.0.2 - Nazwa firmy) Hidden EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc) FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production) Galeria fotografii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.) Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of Might and Magic III - Złota Edycja (HKLM-x32\...\{8B743AA0-53B2-11D2-808A-00600895FB43}) (Version: 1.0 - ) iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Lenovo Bluetooth with Enhanced Data Rate Software 6.1.0.5100 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.1.0.5100 - Lenovo.) Lenovo EasyCamera (HKLM\...\Lenovo EasyCamera) (Version: - ) Mathematica Extras 9.0 (4055459) (HKLM\...\A-WIN-Extras 9.0.1 4055459_is1) (Version: 9.0.1 - Wolfram Research, Inc.) Max Payne 2 (HKLM-x32\...\Max Payne 2) (Version: - ) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1461562640-103210102-4150413856-1000\...\OneDriveSetup.exe) (Version: 17.3.5849.0427 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version: 6.12.25.05 - Motorola Inc) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 36.0.4 (x86 pl) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 pl)) (Version: 36.0.4 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NVIDIA Sterownik 3D Vision 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation) NVIDIA Sterownik dźwięku HD 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation) NVIDIA Sterownik graficzny 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation) Obsługa programów Apple (32-bitowa) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.) Obsługa programów Apple (64-bitowa) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.) Panel sterowania NVIDIA 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden Paragon Backup & Recovery™ 2013 Free (HKLM-x32\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software) Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5869 - Realtek Semiconductor Corp.) RICOH R5U8xx Media Driver ver.3.62.02 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.62.02 - RICOH) SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk) Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.1.1 - Synaptics Incorporated) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) UsbFix (HKLM-x32\...\Usbfix) (Version: 7.940 - El Desaparecido - www.usbfix.net - www.sosvirus.net) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Windows Driver Package - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1) (HKLM\...\0A4175B489A1B4A6E07E11B063A6263480C51D71) (Version: 10/19/2009 5.4.0.1 - Lenovo) WinRAR 4.20 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Wolfram Mathematica 9 (M-WIN-L 9.0.1 4055652) (HKLM\...\M-WIN-L 9.0.1 4055652_is1) (Version: 9.0.1 - Wolfram Research, Inc.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1461562640-103210102-4150413856-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Damian\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1461562640-103210102-4150413856-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> D:\Program Files (x86)\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1461562640-103210102-4150413856-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> D:\Program Files (x86)\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1461562640-103210102-4150413856-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Damian\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1461562640-103210102-4150413856-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Damian\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1461562640-103210102-4150413856-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Damian\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1461562640-103210102-4150413856-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> D:\Program Files (x86)\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1461562640-103210102-4150413856-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Damian\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1461562640-103210102-4150413856-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Program Files (x86)\Autodesk\AutoCAD 2014\pl-PL\acadficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1461562640-103210102-4150413856-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Damian\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1461562640-103210102-4150413856-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Damian\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 19-05-2015 23:57:31 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {1C39A9D1-16BB-492C-BF5C-C6EFF731797E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {21CB4EF2-51A5-4748-B4A8-38266942E91F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {252D05DF-2DB2-4CC3-9C7B-C7F7D28AA1A9} - System32\Tasks\{3722F6CF-63F8-4138-A699-F11D119F192B} => pcalua.exe -a E:\Install.exe -d E:\ Task: {272B8432-CEBF-46CB-85B4-775A336BE199} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-14] (Google Inc.) Task: {74E171C4-F1DE-413C-9A19-1C0AD9139DBB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-14] (Google Inc.) Task: {77B7EF0E-BBDF-48D4-AA13-84E6A79178D7} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {90B01A36-9C1E-4CC2-884F-6C54D9955D53} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated) Task: {CC954992-1C06-48A9-9E8A-61359615EDF9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd) Task: {D2F2082A-C8AE-483C-9E6B-00C23E45FA54} - System32\Tasks\{E3B61FB9-090C-4F1A-A48A-0F3372962CEB} => pcalua.exe -a "C:\Users\Damian\Downloads\IN1CAM17WW5 (1).exe" -d C:\Users\Damian\Downloads Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-04-22 21:49 - 2013-08-30 00:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-02-19 23:40 - 2015-02-19 23:40 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1045.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll 2015-05-19 21:45 - 2015-05-13 18:48 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\libglesv2.dll 2015-05-19 21:45 - 2015-05-13 18:48 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\libegl.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1461562640-103210102-4150413856-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup MSCONFIG\startupreg: Energy Management => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe MSCONFIG\startupreg: EnergyUtility => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe MSCONFIG\startupreg: SMSERIAL => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [TCP Query User{262F77F1-17C6-4D62-86D1-20245C289D2E}D:\program files\gadu-gadu 10\gg.exe] => (Allow) D:\program files\gadu-gadu 10\gg.exe FirewallRules: [UDP Query User{5C78F188-CED4-417E-851B-9DD54D1F4482}D:\program files\gadu-gadu 10\gg.exe] => (Allow) D:\program files\gadu-gadu 10\gg.exe FirewallRules: [{7E50CA92-778C-4D89-B507-226B11EF1CA0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{31C5092F-4BE2-4A9B-AA47-111D9C76ED53}] => (Allow) LPort=2869 FirewallRules: [{D84FB849-BC6B-47C4-8C6E-2E862DE8AC25}] => (Allow) LPort=1900 FirewallRules: [{F57E4B29-5FB8-476C-BE88-1B44A10A2C06}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{0C98FF5C-3D87-4A8F-A799-05F026350D03}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{2FB2D45F-AB05-4C02-8213-31B70E1EC45E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{576F27BD-58BC-4C07-9E0C-301E3A95207D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{475C9D79-01F8-4C3D-A7AB-90908AEB6EE3}] => (Allow) LPort=50248 FirewallRules: [{5B1B3AF8-F7EA-41C5-BF52-897602DF8689}] => (Allow) D:\Program Files\Wolfram Research\Mathematica\9.0\Mathematica.exe FirewallRules: [{87BBEED0-E724-4504-B469-1C6CE350338D}] => (Allow) D:\Program Files\Wolfram Research\Mathematica\9.0\Mathematica.exe FirewallRules: [{B75B54C5-EDFE-4F55-8928-DEAC26E533A3}] => (Allow) D:\Program Files\Wolfram Research\Mathematica\9.0\MathKernel.exe FirewallRules: [{EEB78FB7-D5EE-4B3A-A69B-80840491C55E}] => (Allow) D:\Program Files\Wolfram Research\Mathematica\9.0\MathKernel.exe FirewallRules: [{2AF5EAF3-1522-44A9-9064-E050575328DC}] => (Allow) D:\Program Files\Wolfram Research\Mathematica\9.0\math.exe FirewallRules: [{96266045-4AD0-4796-BD2C-ED1D73AD46CD}] => (Allow) D:\Program Files\Wolfram Research\Mathematica\9.0\math.exe FirewallRules: [{D4FE83AE-EE43-4F2E-ABFD-515875CD2DA5}] => (Allow) C:\Users\Damian\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{DA39103C-5E47-40F8-9CB3-6B34C3C485EB}] => (Allow) C:\Users\Damian\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{33AE15B2-765C-49C5-8A40-ECAE996D5BF8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [{D80515DB-7F82-4B2F-B12C-BC3A2530A89E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [{83578341-D09D-4377-96A0-A951BC033206}] => (Allow) D:\Program Files\Battle.net\Battle.net.exe FirewallRules: [{88E45D11-C011-455B-947C-7F62E43DCF9E}] => (Allow) D:\Program Files\Battle.net\Battle.net.exe FirewallRules: [{3D09FEB1-38BA-40D6-B409-3F8F8EFEAD5E}] => (Allow) D:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{A99A3A93-C585-4486-BD4A-E18A2F415DE1}] => (Allow) D:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{BCC21FED-87E8-42A5-A0AB-36D8EABAC15C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [{4E9559A4-97E3-47EE-9C63-C205B0EE7BFD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe FirewallRules: [{EEF0E262-58E1-44E1-90DB-DAE26AB7165D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{53DD3039-7D8B-4248-A093-B7AA59D7DDFD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe FirewallRules: [{071FD18F-5DA0-4ACC-AD91-57698546F348}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D18328CD-955E-4B39-9FA9-16B8FFAFE6D4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{1A07C51B-CC67-4728-9251-C9318B2F72DA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{8BB32790-DADB-40C7-A094-1C531AC4EE09}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{B7537B3E-43E1-449C-A3CD-DCFD21952F2D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{8E371197-0CE6-427C-AE98-9DB91A63A7AD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{E3D304C8-F5D8-4874-A38F-2D251E88C61A}] => (Allow) D:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{498769EB-9F9A-404C-8372-E954216A2E1B}] => (Allow) D:\Program Files\iTunes\iTunes.exe FirewallRules: [{F4284CE7-F039-4BA0-80A4-87FE670681FA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Zewnętrzne urządzenie Bluetooth Description: Zewnętrzne urządzenie Bluetooth Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (05/20/2015 04:29:11 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/20/2015 06:55:38 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/20/2015 06:37:33 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/19/2015 11:42:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/19/2015 09:11:51 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/19/2015 04:09:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nazwa aplikacji powodującej błąd: Co.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x2a425e19 Nazwa modułu powodującego błąd: Co.exe, wersja: 0.0.0.0, sygnatura czasowa: 0x2a425e19 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000787d Identyfikator procesu powodującego błąd: 0x878 Godzina uruchomienia aplikacji powodującej błąd: 0xCo.exe0 Ścieżka aplikacji powodującej błąd: Co.exe1 Ścieżka modułu powodującego błąd: Co.exe2 Identyfikator raportu: Co.exe3 Error: (05/19/2015 03:07:40 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/19/2015 07:18:50 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5500345 Error: (05/19/2015 07:18:50 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5500345 Error: (05/19/2015 07:18:50 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (05/20/2015 04:33:21 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (05/20/2015 04:33:20 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (05/20/2015 04:33:11 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (05/20/2015 04:33:11 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (05/20/2015 04:33:10 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (05/20/2015 04:33:10 PM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (05/20/2015 07:02:10 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (05/20/2015 07:02:09 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (05/20/2015 07:02:09 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Error: (05/20/2015 07:01:59 AM) (Source: Disk) (EventID: 11) (User: ) Description: Sterownik wykrył błąd kontrolera na \Device\Harddisk1\DR1. Microsoft Office Sessions: ========================= ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz Percentage of memory in use: 90% Total physical RAM: 4062.88 MB Available physical RAM: 366.69 MB Total Pagefile: 12186.84 MB Available Pagefile: 7259.43 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:43.94 GB) (Free:3.56 GB) NTFS Drive d: () (Fixed) (Total:421.82 GB) (Free:154.22 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive g: () (Removable) (Total:7.5 GB) (Free:7.47 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C3FFC3FF) Partition 1: (Active) - (Size=421.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=43.9 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 7.5 GB) (Disk ID: 02CC5086) Partition 1: (Active) - (Size=7.5 GB) - (Type=0B) ==================== End Of Log ============================