Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015 Ran by cfirek at 2015-06-14 10:42:02 Running from D:\download Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2600933460-2923366163-2236149894-500 - Administrator - Disabled) cfirek (S-1-5-21-2600933460-2923366163-2236149894-1000 - Administrator - Enabled) => C:\Users\cfirek Gość (S-1-5-21-2600933460-2923366163-2236149894-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886} AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - ) µTorrent (HKU\S-1-5-21-2600933460-2923366163-2236149894-1000\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.) abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version: - ) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated) AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1492, 24.04.2015 - AIMP DevTeam) Apple Mobile Device Support (HKLM\...\{9B3B4129-220E-42C7-9C5B-91C65E0885B4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.7.0 - Asmedia Technology) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.35 - Atheros Communications Inc.) AutoCAD 2015 — Polski (Polish) (Version: 20.0.210.0 - Autodesk) Hidden AutoCAD 2015 — Polski (Polish) (Version: 20.0.51.0 - Autodesk) Hidden AutoCAD 2015 Language Pack – Polski (Polish) (Version: 20.0.51.0 - Autodesk) Hidden Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk) Autodesk AutoCAD 2015 — Polski (Polish) (HKLM\...\AutoCAD 2015 — Polski (Polish)) (Version: 20.0.51.0 - Autodesk) Autodesk AutoCAD 2015 — Polski (Polish) SP2 (HKLM\...\AutoCAD 2015 — Polski (Polish) SP2) (Version: 20.0.210.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk) Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk) Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk) Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden Autodesk Featured Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk) Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.41.3.0173 - DT Soft Ltd) DFX for AIMP2 1.2.5 (HKLM-x32\...\DFX for AIMP2 1.2.5) (Version: - ) FTPRush 1.0.0.617 Unicode (HKLM-x32\...\FTPRush_is1) (Version: 1.0.0.617 - TianHong.NC China) GG (HKU\S-1-5-21-2600933460-2923366163-2236149894-1000\...\GG) (Version: 12 - GG Network S.A.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) iTunes (HKLM\...\{C36440D2-5DBE-4F20-8D39-39D83FDBBE4E}) (Version: 12.1.1.4 - Apple Inc.) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 37.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 pl)) (Version: 37.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden NetLimiter 3 (HKLM\...\{913923AB-3AAB-4870-8910-627C4CD82789}) (Version: 3.0.0.11 - Locktime Software s.r.o.) Obsługa programów Apple (32-bitowa) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge) PDF-XChange Viewer (HKLM\...\{9ED333F8-3E6C-4A38-BAFA-728454121CDA}) (Version: 2.5.310.0 - Tracker Software Products (Canada) Ltd.) Polski pakiet językowy dla narzędzi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PLK) (Version: 10.0.50903 - Microsoft Corporation) Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version: - Daum Communications Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6265 - Realtek Semiconductor Corp.) SketchUp Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk) SoulseekQt (HKLM-x32\...\SoulseekQt) (Version: - ) Subtitle Edit 3.3.7 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.3.7.1971 - Nikse) SuperMemo UX - Angielski. No problem!+ 1 (HKLM-x32\...\SuperMemo UX - Angielski. No problem!+ 1) (Version: - ) System Requirements Lab CYRI (HKLM-x32\...\{1110A014-1471-4B66-BFDC-E8EED120CC59}) (Version: 6.0.20.0 - Husdawg, LLC) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{CF394926-359E-48E1-AA25-E56B32FCB335}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054791) 64-Bit Edition (HKLM\...\{90150000-012B-0415-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}) (Version: - Microsoft) WhereIsIt? 2010 (HKLM-x32\...\whereisit-wii_is1) (Version: 2010 - Robert Galle) WinRAR 5.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2600933460-2923366163-2236149894-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2600933460-2923366163-2236149894-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2600933460-2923366163-2236149894-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\pl-PL\acadficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2600933460-2923366163-2236149894-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\cfirek\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Restore Points ========================= ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0EC0341C-9461-4FE9-AC51-C05DAABB51A6} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation) Task: {1A2A368C-7717-4F7D-B5CE-6970AF14F5FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.) Task: {1EF42BB1-F7B1-4992-B819-2EF03839DE1F} - System32\Tasks\{DF7D6369-E4F3-4A4F-B2D5-7BDC63E3EDB7} => C:\Program Files\Office 2013 KMS Activator Ultimate v1.4\Office 2013 KMS Activator Ultimate v1.4.exe Task: {4B91F9C4-F184-4815-80D4-E59A2C38713D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {7BB3F0D8-DA9A-45AC-9A3F-98494CE52E06} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {90AF88A9-7499-4423-9164-E285BC8008E3} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION Task: {9B28494C-8CE3-4868-A504-52BEABA9D758} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation) Task: {9D6782B3-0208-49CC-8A05-1E430D8667D3} - System32\Tasks\{868AD71C-CDA7-40CC-9CFE-A82B65823028} => C:\Program Files\Office 2013 KMS Activator Ultimate v1.4\Office 2013 KMS Activator Ultimate v1.4.exe Task: {A10E8C04-217D-4AC2-B48F-0746E300E86C} - System32\Tasks\{96420035-26FD-44D2-8C94-A3D141E7557B} => pcalua.exe -a "C:\Program Files (x86)\Picexa\uninstall.exe" Task: {C48C35A0-710C-461A-9AFB-C36C88147DFC} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: {C603455D-1C9B-4601-A387-21C4123D03F8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {C8F1812F-58A8-4D26-BE50-B63B02CF9ED7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {CC0D4FDA-D97C-4C88-9D40-E4F1089FDBF7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {E3EE1B2C-C53B-471F-9E65-E7C9D8CDAEE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.) Task: {E44F6A46-E960-4CCF-8216-5F38EA612D30} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-10] (Adobe Systems Incorporated) Task: {F9AC2520-9A16-40D4-9E7C-2DB5B99B21A9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2011-03-21 16:19 - 2011-03-21 16:19 - 00053248 _____ () C:\Program Files\NetLimiter 3\nlsvcPS.dll 2015-04-30 09:30 - 2015-04-30 09:30 - 00158816 _____ () C:\Program Files (x86)\XTab\ProtectService.exe 2014-10-18 07:11 - 2012-05-23 08:00 - 00150392 _____ () C:\Program Files\totalcmd\wcmzip64.dll 2014-10-18 07:11 - 2012-05-23 08:00 - 00201216 _____ () C:\Program Files\totalcmd\unRAR64.dll 2014-10-18 10:43 - 2013-12-22 08:22 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2014-10-18 10:43 - 2013-12-22 08:22 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll 2015-05-29 18:52 - 2015-05-29 18:52 - 01020928 _____ () C:\Users\cfirek\AppData\Roaming\Mozilla\Firefox\Profiles\edgsez7u.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll 2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll 2014-04-20 01:42 - 2014-10-18 10:58 - 00642344 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll 2014-04-20 01:42 - 2014-04-20 01:42 - 00347328 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com\nponlinebanking.dll 2015-05-19 04:57 - 2015-05-19 04:57 - 16867504 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll 2015-05-09 11:59 - 2015-05-09 11:59 - 00218112 _____ () C:\Program Files (x86)\AIMP3\System\libsoxr.dll 2015-05-09 11:59 - 2015-05-09 11:59 - 00467968 _____ () C:\Program Files (x86)\AIMP3\System\Encoders\libFLAC.dll 2015-05-09 11:59 - 2015-05-09 11:59 - 01733120 _____ () C:\Program Files (x86)\AIMP3\System\Encoders\aimp_libvorbis.dll 2015-05-09 11:59 - 2015-05-09 11:59 - 00059976 _____ () C:\Program Files (x86)\AIMP3\Plugins\aimp_AnalogMeter\aimp_AnalogMeter.dll 2015-05-09 11:59 - 2015-05-09 11:59 - 00160840 _____ () C:\Program Files (x86)\AIMP3\Plugins\aimp_cdda\aimp_cdda.dll 2015-05-09 11:59 - 2015-05-09 11:59 - 00159232 _____ () C:\Program Files (x86)\AIMP3\Plugins\aimp_sacd\libsacd.dll 2015-05-09 11:59 - 2015-05-09 11:59 - 00026624 _____ () C:\Program Files (x86)\AIMP3\Plugins\Aorta\Aorta.dll 2015-05-09 11:59 - 2015-05-09 11:59 - 00237568 _____ () C:\Program Files (x86)\AIMP3\Plugins\OptimFROG\OptimFROG.dll 2015-05-09 11:59 - 2015-05-09 11:59 - 00152648 _____ () C:\Program Files (x86)\AIMP3\Plugins\PandemicAnalogMeter\PandemicAnalogMeter.dll 2015-03-29 19:54 - 2014-11-29 14:06 - 00204288 _____ () C:\Program Files (x86)\mIRC\fish_inject.dll 2015-03-29 19:54 - 2014-11-29 14:06 - 00180224 _____ () C:\Program Files (x86)\mIRC\fish_10.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2600933460-2923366163-2236149894-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: GG => "C:\Users\cfirek\AppData\Local\GG\Application\gghub.exe" MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: Napisy24.pl => "C:\Program Files (x86)\Napisy24\Napisy24.exe" AutoStart MSCONFIG\startupreg: Napisy24Update => "C:\Program Files (x86)\Napisy24\Napisy24Update.exe" "sleep" MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{CEAEBEC7-0B03-4377-8961-91851E2E4E3F}] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe FirewallRules: [{B24014EB-7F8A-4915-9CAE-6EC7A2F81B87}] => (Allow) LPort=50248 FirewallRules: [{FFFB337D-6B8A-4750-903A-CBACC879BD01}] => (Allow) C:\Users\cfirek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{323AFE4F-2762-45C7-B43B-BDA759A02067}] => (Allow) C:\Users\cfirek\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F76764EA-CD57-4560-A310-6DD7005B7BF5}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{7D0E5FCF-7DBA-469B-B511-7BB42013EB02}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe FirewallRules: [{F1787394-BD5A-4117-A991-217D9094F0CF}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{C69002B1-3E56-45FE-9D40-11A381C360C6}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{80A4A8FF-8600-414E-9B04-3C7800F84961}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe FirewallRules: [UDP Query User{B6495BD4-C1BD-4B40-A69D-0339174988AE}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe FirewallRules: [{7B2F5660-109E-4509-9FE4-A4C066CEDB38}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{426CD4D0-F137-4D78-AB18-39E9DCA6CF8D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{FD792F1A-D3FD-476F-A7F0-8AE6E775119A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{C8DFD066-A436-4E48-BD6E-816BC80249FB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{556F96E9-C09A-4DAB-A658-FA78BEBC949C}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe FirewallRules: [UDP Query User{863F8639-486C-4028-AC6F-B4B516D9509C}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe FirewallRules: [{D336E325-F071-465E-A675-18DED7C4C9FE}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe FirewallRules: [TCP Query User{D63A6E9A-9BB5-40F6-A514-A716DBC6EA7D}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe FirewallRules: [UDP Query User{A58006EA-3878-416D-8F75-97623F7233F1}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe FirewallRules: [{D3AAFB54-EB77-4D05-97B1-EBC03887018F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{2FE9735E-777A-4296-8791-94F406F70191}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{6F3E6513-F708-43DD-A354-E4308C581437}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{74B20159-B0BE-4512-BBDC-84736A9DBF8F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{BB96FF3F-C14D-4163-9A09-B4C848CE4084}] => (Allow) LPort=1688 FirewallRules: [{D879D551-5F5E-4016-9439-726E17952649}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{C53B13D2-7177-48F5-9378-6DF0EC91F420}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{06F63266-C3D1-4F34-8267-EAF0C85F7308}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{521A4D25-9B2F-48C7-B2C2-434CACEE621D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{B79EAB96-6512-4C11-8372-8F67133C0838}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{5EA6EF0C-5D74-491A-8158-55351C33380F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{FE2ABC5B-A3B6-481D-AB37-54F6B11BFB02}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/14/2015 10:12:23 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/12/2015 09:15:07 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/12/2015 01:39:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/12/2015 05:24:53 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/11/2015 07:35:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/11/2015 02:21:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/11/2015 05:34:56 AM) (Source: MsiInstaller) (EventID: 1024) (User: ZARZĄDZANIE NT) Description: Produkt: Microsoft Outlook MUI (Polish) 2013 - nie można zainstalować aktualizacji 'Update for Microsoft Outlook 2013 (KB3054855) 64-Bit Edition'. Kod błędu 1603. Instalator Windows może tworzyć dzienniki, aby ułatwić rozwiązywanie problemów z instalowaniem pakietów oprogramowania. Użyj następującego łącza, aby uzyskać instrukcje dotyczące włączania obsługi rejestrowania: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (06/11/2015 05:34:55 AM) (Source: MsiInstaller) (EventID: 11307) (User: ZARZĄDZANIE NT) Description: Produkt: Microsoft Outlook MUI (Polish) 2013 — Błąd 1307. Za mało miejsca na dysku, aby zainstalować plik: C:\Windows\Installer\2ff9b2.msp. Zwolnij trochę miejsca na dysku i kliknij przycisk Ponów próbę albo kliknij przycisk Anuluj, aby zakończyć instalację. Error: (06/11/2015 05:34:14 AM) (Source: MsiInstaller) (EventID: 1024) (User: ZARZĄDZANIE NT) Description: Produkt: Microsoft Excel MUI (Polish) 2013 - nie można zainstalować aktualizacji 'Update for Microsoft Excel 2013 (KB3054794) 64-Bit Edition'. Kod błędu 1603. Instalator Windows może tworzyć dzienniki, aby ułatwić rozwiązywanie problemów z instalowaniem pakietów oprogramowania. Użyj następującego łącza, aby uzyskać instrukcje dotyczące włączania obsługi rejestrowania: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (06/11/2015 05:34:13 AM) (Source: MsiInstaller) (EventID: 11307) (User: ZARZĄDZANIE NT) Description: Produkt: Microsoft Excel MUI (Polish) 2013 — Błąd 1307. Za mało miejsca na dysku, aby zainstalować plik: C:\Windows\Installer\2ff990.msp. Zwolnij trochę miejsca na dysku i kliknij przycisk Ponów próbę albo kliknij przycisk Anuluj, aby zakończyć instalację. System errors: ============= Error: (06/13/2015 01:33:31 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (06/12/2015 07:36:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Host urządzenia UPnP z powodu następującego błędu: %%1069 Error: (06/12/2015 07:36:52 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Usługa upnphost nie może zalogować się jako NT AUTHORITY\LocalService za pomocą obecnie skonfigurowanego hasła z powodu następującego błędu: %%1352 Aby upewnić się, że usługa jest skonfigurowana prawidłowo, użyj przystawki Usługi w programie Microsoft Management Console (MMC). Error: (06/12/2015 07:36:52 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1069upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56} Error: (06/11/2015 05:16:34 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (06/11/2015 05:13:45 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (06/11/2015 02:36:34 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Wykonywanie kopii w tle woluminu C: zostało przerwane, ponieważ nie można powiększyć magazynu kopii w tle z powodu limitu wprowadzonego przez użytkownika. Error: (06/11/2015 05:34:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Aktualizacja dla produktu Microsoft Outlook 2013 (KB3054855) Wersja 64-bitowa. Error: (06/11/2015 05:34:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070643: Aktualizacja dla produktu Microsoft Excel 2013 (KB3054794) Wersja 64-bitowa. Error: (06/11/2015 05:34:00 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: ZARZĄDZANIE NT) Description: Instalacja nie powiodła się: system Windows nie mógł zainstalować następującej aktualizacji, ponieważ wystąpił błąd 0x80070663: Aktualizacja dla produktu Microsoft Office 2013 (KB3054853) Wersja 64-bitowa. Microsoft Office: ========================= Error: (06/14/2015 10:12:23 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/12/2015 09:15:07 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/12/2015 01:39:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/12/2015 05:24:53 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/11/2015 07:35:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/11/2015 02:21:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/11/2015 05:34:56 AM) (Source: MsiInstaller) (EventID: 1024) (User: ZARZĄDZANIE NT) Description: Microsoft Outlook MUI (Polish) 2013Update for Microsoft Outlook 2013 (KB3054855) 64-Bit Edition1603(NULL)(NULL)(NULL) Error: (06/11/2015 05:34:55 AM) (Source: MsiInstaller) (EventID: 11307) (User: ZARZĄDZANIE NT) Description: Produkt: Microsoft Outlook MUI (Polish) 2013 — Błąd 1307. Za mało miejsca na dysku, aby zainstalować plik: C:\Windows\Installer\2ff9b2.msp. Zwolnij trochę miejsca na dysku i kliknij przycisk Ponów próbę albo kliknij przycisk Anuluj, aby zakończyć instalację.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (06/11/2015 05:34:14 AM) (Source: MsiInstaller) (EventID: 1024) (User: ZARZĄDZANIE NT) Description: Microsoft Excel MUI (Polish) 2013Update for Microsoft Excel 2013 (KB3054794) 64-Bit Edition1603(NULL)(NULL)(NULL) Error: (06/11/2015 05:34:13 AM) (Source: MsiInstaller) (EventID: 11307) (User: ZARZĄDZANIE NT) Description: Produkt: Microsoft Excel MUI (Polish) 2013 — Błąd 1307. Za mało miejsca na dysku, aby zainstalować plik: C:\Windows\Installer\2ff990.msp. Zwolnij trochę miejsca na dysku i kliknij przycisk Ponów próbę albo kliknij przycisk Anuluj, aby zakończyć instalację.(NULL)(NULL)(NULL)(NULL)(NULL) CodeIntegrity Errors: =================================== Date: 2015-03-11 15:57:53.566 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-11 15:57:53.550 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-11 15:57:53.550 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-11 15:57:53.535 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-11 15:57:53.535 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-11 15:57:53.535 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-10 16:08:57.750 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-10 16:08:57.750 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-10 16:08:57.750 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-10 16:08:57.730 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz Percentage of memory in use: 48% Total physical RAM: 3815.6 MB Available physical RAM: 1974.82 MB Total Pagefile: 6004.53 MB Available Pagefile: 3694.96 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:81.52 GB) (Free:0.83 GB) NTFS Drive d: (Nowy) (Fixed) (Total:849.9 GB) (Free:8.15 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 52BD0013) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=81.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=849.9 GB) - (Type=07 NTFS) ==================== End of log ============================