Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-05-2015 01 Ran by GG Projekt 13 at 2015-05-23 10:33:03 Running from C:\Users\GG Projekt 13\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1967409539-1089874523-638691166-500 - Administrator - Disabled) GG Projekt 13 (S-1-5-21-1967409539-1089874523-638691166-1000 - Administrator - Enabled) => C:\Users\GG Projekt 13 Gość (S-1-5-21-1967409539-1089874523-638691166-501 - Limited - Enabled) UpdatusUser (S-1-5-21-1967409539-1089874523-638691166-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1967409539-1089874523-638691166-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.) 3Dconnexion 3DxSoftware (x64 Edition) (HKLM-x32\...\{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}) (Version: - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.600 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Reader X (10.1.3) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated) Aktualizacje NVIDIA 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation) ASUS nVidia Driver (x32 Version: 1.00.0000 - ASUSTek) Hidden Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk) Commercial Extension Cable (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - Commercial Extension Cable) CurrencyShow (HKU\S-1-5-21-1967409539-1089874523-638691166-1000\...\40b44873d9e394a4) (Version: 1.0.0.100 - Vernaja Alternativa) Deutsch Translator 2 (HKLM-x32\...\DT2) (Version: - ) DiscountSmasher (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}) (Version: - DiscountSmasher) <==== ATTENTION Distributed Computing Experiment (HKLM\...\Distributed Computing Experiment) (Version: - ) doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland) Double-sided Launch (HKLM-x32\...\ConvertAd) (Version: 1.0.0.0 - Double-sided Launch) <==== ATTENTION DOwnSavEa (HKLM-x32\...\{AF992111-52BE-832B-5882-8477E4A3C99A}) (Version: - "") <==== ATTENTION DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden English Translator 3 (HKLM-x32\...\ET3) (Version: - ) EnujoyCoupon (HKLM-x32\...\{2DF3E224-05CD-4113-AA7A-86F2F6607B46}) (Version: - "") <==== ATTENTION ESS Energie Indikator (HKLM-x32\...\{88E3EBF0-B56B-450C-8720-0C0264C9950A}) (Version: 2012.0 - Nemetschek Allplan GmbH) FindBaeosttDeal (HKLM-x32\...\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}) (Version: - "") <==== ATTENTION General Runtime Files for Allplan 2012 (x32 Version: 1.6.0.0 - Nemetschek Allplan GmbH) Hidden Happy2SaviE (HKLM-x32\...\{E957849A-94AC-6F46-4623-C31474E3C170}) (Version: - "") <==== ATTENTION Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation) IZArc 4.1.6 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.6 - Ivan Zahariev) KeepersEixt (HKLM-x32\...\{95AD5CB7-B9DA-C55D-9107-1B7B2346169F}) (Version: - ) Malwarebytes Anti-Malware wersja 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 SP1) (Version: - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nemetschek Allplan 2012 (HKLM-x32\...\{E293B9FB-2753-4B39-89ED-4812FAF358D1}) (Version: 2012.0 - Nemetschek Allplan GmbH) NVIDIA Sterownik 3D Vision 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation) NVIDIA Sterownik graficzny 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation) ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) OpenOffice.org 3.2 (HKLM-x32\...\{58B785A2-D2CA-40AA-AE89-FCC49326CDC4}) (Version: 3.2.9502 - OpenOffice.org) Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC) Panel sterowania NVIDIA 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge) Plan-View Version 10.38 (HKLM-x32\...\Plan-ViewV10.38) (Version: - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6554 - Realtek Semiconductor Corp.) Sentinel HASP Run-time (HKLM-x32\...\{2A414CBE-CDF3-48C6-A91B-D3D4522F8EB5}) (Version: 5.10.1.17163 - SafeNet Inc.) TSearch (HKLM-x32\...\Torrent Search) (Version: 1.0.0.47 - Macte! Labs) Web Amplified (HKLM\...\Web Amplified) (Version: 2015.05.21.032418 - Web Amplified) <==== ATTENTION Xerox Phaser 3435 (HKLM-x32\...\Xerox Phaser 3435) (Version: - ) 电脑管家10.9 (HKLM-x32\...\QQPCMgr) (Version: 10.9.16349.225 - 腾讯科技(深圳)有限公司) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1967409539-1089874523-638691166-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2014\en-US\dwgviewrficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1967409539-1089874523-638691166-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2014\dwgviewr.exe (Autodesk, Inc.) ==================== Restore Points ========================= 13-05-2015 16:14:13 Windows Update 18-05-2015 07:18:57 Windows Update 20-05-2015 16:09:55 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2015-05-23 10:06 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01316ED0-5C1E-46BA-A2BC-1074C643ED66} - System32\Tasks\{CA3536A6-5897-4EFD-9C74-9174E5B192FE} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe -c /M{457D7505-D665-4F95-91C3-ECB8C56E9ACA} Task: {0377BBD2-7626-47D6-8978-D7F1726B26C9} - System32\Tasks\WebContent AutoUpdate 2011 => D:\Nemetschek\Allplan\prg\NemDownloadHandler.exe [2012-02-08] (Nemetschek Allplan GmbH) Task: {0FCCAA24-92D8-4191-9396-2FA11AB11486} - System32\Tasks\UNELEVATE_54 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe <==== ATTENTION Task: {159BD493-2DB1-4B21-A8BE-F33062ECA4EE} - System32\Tasks\Update Service for Torrent Search => C:\Program Files (x86)\Torrent Search\P9qQBHj.exe [2015-05-20] () Task: {27D85A05-6C8C-4D50-A9B9-4F76D91ADE0D} - System32\Tasks\WebContent AutoUpdate 2012 => D:\Nemetschek\Allplan\prg\NemDownloadHandler.exe [2012-02-08] (Nemetschek Allplan GmbH) Task: {5C5A1F54-7D4B-4BD6-8D0E-55AA8F81D9D0} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {6A076CFF-1D9A-4039-AC26-542D7416BBCC} - System32\Tasks\UNELEVATE_9616 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe <==== ATTENTION Task: {8AEDDA7E-652E-406E-BB57-0C350EFF2F5A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated) Task: {8C1877E9-A271-442A-A6BF-E7B4202018A1} - System32\Tasks\UNELEVATE_7262 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe <==== ATTENTION Task: {9F8D3D5F-52CD-4A8D-A828-D54035544B26} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {AE944D4F-5897-4B36-8F10-1FA19DCB41EC} - System32\Tasks\UNELEVATE_14614 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe <==== ATTENTION Task: {C0117BF4-FD36-4346-ADB0-F40062056404} - System32\Tasks\Update Service for Torrent Search2 => C:\Program Files (x86)\Torrent Search\P9qQBHj.exe [2015-05-20] () Task: {F6FD47C2-DB28-4743-AA43-EE0DB14CB8F1} - System32\Tasks\AutoUpdate Allplan 2012 => D:\Nemetschek\Allplan\prg\NemDownloadHandler.exe [2012-02-08] (Nemetschek Allplan GmbH) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AutoUpdate Allplan 2012.job => D:\Nemetschek\Allplan\prg\NemDownloadHandler.exe1/f D:\Nemetschek\Allplan\Std\AllplanUpdate.inf Task: C:\Windows\Tasks\Update Service for Torrent Search.job => C:\Program Files (x86)\Torrent Search\P9qQBHj.exe Task: C:\Windows\Tasks\Update Service for Torrent Search2.job => C:\Program Files (x86)\Torrent Search\P9qQBHj.exe Task: C:\Windows\Tasks\WebContent AutoUpdate 2011.job => D:\Nemetschek\Allplan\prg\NemDownloadHandler.exez/f D:\Nemetschek\Allplan\Std\AllplanUpdate.inf /one http:/autoupdate.allplan.com/Updates/Allplan/MyPlan/WebContent.upd Task: C:\Windows\Tasks\WebContent AutoUpdate 2012.job => D:\Nemetschek\Allplan\prg\NemDownloadHandler.exe/f D:\Nemetschek\Allplan\Std\AllplanUpdate.inf /one http:/autoupdate.allplan.com/Updates/Allplan/MyPlan/2012/WebContent.upd ==================== Loaded Modules (Whitelisted) ============== 2012-11-19 18:02 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-09-17 13:32 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll 2012-09-21 15:29 - 2008-01-17 14:50 - 00022016 _____ () C:\Windows\System32\sxc2ml6.dll 2015-05-21 01:50 - 2015-05-21 01:50 - 00273408 _____ () C:\Users\GG Projekt 13\AppData\Local\03000200-1432201896-0500-0006-000700080009\bnsy3A47.exe 2015-05-21 09:51 - 2015-05-21 09:51 - 00291840 _____ () C:\Users\GG Projekt 13\AppData\Local\03000200-1432201911-0500-0006-000700080009\cnsy6982.tmp 2015-05-21 09:49 - 2015-05-21 09:49 - 00481632 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\sqlite.dll 2015-05-21 09:49 - 2015-05-21 09:49 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\tinyxml.dll 2015-05-21 09:49 - 2015-05-21 09:49 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\zlib.dll 2015-05-21 09:49 - 2015-05-21 09:49 - 00063840 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll 2015-05-21 09:49 - 2015-05-21 09:49 - 00051552 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll 2015-05-21 09:53 - 2015-04-17 12:02 - 00018784 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\oDayProtect.dll 2015-05-21 09:49 - 2015-05-21 09:49 - 00203104 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQFileFlt.dll 2015-05-21 09:49 - 2015-05-21 09:49 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\libexpatw.dll 2015-05-21 09:49 - 2015-05-21 09:49 - 00092184 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\xGraphic32.dll 2015-05-21 09:49 - 2015-05-21 09:49 - 00342040 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\arkGraphic.dll 2015-05-21 09:49 - 2015-05-21 09:49 - 00045920 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\jgImage.dll 2015-05-21 09:49 - 2015-05-21 09:49 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\libpng.dll 2015-05-21 09:49 - 2015-05-21 09:49 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\libjpegturbo.dll 2015-05-21 09:49 - 2015-05-21 09:49 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\jgIOStub.dll 2015-05-21 09:49 - 2015-05-21 09:49 - 00194912 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\xImage.dll 2015-05-21 09:49 - 2015-05-21 09:49 - 00076128 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\MemDefrag.dll 2015-05-21 09:49 - 2015-05-07 13:04 - 00571800 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMLoader\QQPCDetector.dll 2015-05-21 09:49 - 2015-05-21 09:49 - 00268640 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\plugins\StartupMgr\SoftMon.dll 2015-05-21 09:49 - 2015-05-21 09:49 - 00235872 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMWlanMacDll.dll 2012-09-18 09:59 - 2012-02-08 16:45 - 00461648 _____ () D:\Nemetschek\Allplan\Prg\SQLite3.dll 2012-09-18 09:59 - 2012-02-08 16:30 - 00174416 _____ () D:\Nemetschek\Allplan\Prg\ctalib.dll 2012-09-18 09:59 - 2012-02-08 16:44 - 00040784 _____ () D:\Nemetschek\Allplan\Prg\ODMA32.dll 2014-06-11 08:37 - 2014-06-10 22:32 - 01379840 ____N () H:\robocizna\QMP\libglesv2.dll 2014-06-11 08:37 - 2014-06-10 22:32 - 00176128 ____N () H:\robocizna\QMP\libegl.dll 2014-06-11 08:38 - 2014-06-10 22:34 - 08936448 ____N () H:\robocizna\QMP\pdf.dll 2014-06-11 08:39 - 2014-06-10 22:34 - 00360960 ____N () H:\robocizna\QMP\ppGoogleNaClPluginChrome.dll 2014-06-11 08:37 - 2014-06-10 22:33 - 00968192 ____N () H:\robocizna\QMP\ffmpegsumo.dll 2012-09-14 15:03 - 2011-12-16 10:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1967409539-1089874523-638691166-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER Error getting == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{BED32E95-BA8B-4453-8D24-1935B16A90CD}] => (Allow) C:\Windows\system32\hasplms.exe FirewallRules: [TCP Query User{0192AEBC-F250-4142-BF4F-F06D7E7F20CE}C:\program files\ccsetup\opera.exe] => (Allow) C:\program files\ccsetup\opera.exe FirewallRules: [UDP Query User{2631A99E-CCD1-44FD-B4A1-93C191E56486}C:\program files\ccsetup\opera.exe] => (Allow) C:\program files\ccsetup\opera.exe FirewallRules: [TCP Query User{E43034EF-6C57-4886-9ADC-7095391A8CAE}C:\windows\ccsetup\opera.exe] => (Allow) C:\windows\ccsetup\opera.exe FirewallRules: [UDP Query User{6EC1644E-1CC8-47D0-9800-2D78B2A450BE}C:\windows\ccsetup\opera.exe] => (Allow) C:\windows\ccsetup\opera.exe FirewallRules: [{7C5F7A54-4550-40EA-88A6-DA9811C6672C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{28D42C7E-6DBD-4A27-B6BF-AF5D987C6BD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [TCP Query User{0F4FAE55-67B1-4B50-A1EF-99D01C717021}C:\users\gg projekt 13\appdata\local\screamer radio\screamer.exe] => (Allow) C:\users\gg projekt 13\appdata\local\screamer radio\screamer.exe FirewallRules: [UDP Query User{B2362E64-C613-4216-A970-A59F7163EC33}C:\users\gg projekt 13\appdata\local\screamer radio\screamer.exe] => (Allow) C:\users\gg projekt 13\appdata\local\screamer radio\screamer.exe FirewallRules: [TCP Query User{8919D39D-F09B-43CC-AD15-90FA1D022512}G:\operausb1060\opera.exe] => (Allow) G:\operausb1060\opera.exe FirewallRules: [UDP Query User{1CAA4449-32AC-4B44-8E42-1DBF6F4CCCC2}G:\operausb1060\opera.exe] => (Allow) G:\operausb1060\opera.exe FirewallRules: [TCP Query User{4CF9BAA4-CE8B-4D41-8FA8-81450F78AC92}G:\operausb1060\opera.exe] => (Block) G:\operausb1060\opera.exe FirewallRules: [UDP Query User{D11EE360-F2C7-426C-9D1B-8251C9740949}G:\operausb1060\opera.exe] => (Block) G:\operausb1060\opera.exe FirewallRules: [{1F2C3EB0-D0B4-4CBE-92D8-63C4A29C29C0}] => (Allow) C:\Users\GG Projekt 13\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{07C898ED-070B-450F-9F8C-F43FEDD2F8F8}] => (Allow) C:\Users\GG Projekt 13\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{73E96487-1792-436B-B788-9AA739FE57C2}] => (Allow) C:\ProgramData\eSafe\eGdpSvc.exe FirewallRules: [TCP Query User{E65C2562-26D6-45F6-BFB7-AA3C81500D9A}C:\windows\quake iii arena\quake3.exe] => (Allow) C:\windows\quake iii arena\quake3.exe FirewallRules: [UDP Query User{9C78BC52-28EC-4AAE-91B7-1FF2900975B4}C:\windows\quake iii arena\quake3.exe] => (Allow) C:\windows\quake iii arena\quake3.exe FirewallRules: [TCP Query User{910315F0-96E8-4D1D-AC26-3DCDA2C30325}C:\users\gg projekt 13\desktop\dokumenty\qmp\bt9\covers\opera.exe] => (Allow) C:\users\gg projekt 13\desktop\dokumenty\qmp\bt9\covers\opera.exe FirewallRules: [UDP Query User{9155A80B-6E20-4834-9C2B-73E230AD84FD}C:\users\gg projekt 13\desktop\dokumenty\qmp\bt9\covers\opera.exe] => (Allow) C:\users\gg projekt 13\desktop\dokumenty\qmp\bt9\covers\opera.exe FirewallRules: [{839CCC4F-63BC-4BC7-AD6E-4D9AA8CDC630}] => (Block) C:\users\gg projekt 13\desktop\dokumenty\qmp\bt9\covers\opera.exe FirewallRules: [{ED62108B-23BA-4821-A30A-8902BD7ED4CA}] => (Block) C:\users\gg projekt 13\desktop\dokumenty\qmp\bt9\covers\opera.exe FirewallRules: [TCP Query User{393CA11B-49BC-4CBF-B39E-2C49B37AA2E0}D:\deutsch, warum nicht\quake iii arena\quake3.exe] => (Block) D:\deutsch, warum nicht\quake iii arena\quake3.exe FirewallRules: [UDP Query User{87A00831-599E-4E93-B2A3-01AED176B593}D:\deutsch, warum nicht\quake iii arena\quake3.exe] => (Block) D:\deutsch, warum nicht\quake iii arena\quake3.exe FirewallRules: [{E62F7CC8-8391-4747-BB9C-4A4122229A34}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{C306D72D-660B-4DFB-AE7B-5F6F9687C61F}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [{404C1FCF-EB89-4CCB-B826-540EB3B0BC92}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCmgrInstallGuide.exe FirewallRules: [{7CAB952A-6371-4559-BDE9-62A4429D7207}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCTray.exe FirewallRules: [{99D8AC64-032B-4EE1-9DDE-38B520A175CE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCMgr.exe FirewallRules: [{EAC2C7F0-2974-4244-985F-F1CC42426986}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCRTP.exe FirewallRules: [{816DDD85-77C1-40A4-9EFB-56AC05DC2693}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMDL.exe FirewallRules: [{87DFF2A1-9013-46BA-B878-9599D095A5B5}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\bugreport.exe FirewallRules: [{72CAA3CC-1CD2-4AFA-AF8A-1CDECD5E3374}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCFileOpen.exe FirewallRules: [{C3E0C8A0-EDD5-4122-9CD4-F0D277898665}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCLeakScan.exe FirewallRules: [{C6F666C3-A319-44D4-8854-445996873C23}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPConfig.exe FirewallRules: [{F402877D-505E-4473-8F39-1CFC2300A455}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCSoftMgr.exe FirewallRules: [{8AE564DF-9002-4E05-983E-247B976D0298}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\plugins\QMNetMon\QQPCNetFlow.exe FirewallRules: [{CFB1AED1-63A3-402B-AB45-AAA989150D0E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCBTU.exe FirewallRules: [{3C7CF371-B864-4A12-A331-7D21B3A62667}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCClinic.exe FirewallRules: [{2E15F901-A2DF-4357-A03C-E630FB9BC1D0}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCLaunch.exe FirewallRules: [{9AC238E4-39A4-4CD4-87F8-0BB07F705E71}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMUpdate\QQPCMgrUpdate.exe FirewallRules: [{4BBAC832-9CE5-4E1C-8D72-B6E2967D1FAF}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCSoftGame.exe FirewallRules: [{4C6401A8-24DB-4FA7-99CE-20B71057E44E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCSysOptimize.exe FirewallRules: [{675635F1-0021-43AE-8986-35D3005696BB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCUpdateAVLib.exe FirewallRules: [{4BA86918-0D52-40B3-A5C5-1B8CCE4DF9C6}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQRepair.exe FirewallRules: [{B4A0F7EF-7E08-4115-9468-5B9EFDB0DEF2}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\Uninst.exe FirewallRules: [{18BE2C50-D5CD-44C0-9B42-F7FDFABB7AB1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QQPCPatch.exe FirewallRules: [{7996C156-2F81-427E-88B1-2856C5A43C6F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\TpkUpdate.exe FirewallRules: [{869572EC-506B-4F0D-B5DE-E1C9FD8A5800}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMRouterMgr.exe FirewallRules: [{3958B364-93A5-4125-85BF-AC6FF887E95A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.9.16349.225\QMAccountProtection.exe ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: aksdf Description: aksdf Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: aksdf Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (05/23/2015 10:11:14 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/23/2015 09:59:50 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\wbem\wmiprvse.exe; Opis = ComboFix created restore point; Błąd = 0x8007043c). Error: (05/23/2015 09:59:50 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym . Operacja: Tworzenie wystąpienia serwera VSS Error: (05/23/2015 09:59:50 AM) (Source: VSS) (EventID: 18) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: W trybie awaryjnym nie można uruchomić serwera usługi COM z identyfikatorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} i nazwą IVssCoordinatorEx2. W trybie awaryjnym nie można uruchomić Usługi kopiowania woluminów w tle. [0x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym ] Operacja: Tworzenie wystąpienia serwera VSS Error: (05/23/2015 09:59:13 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/23/2015 09:53:19 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/23/2015 09:38:22 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/23/2015 09:32:03 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/23/2015 09:30:36 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Nie można utworzyć punktu przywracania (Proces = C:\Windows\system32\svchost.exe -k netsvcs; Opis = Windows Update; Błąd = 0x80042302). Error: (05/23/2015 09:30:36 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Błąd Usługi kopiowania woluminów w tle: nieoczekiwany błąd podczas wywoływania procedury CoCreateInstance. hr = 0x80070422, Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia. . System errors: ============= Error: (05/23/2015 10:12:33 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {682159D9-C321-47CA-B3F1-30E36B2EC8B9} Error: (05/23/2015 10:12:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi NVIDIA Update Service Daemon z powodu następującego błędu: %%1069 Error: (05/23/2015 10:12:06 AM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Usługa nvUpdatusService nie może zalogować się jako .\UpdatusUser za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%1330 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error: (05/23/2015 10:10:05 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego: VirtDiskBus Error: (05/23/2015 10:10:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Util Web Amplified z powodu następującego błędu: %%2 Error: (05/23/2015 10:10:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Update Web Amplified z powodu następującego błędu: %%2 Error: (05/23/2015 10:10:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi DgiVecp z powodu następującego błędu: %%20 Error: (05/23/2015 10:10:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi aksdf z powodu następującego błędu: %%577 Error: (05/23/2015 10:10:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą LibraryApps. Error: (05/23/2015 10:08:29 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Usługa listy sieci zależy od usługi Rozpoznawanie lokalizacji w sieci, której nie można uruchomić z powodu następującego błędu: %%1068 Microsoft Office: ========================= Error: (05/23/2015 10:11:14 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/23/2015 09:59:50 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\Windows\system32\wbem\wmiprvse.exeComboFix created restore point0x8007043c Error: (05/23/2015 09:59:50 AM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym Operacja: Tworzenie wystąpienia serwera VSS Error: (05/23/2015 09:59:50 AM) (Source: VSS) (EventID: 18) (User: ) Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x8007043c, Tej usługi nie można uruchomić w trybie awaryjnym Operacja: Tworzenie wystąpienia serwera VSS Error: (05/23/2015 09:59:13 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/23/2015 09:53:19 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/23/2015 09:38:22 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/23/2015 09:32:03 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/23/2015 09:30:36 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x80042302 Error: (05/23/2015 09:30:36 AM) (Source: VSS) (EventID: 8193) (User: ) Description: CoCreateInstance0x80070422, Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia. CodeIntegrity Errors: =================================== Date: 2015-05-23 10:10:02.611 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\aksdf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-23 10:10:02.580 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\aksdf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-23 10:06:06.131 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-23 10:06:06.100 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-23 09:52:13.554 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\aksdf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-23 09:52:13.507 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\aksdf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-23 09:31:56.470 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\aksdf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-23 09:31:56.439 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\aksdf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-23 08:19:54.648 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\aksdf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-05-23 08:19:54.608 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\aksdf.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz Percentage of memory in use: 30% Total physical RAM: 8153.4 MB Available physical RAM: 5682.46 MB Total Pagefile: 16305.01 MB Available Pagefile: 13229.91 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:123.96 GB) (Free:43.92 GB) NTFS Drive d: () (Fixed) (Total:146.39 GB) (Free:111.44 GB) NTFS Drive e: () (Fixed) (Total:195.31 GB) (Free:195.22 GB) NTFS Drive g: (USB DISK) (Removable) (Total:14.92 GB) (Free:9.86 GB) FAT32 Drive h: () (Removable) (Total:3.73 GB) (Free:3.23 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5027CDEA) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=146.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=124 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 14.9 GB) (Disk ID: F7E6FEB2) Partition 1: (Not Active) - (Size=14.9 GB) - (Type=0C) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=3.7 GB) - (Type=0B) ==================== End of log ============================