Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2015 Ran by Mariusz at 2015-05-21 00:02:19 Running from C:\Users\Mariusz\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2883962111-3297607759-932671933-500 - Administrator - Disabled) Guest (S-1-5-21-2883962111-3297607759-932671933-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2883962111-3297607759-932671933-1002 - Limited - Enabled) Mariusz (S-1-5-21-2883962111-3297607759-932671933-1000 - Administrator - Enabled) => C:\Users\Mariusz ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AV: Symantec Endpoint Protection (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} AS: Symantec Endpoint Protection (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Symantec Endpoint Protection (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2883962111-3297607759-932671933-1000\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.) Acrobat.com (x32 Version: 0.0.0 - ) Hidden Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.2.0 - IObit) Aktualizacje NVIDIA 2.4.3.31 (Version: 2.4.3.31 - NVIDIA Corporation) Hidden Alien Isolation (HKLM-x32\...\Alien Isolation_is1) (Version: - ) Archiwizator WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Bullzip PDF Printer 9.2.0.1499 (HKLM\...\Bullzip PDF Printer_is1) (Version: 9.2.0.1499 - Bullzip) Call of Duty Advanced Warfare (HKLM-x32\...\Call of Duty Advanced Warfare_is1) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) Chrome Remote Desktop Host (HKLM-x32\...\{A1A724F3-F1A6-479C-AE98-208946717E2B}) (Version: 42.0.2311.39 - Google Inc.) CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Crysis WARHEAD(R) (x32 Version: 1.0 - Crytek) Hidden cwbin64a (Version: 05.04.0000 - IBM) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Deluxe Ski Jump 4 (HKLM-x32\...\Deluxe Ski Jump 4_is1) (Version: 1.5.1 - Mediamond Tmi) Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc) Driver Booster 2.3 (HKLM-x32\...\Driver Booster_is1) (Version: 2.3 - IObit) Dying Light Be The Zombie DLC (HKLM-x32\...\RHlpbmdMaWdodA==_is1) (Version: 1 - ) EAX(tm) Unified (SHELL) (HKLM-x32\...\EAX(tm) Unified (SHELL)) (Version: - ) EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs) e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 6.0.0 - Ministerstwo Finansow) e-Deklaracje Desktop (x32 Version: 6.0.0 - Ministerstwo Finansow) Hidden Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.4.1 - Lenovo) Energy Management (x32 Version: 7.0.4.1 - Lenovo) Hidden ETDWare PS/2-X64 11.5.0.9_WHQL (HKLM\...\Elantech) (Version: 11.5.0.9 - ELAN Microelectronic Corp.) GG (HKU\S-1-5-21-2883962111-3297607759-932671933-1000\...\GG) (Version: 11 - GG Network S.A.) Ghostbusters (TM): The Video Game (x32 Version: 1.00.0000 - Atari) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Halo Spartan Strike (HKLM-x32\...\Halo Spartan Strike_is1) (Version: - ) HWiNFO64 Version 4.42 (HKLM\...\HWiNFO64_is1) (Version: 4.42 - Martin Malík - REALiX) IBM iSeries Access for Windows (HKLM-x32\...\ClientAccessExpress) (Version: - ) inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{90F00673-A276-4A58-B675-B426D39D1E09}) (Version: 15.3.0.0398 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{A10B1524-63B5-40F2-B272-D841CF671C16}) (Version: 2.2.0.0266 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit) IsoBuster 3.1 (HKLM-x32\...\IsoBuster_is1) (Version: 3.1 - Smart Projects) Java 7 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) Juniper Networks Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks) Juniper Networks Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.8400.10182 - Realtek Semiconductor Corp.) LOST PLANET 2 (HKLM-x32\...\{737369DC-08E8-4787-A78C-F86943247BDF}) (Version: 1.0.0.129 - CAPCOM CO., LTD.) LOST PLANET COLONIES (HKLM-x32\...\{6FCFA783-CE7B-4018-AC48-0E6EEAAEA322}) (Version: 1.00.129 - CAPCOM CO.,LTD.) MCCI(r)Firmware Update Driver for MTK (HKLM-x32\...\{13E92303-C1AC-4012-9E22-54EACBF54888}) (Version: 1.00.0000 - MCCI) Medal of Honor Warfighter (HKLM-x32\...\Medal of Honor Warfighter_is1) (Version: Medal of Honor Warfighter - ) Media Player Codec Pack 4.2.5 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.2.5 - Media Player Codec Pack) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE (HKLM-x32\...\{B45FABE7-D101-4D99-A671-E16DA40AF7F0}) (Version: 3.0.86.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{B578C85A-A84C-4230-A177-C5B2AF565B8C}) (Version: 3.0.17.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Migration System Updater RBP (HKLM-x32\...\Migration System Updater RBP) (Version: 1.2.0.0 - ) mp (x32 Version: 05.04.0000 - IBM) Hidden mpmri (x32 Version: 05.04.0000 - IBM) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyFreeCodec (HKU\S-1-5-21-2883962111-3297607759-932671933-1000\...\MyFreeCodec) (Version: - ) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG) NVIDIA GeForce Experience 2.4.3.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.31 - NVIDIA Corporation) NVIDIA Oprogramowanie systemu PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA Sterownik 3D Vision 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation) NVIDIA Sterownik graficzny 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Oprogramowanie Intel® PROSet/Wireless WiFi (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo) Panel sterowania NVIDIA 352.86 (Version: 352.86 - NVIDIA Corporation) Hidden PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH) PDF Architect 3 Create Module (x32 Version: 3.0.12.22873 - pdfforge GmbH) Hidden PDF Architect 3 Edit Module (x32 Version: 3.0.12.22873 - pdfforge GmbH) Hidden PDF Architect 3 View Module (x32 Version: 3.0.12.22873 - pdfforge GmbH) Hidden PIT 2012 z Gazet¹ Wyborcz¹ ver. 9.0.1.7 (HKLM-x32\...\PIT 2012 z Gazet¹ Wyborcz¹_is1) (Version: - Agora Sp. z o.o.) PIT 2013 z Gazet¹ Wyborcz¹ ver. 10.0.2.11 (HKU\S-1-5-21-2883962111-3297607759-932671933-1000\...\PIT 2013 z Gazet¹ Wyborcz¹_is1) (Version: - Agora Sp. z o.o.) PIT 2014 z Gazet¹ Wyborcz¹ ver. 11.0.2.10 (HKU\S-1-5-21-2883962111-3297607759-932671933-1000\...\PIT 2014 z Gazet¹ Wyborcz¹_is1) (Version: - Agora Sp. z o.o.) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden Protected Folder (HKLM-x32\...\Protected Folder_is1) (Version: - IObit) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.) Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0026 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6702 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.39019 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.36.0 - Renesas Electronics Corporation) Hidden Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.1 - Rockstar Games) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.3.31 - NVIDIA Corporation) Hidden Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.0 - IObit) Soda Manager (x32 Version: 7.0.0.1 - LULU Software Limited) Hidden Soda PDF 7 (HKLM-x32\...\Soda7) (Version: 7.2.4.22591 - LULU Software Limited) Soda PDF 7 Asian Fonts Pack (x32 Version: 7.2.10.22987 - LULU Software Limited) Hidden Soda PDF 7 Convert Module (x32 Version: 7.2.10.22987 - LULU Software Limited) Hidden Soda PDF 7 Create Module (x32 Version: 7.2.10.22987 - LULU Software Limited) Hidden Soda PDF 7 Edit Module (x32 Version: 7.2.10.22987 - LULU Software Limited) Hidden Soda PDF 7 Forms Module (x32 Version: 7.2.4.22533 - LULU Software Limited) Hidden Soda PDF 7 Insert Module (x32 Version: 7.2.10.22987 - LULU Software Limited) Hidden Soda PDF 7 Review Module (x32 Version: 7.2.10.22987 - LULU Software Limited) Hidden Soda PDF 7 View Module (x32 Version: 7.2.10.22987 - LULU Software Limited) Hidden State of Decay Year-One (HKLM-x32\...\State of Decay Year-One_is1) (Version: - ) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) Symantec Endpoint Protection (HKLM\...\{D8A974E4-EFBB-4489-80D5-EDE0EFE11794}) (Version: 12.1.2015.2015 - Symantec Corporation) System Explorer 4.5.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group) TuneUp Utilities Language Pack (pl-PL) (x32 Version: 12.0.3600.84 - TuneUp Software) Hidden Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUSR_{CF394926-359E-48E1-AA25-E56B32FCB335}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN) Welcome App (Start-up experience) (x32 Version: 12.0.14000 - Nero AG) Hidden Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) Wolfenstein (HKLM-x32\...\InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}) (Version: 1.0 - Activision) Wolfenstein (x32 Version: 1.0 - Activision) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2883962111-3297607759-932671933-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Mariusz\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-06-28 10:52 - 2015-05-20 10:28 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {01D0F1C2-A2F3-4EC2-8E80-FAA08B81A9A1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {1187308E-0076-46CC-A31E-9EFF16037BDB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-16] (Google Inc.) Task: {11FC70E9-7140-4C2E-A3A8-AEE31EE071F8} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-04-09] (IObit) Task: {1AEAA398-FEE5-45A2-8AD9-8891E393AB3F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {203A2F4A-BF7E-4F4B-9ABF-24E2AE7F18C0} - \Driver Booster SkipUAC (SYSTEM) No Task File <==== ATTENTION Task: {213B8013-3E4B-42D9-A784-035BFC8AEB20} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-30] (Microsoft Corporation) Task: {31F32AA9-112F-477E-A863-E0E065B8AFFB} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-30] (Microsoft Corporation) Task: {419F5AFB-9695-4EAB-B147-A1DBE78FE76C} - System32\Tasks\Driver Booster SkipUAC (Mariusz) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-04-07] (IObit) Task: {52BE6253-E087-4170-B6E1-538CFC2D33B9} - System32\Tasks\ASC8_SkipUac_Mariusz => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-05-08] (IObit) Task: {63EA5466-8618-4F5C-BBDB-D4640F0F2E4A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Mariusz-PC-Mariusz Mariusz-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-04-14] (Microsoft Corporation) Task: {67AFF71B-DFB1-44DC-89AA-BCCF87996C3B} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit) Task: {6FCD2D4C-12DA-44C7-A0D9-9A5E0C9142DD} - System32\Tasks\ASC7U_SkipUac_Mariusz => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASC.exe Task: {72CCDF0A-2C14-45C6-A32F-10284E759C9B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {94FEBF0C-1D88-4E19-87FF-B4304D42DC4A} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-03-03] (IObit) Task: {959FC0D6-7F56-4774-AB33-5DDE531B420C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-30] (Microsoft Corporation) Task: {ACC8AD38-07F1-4A0B-B517-A6956096217B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-30] (Microsoft Corporation) Task: {BECCCA72-808D-4860-8B0C-6ECAE89D37AE} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-03-30] (IObit) Task: {CD99FBBA-AB77-45D8-B67D-82156923214A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-16] (Google Inc.) Task: {D88866B6-A39B-4798-88F2-B7554D8D9C2B} - System32\Tasks\Uninstaller_SkipUac_Mariusz => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit) Task: {EDD420C9-DD12-42D0-B863-A80DD11CFD1C} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-04-07] (IObit) Task: {EE7B614C-32AD-4270-A522-BCDA4AA000C9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2013-01-03 18:39 - 2012-07-20 23:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2008-12-20 04:20 - 2013-01-03 20:58 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll 2008-12-20 04:20 - 2013-01-03 20:58 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll 2012-04-19 17:22 - 2013-01-03 20:58 - 01516592 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll 2012-03-08 16:40 - 2013-01-03 20:58 - 00011096 _____ () C:\Program Files (x86)\Lenovo\Energy Management\pl-PL\EMWpfUI.resources.dll 2015-05-18 19:25 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl 2015-05-18 19:25 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl 2015-05-18 19:25 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl 2015-02-21 13:39 - 2015-05-12 08:27 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2015-04-18 10:52 - 2015-05-08 02:36 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-05-18 19:25 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll 2015-05-18 19:25 - 2014-12-10 09:14 - 01284896 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\Scan.dll 2015-05-18 19:25 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll 2015-05-14 04:56 - 2015-05-05 06:06 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libglesv2.dll 2015-05-14 04:56 - 2015-05-05 06:06 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, the associated entry will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> 008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com IE restricted site: HKU\.DEFAULT\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\.DEFAULT\...\01i.info -> 01i.info IE restricted site: HKU\.DEFAULT\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\.DEFAULT\...\05p.com -> 05p.com IE restricted site: HKU\.DEFAULT\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\.DEFAULT\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\.DEFAULT\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\.DEFAULT\...\0calories.net -> 0calories.net IE restricted site: HKU\.DEFAULT\...\0cj.net -> 0cj.net IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com IE restricted site: HKU\.DEFAULT\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1-se.com -> 1-se.com IE restricted site: HKU\.DEFAULT\...\1001movie.com -> 1001movie.com IE restricted site: HKU\.DEFAULT\...\1001night.biz -> 1001night.biz IE restricted site: HKU\.DEFAULT\...\100gal.net -> 100gal.net IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com There are 4790 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2883962111-3297607759-932671933-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mariusz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdvancedSystemCareService8 => 2 MSCONFIG\Services: AMPPALR3 => 3 MSCONFIG\Services: Bluetooth Device Monitor => 3 MSCONFIG\Services: Bluetooth Media Service => 3 MSCONFIG\Services: Bluetooth OBEX Service => 3 MSCONFIG\Services: Browser => 3 MSCONFIG\Services: BTHSSecurityMgr => 3 MSCONFIG\Services: chromoting => 3 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: CryptSvc => 3 MSCONFIG\Services: Cwbrxd => 3 MSCONFIG\Services: GfExperienceService => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: IAStorDataMgrSvc => 3 MSCONFIG\Services: IDriverT => 3 MSCONFIG\Services: IePluginService => 2 MSCONFIG\Services: LanmanServer => 2 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\Services: NvNetworkService => 2 MSCONFIG\Services: NvStreamSvc => 2 MSCONFIG\Services: nvsvc => 2 MSCONFIG\Services: PcaSvc => 3 MSCONFIG\Services: PDF Architect 3 => 3 MSCONFIG\Services: PDF Architect 3 CrashHandler => 3 MSCONFIG\Services: PDF Architect 3 Creator => 3 MSCONFIG\Services: RemoteAccess => 3 MSCONFIG\Services: SharedAccess => 2 MSCONFIG\Services: SkypeUpdate => 3 MSCONFIG\Services: SNAC => 3 MSCONFIG\Services: SODA Manager => 3 MSCONFIG\Services: Soda PDF 7 CrashHandler => 3 MSCONFIG\Services: Soda PDF 7 Creator => 2 MSCONFIG\Services: Stereo Service => 2 MSCONFIG\Services: SystemExplorerHelpService => 3 MSCONFIG\Services: TabletInputService => 3 MSCONFIG\Services: TapiSrv => 3 MSCONFIG\Services: WMPNetworkSvc => 3 MSCONFIG\Services: WPDBusEnum => 3 MSCONFIG\startupreg: Adobe RGB Color => MSCONFIG\startupreg: AppsHat => MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: DAEMON Tools Lite => "c:\program files (x86)\daemon tools lite\dtlite.exe" -autorun MSCONFIG\startupreg: DAEMON Tools Ultra Agent => MSCONFIG\startupreg: DivXMediaServer => MSCONFIG\startupreg: Energy Management.exe => MSCONFIG\startupreg: ETDAniConf.exe => MSCONFIG\startupreg: ETDIntelligent.exe => MSCONFIG\startupreg: JunosPulse => MSCONFIG\startupreg: KiesPreload => MSCONFIG\startupreg: KiesTrayAgent => MSCONFIG\startupreg: nvxasync => MSCONFIG\startupreg: Only-search => MSCONFIG\startupreg: pcee4.exe => MSCONFIG\startupreg: SDP => MSCONFIG\startupreg: SunJavaUpdateSched => c:\program files (x86)\common files\java\java update\jusched.exe MSCONFIG\startupreg: WindowsApplication27 => ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) FirewallRules: [TCP Query User{B1B016B4-0C73-4727-B459-276641971693}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{68436B38-AF7B-4B91-9B7D-39BC3D54F3AD}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{50A57343-0D0A-4510-89C4-49CE5C1D2AA8}C:\program files (x86)\nero\km\kwikmedia.exe] => (Allow) C:\program files (x86)\nero\km\kwikmedia.exe FirewallRules: [UDP Query User{877813E1-4F7D-4277-87B9-42246D7D8675}C:\program files (x86)\nero\km\kwikmedia.exe] => (Allow) C:\program files (x86)\nero\km\kwikmedia.exe FirewallRules: [{D1B2B6B4-62BC-42A4-B67A-5157B284A04E}] => (Allow) F:\Wolfenstein\MP\Wolf2MP.exe FirewallRules: [{9EDA8FD8-7AA8-4E2B-93F1-3AD2FAC7423A}] => (Allow) F:\Wolfenstein\MP\Wolf2MP.exe FirewallRules: [{C0E75A6B-76B1-4D10-8C48-932EBE5A9E20}] => (Allow) F:\Wolfenstein\MP\Wolf2MPLite.exe FirewallRules: [{CDC8089E-CB1F-4ABE-BAF6-9ABBC998FE42}] => (Allow) F:\Wolfenstein\MP\Wolf2MPLite.exe FirewallRules: [TCP Query User{DCE94009-E924-49BF-8126-6C448E8705E5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{96334898-D4F0-4D9E-9C59-E10F95B6CFC1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{3AC0D4EF-4C79-42E6-81BA-FDBE051C682C}F:\prototype 2\prototype2.exe] => (Allow) F:\prototype 2\prototype2.exe FirewallRules: [UDP Query User{1E5BCCD5-9586-42E0-9167-9E1917A662E1}F:\prototype 2\prototype2.exe] => (Allow) F:\prototype 2\prototype2.exe FirewallRules: [{364EEBC5-4876-4DE1-B35E-BEFA4A9865E4}] => (Allow) F:\LOST PLANET 2\LP2DX9.exe FirewallRules: [{FADA9B16-5822-43D5-A52D-CF1C444C8989}] => (Allow) F:\LOST PLANET 2\LP2DX9.exe FirewallRules: [{1422E206-5EF1-44A9-8EE1-389CF3EBEAC3}] => (Allow) F:\LOST PLANET 2\LP2DX11.exe FirewallRules: [{754F2994-4705-4F62-8203-FDE3A01BB65B}] => (Allow) F:\LOST PLANET 2\LP2DX11.exe FirewallRules: [{769328B4-EF76-4B76-8C36-02549FB63CEE}] => (Allow) C:\Program Files (x86)\Capcom\LOSTPLANETCOLONIES\LostPlanetColoniesDX9.exe FirewallRules: [{FDA808AB-8B25-445F-839C-E8A64F4D9E2A}] => (Allow) C:\Program Files (x86)\Capcom\LOSTPLANETCOLONIES\LostPlanetColoniesDX9.exe FirewallRules: [{B488C933-2D55-422B-8950-CEE6F6980AA7}] => (Allow) C:\Program Files (x86)\Capcom\LOSTPLANETCOLONIES\LostPlanetColoniesDX10.exe FirewallRules: [{15419DE8-C118-4152-876D-C5651FE1BEDB}] => (Allow) C:\Program Files (x86)\Capcom\LOSTPLANETCOLONIES\LostPlanetColoniesDX10.exe FirewallRules: [TCP Query User{1793AC80-75FD-4A9C-B025-F5A44D6EBF2C}F:\lost planet 2\lp2dx9.exe] => (Allow) F:\lost planet 2\lp2dx9.exe FirewallRules: [UDP Query User{E28F518F-114F-4F26-A6E2-EF73B5703BD8}F:\lost planet 2\lp2dx9.exe] => (Allow) F:\lost planet 2\lp2dx9.exe FirewallRules: [TCP Query User{CCE23DA9-322C-42A1-89E5-26B1EA124449}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{CD9EF868-814B-429E-8B0B-A61995BBFFEB}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{9E90A5D2-1EAF-4A8A-8068-DE550E8FF4EA}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe FirewallRules: [UDP Query User{18854900-D369-4F61-BA19-C29025BA4995}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe FirewallRules: [{E6432623-9359-4887-95B9-EB4FD0CBFD38}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{5BF43CD4-29D1-4EE7-AAA5-45D192A7016D}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{64510384-60A5-4824-9BF8-FEA456637AB5}] => (Allow) C:\Users\Mariusz\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{92999832-9DA5-4950-8DDF-496E81D53475}] => (Allow) C:\Users\Mariusz\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{A894E649-7E8F-43C1-BD9F-6AFEB0E66AE8}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe FirewallRules: [UDP Query User{ABD7DC9B-89D9-4C0E-8277-41DBC4E98C5D}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe FirewallRules: [{DC5B8E41-96F0-4701-A44F-F2E2F0824472}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{C35D0564-1362-4096-A2F2-B63144ED53F7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{A6C17212-E190-4764-AC41-AFCFEFCE6985}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{3146A9EA-A0B1-4974-B894-F59B3FD4939B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{E2C9BACE-D237-443E-9D72-75C2FE2B04D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{54FF6A93-4C76-43EE-822B-0F46532B9264}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{194361D8-3AAB-4087-AC1D-3200353C47FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{3EBD713C-5BED-4322-8B7C-33FA1543E330}] => (Allow) C:\Users\Mariusz\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0720A9A2-4BB3-4E29-829D-92352D2CE42C}] => (Allow) C:\Users\Mariusz\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9C2CC7A4-BD2F-4EFE-BE28-8F55DAE956C3}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\Smc.exe FirewallRules: [{245B7026-EE58-4CA3-8220-374CC3EFA5D5}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\Smc.exe FirewallRules: [{F0453C83-9FCF-46D2-A8ED-C0C249B2790D}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\snac64.exe FirewallRules: [{B66FFE48-D5E3-4E08-9B68-D6525C6AE839}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\snac64.exe FirewallRules: [{E4408A92-784B-42AF-95A2-0C72D4001F72}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{41E7615E-4E97-4EC1-8EA7-1CB2D0742EA3}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{A7D95C93-BC7E-4AFC-81E2-2DFE78E03A41}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{1B2C45AC-A181-4F7F-957B-95D70C5BBE97}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{6BA69B8E-841A-41F0-A34F-5D657590A702}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{F273A29D-E07C-4770-9889-19F7AD2FCAF1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{005B1090-8D23-469F-9CB9-E9065CB9F90C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{CFADEE7C-F760-40AF-AC64-E20DDF351458}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{D9D47BCB-B7E5-412E-AB0E-BA01B61C2BDD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1AC68E7A-3A98-4476-ADAC-39B1EC81C178}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{48B8E642-4046-408B-A0FD-9FB31FF3CE35}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{172AB0F9-8D0D-440C-AB35-1000B5B64014}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{D795C85A-7EA9-4B8A-BF8B-9B1CE69AD240}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe FirewallRules: [{7E4C9C15-9BEE-4F34-B2AF-3DF357576278}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Intel(R) Wireless Bluetooth(R) Description: Intel(R) Wireless Bluetooth(R) Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Intel Corporation Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (05/20/2015 10:48:27 PM) (Source: MsiInstaller) (EventID: 10005) (User: Mariusz-PC) Description: Produkt: Adobe Reader XI (11.0.10) - Polish -- Błąd 2753.The File 'acrosup64.dll' is not marked for installation. Error: (05/20/2015 10:44:39 PM) (Source: MsiInstaller) (EventID: 11316) (User: Mariusz-PC) Description: Product: Call of Duty(R) 2 -- Error 1316.The specified account already exists. Error: (05/20/2015 09:42:07 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas badania interfejsu IVssWriterCallback. hr = 0x80070005, Access is denied. . To jest często spowodowane przez niepoprawne ustawienia zabezpieczeń w procesie zapisującym lub żądającym. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {adde0068-5f79-4647-a2fa-1939de1d4ed1} Error: (05/20/2015 05:34:07 PM) (Source: Symantec Network Protection) (EventID: 400) (User: ) Description: Funkcja Zapobieganie wlamaniom sieciowym nie chroni komputera, poniewaz jej sterownik zostal usuniety z pamieci Error: (05/20/2015 10:29:19 AM) (Source: Symantec Network Protection) (EventID: 400) (User: ) Description: Funkcja Zapobieganie wlamaniom sieciowym nie chroni komputera, poniewaz jej sterownik zostal usuniety z pamieci Error: (05/19/2015 09:13:28 PM) (Source: Windows Activation Technologies) (EventID: 3) (User: ) Description: Błąd testu kondycji: hr = 0x8004FE22, StanKondycji: 0x0000000000002000 Error: (05/18/2015 11:19:15 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Usługa Windows Search jest zatrzymywana, ponieważ wystąpił problem z indeksatorem: The catalog is corrupt. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/18/2015 11:19:15 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Nie można zainicjować indeksu. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/18/2015 11:19:15 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Nie można zainicjować aplikacji. Context: Windows Application Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/18/2015 11:19:15 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Nie można zainicjować obiektu programu zbierającego. Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) System errors: ============= Error: (05/20/2015 11:20:09 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (05/20/2015 10:07:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa HomeGroup Provider zależy od usługi Function Discovery Provider Host, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (05/20/2015 10:07:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa HomeGroup Provider zależy od usługi Function Discovery Provider Host, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (05/20/2015 06:51:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa HomeGroup Provider zależy od usługi Function Discovery Provider Host, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (05/20/2015 06:50:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Internet Connection Sharing (ICS) zależy od usługi Remote Access Connection Manager, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (05/20/2015 06:50:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Remote Access Connection Manager zależy od usługi Telephony, której nie można uruchomić z powodu następującego błędu: %%1058 Error: (05/20/2015 06:50:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi atksgt z powodu następującego błędu: %%1275 Error: (05/20/2015 06:50:06 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: Sterownik atksgt.sys został zablokowany dla ładowania. Error: (05/20/2015 06:49:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Microsoft Antimalware Service z powodu następującego błędu: %%1053 Error: (05/20/2015 06:49:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Microsoft Antimalware Service. Microsoft Office Sessions: ========================= Error: (05/20/2015 10:48:27 PM) (Source: MsiInstaller) (EventID: 10005) (User: Mariusz-PC) Description: Produkt: Adobe Reader XI (11.0.10) - Polish -- Błąd 2753.The File 'acrosup64.dll' is not marked for installation.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (05/20/2015 10:44:39 PM) (Source: MsiInstaller) (EventID: 11316) (User: Mariusz-PC) Description: Product: Call of Duty(R) 2 -- Error 1316.The specified account already exists. (NULL)(NULL)(NULL)(NULL)(NULL) Error: (05/20/2015 09:42:07 PM) (Source: VSS) (EventID: 8194) (User: ) Description: 0x80070005, Access is denied. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {adde0068-5f79-4647-a2fa-1939de1d4ed1} Error: (05/20/2015 05:34:07 PM) (Source: Symantec Network Protection) (EventID: 400) (User: ) Description: Funkcja Zapobieganie wlamaniom sieciowym nie chroni komputera, poniewaz jej sterownik zostal usuniety z pamieci Error: (05/20/2015 10:29:19 AM) (Source: Symantec Network Protection) (EventID: 400) (User: ) Description: Funkcja Zapobieganie wlamaniom sieciowym nie chroni komputera, poniewaz jej sterownik zostal usuniety z pamieci Error: (05/19/2015 09:13:28 PM) (Source: Windows Activation Technologies) (EventID: 3) (User: ) Description: 0x8004FE220x0000000000002000 Error: (05/18/2015 11:19:15 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) The catalog is corrupt Error: (05/18/2015 11:19:15 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/18/2015 11:19:15 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Context: Windows Application Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/18/2015 11:19:15 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) CodeIntegrity Errors: =================================== Date: 2015-05-20 22:19:01.767 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-05-20 21:56:40.426 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2015-05-15 19:31:52.844 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-15 19:31:52.797 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-04-18 11:28:37.173 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz Percentage of memory in use: 34% Total physical RAM: 8047.52 MB Available physical RAM: 5264.09 MB Total Pagefile: 20115.73 MB Available Pagefile: 17142.62 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (PIERWSZY) (Fixed) (Total:232.82 GB) (Free:105.65 GB) NTFS Drive e: (FILMY) (Fixed) (Total:232.82 GB) (Free:148.57 GB) NTFS Drive f: (ZDJĘCIA) (Fixed) (Total:232.82 GB) (Free:158.8 GB) NTFS Drive g: (GRY) (Fixed) (Total:232.82 GB) (Free:208.52 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 9ED40981) Partition: GPT Partition Type. ==================== End Of Log ============================