Additional scan result of Farbar Recovery Scan Tool (x86) Version:11-08-2015 02 Ran by Ja (2015-08-12 10:33:18) Running from C:\Users\Ja\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-70149214-1339082029-3386996294-500 - Administrator - Disabled) Gość (S-1-5-21-70149214-1339082029-3386996294-501 - Limited - Disabled) Ja (S-1-5-21-70149214-1339082029-3386996294-1000 - Administrator - Enabled) => C:\Users\Ja ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) "Nero SoundTrax Help (Version: 4.0.15.0 - Nero AG) Hidden µTorrent (HKLM\...\uTorrent) (Version: 3.3.0.29677 - BitTorrent Inc.) µTorrent (HKU\S-1-5-21-70149214-1339082029-3386996294-1000\...\uTorrent) (Version: 3.4.1.30888 - BitTorrent Inc.) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Photoshop CS3 (HKLM\...\Adobe_678cd98c8365a5647f9a2e539d120a8) (Version: 10.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.15) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.15 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.) Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0415-0000-0000000FF1CE}_HOMESTUDENTR_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0415-0000-0000000FF1CE}_HOMESTUDENTR_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0415-0000-0000000FF1CE}_HOMESTUDENTR_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) AMD Catalyst Install Manager (HKLM\...\{1F897E00-83A6-4133-54E1-58F8D35E61C2}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.) Any Video Converter 3.1.0 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com) Application Profiles (HKLM\...\{05696DBC-59F4-C274-F175-1E7546F05995}) (Version: 2.0.4441.36343 - Advanced Micro Devices, Inc.) ASUSUpdate (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: - ) ATI AVIVO Codecs (Version: 10.10.0.41001 - ATI Technologies Inc.) Hidden ATI Problem Report Wizard (Version: 3.0.745.0 - ATI Technologies) Hidden AVI ReComp 1.5.0 (HKLM\...\AVI ReComp) (Version: 1.5.0 - Mateusz Gola (aka Prozac)) AviSynth 2.5 (HKLM\...\AviSynth) (Version: 2.6.0.2 - GPL Public release.) AVS Video Editor 6 (HKLM\...\AVS Video Editor_is1) (Version: 6.4.1.240 - Online Media Technologies Ltd.) Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - ) Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - ) Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: - ) Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version: - ) Canon MG3100 series On-screen Manual (HKLM\...\Canon MG3100 series On-screen Manual) (Version: - ) Canon MP Navigator EX 5.0 (HKLM\...\MP Navigator EX 5.0) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform) ChomikBox (HKLM\...\{26050F54-3928-4D9C-849A-C48A9E831E6F}) (Version: 2.0.5.0 - Chomikuj.pl) DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC) DolbyFiles (Version: 2.0 - Nero AG) Hidden EVEREST Ultimate Edition v5.50 (HKLM\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.) FARO LS 1.1.406.58 (HKLM\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production) FIFA MANAGER 12 (HKLM\...\FIFA MANAGER 12) (Version: 1.0.0.3 - Electronic Arts) Fraps (remove only) (HKLM\...\Fraps) (Version: - ) GIMP 2.6.7 (HKLM\...\WinGimp-2.0_is1) (Version: - ) GoGear SA19xx Device Manager (HKLM\...\{CF35000B-8247-449B-85C9-D9C2A5936683}) (Version: 0.1 - PhilipsDM) GoGear SA19xx Device Manager (Version: 0.1 - PhilipsDM) Hidden GoldWave v5.54 (HKLM\...\GoldWave v5.54) (Version: - ) Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden HydraVision (Version: 4.2.114.0 - ATI Technologies Inc.) Hidden ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) K-Lite Mega Codec Pack 10.0.0 (HKLM\...\KLiteCodecPack_is1) (Version: 10.0.0 - ) MegaDownloader 0.92 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 0.92 - Andres_age) Menu Templates - Starter Kit (Version: 9.0.4.0 - Nero AG) Hidden Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE) (Version: - Microsoft Corporation) Movie Templates - Starter Kit (Version: 9.0.4.0 - Nero AG) Hidden Mozilla Firefox 39.0.3 (x86 pl) (HKLM\...\Mozilla Firefox 39.0.3 (x86 pl)) (Version: 39.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 9 (HKLM\...\{76e5d59d-ca7f-467a-b6b2-449e8c0cc4b4}) (Version: - Nero AG) Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) Philips SA43XX Device Manager (HKLM\...\{AC0CD083-081F-4CB2-88AA-CC5CF2598484}) (Version: 17.000.0.0 - Philips) Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Podatnik.info PIT pro 2013 wersja 2.0.19.29343 (HKLM\...\{B239B43B-3E99-40B0-80BF-1B1BCA868D4E}_is1) (Version: 2.0.19.29343 - Podatnik.info Sp. z o.o.) Pro Evolution Soccer 2012 (HKLM\...\{E737A098-F161-4B6F-AF22-86AAE34F6FBD}) (Version: 1.03.0000 - KONAMI) RapidDrive (HKLM\...\{C0260D66-3F93-4A47-B94C-30AB8D175FEE}) (Version: 1.0.68 - RAPIDSHARE AG) RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks) Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Rejestracja użytkownika drukarki Canon MG3100 series (HKLM\...\Rejestracja użytkownika drukarki Canon MG3100 series) (Version: - ) SA21xx Device Manager (HKLM\...\{45375017-B0F8-44EA-9D5B-2DCE7C84FFC2}) (Version: 1.0 - Philips) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.450.0 - SAMSUNG Electronics Co., Ltd.) Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.7.8524 - Skype Technologies S.A.) Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) SMAC 2.0 (HKLM\...\SMAC 2.0) (Version: - ) SoundTrax (Version: 4.0.18.0 - Nero AG) Hidden swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) UsbFix By El Desaparecido (HKLM\...\Usbfix) (Version: - El Desaparecido - www.usbfix.net) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden VIA Platforma Menedżera urządzeń (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= Check "winmgmt" service or repair WMI. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-05-12 18:24 - 2015-07-19 20:21 - 00000787 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 WWW.bet365.com 127.0.0.1 bet365.com ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1866D2A5-5E61-4097-9D0A-E4B1454BB76E} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation) Task: {1DA5EFBF-EA8B-4524-B765-C852458A30B9} - System32\Tasks\{F1EE77D7-94D4-48C7-ADFB-637152AF86A9} => pcalua.exe -a "C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.11.10\GUninstaller.exe" -c -uprtc -aname='Babylon Toolbar' -bname=bbl -key "BabylonToolbar" Task: {223A8EEE-7CF8-46D4-BC6B-4C1BD6CCC6E5} - System32\Tasks\8a4da2f0-6def-4f34-ab69-a1c786022b55-1-6 => C:\Program Files\SavePass 1.1\8a4da2f0-6def-4f34-ab69-a1c786022b55-1-6.exe <==== ATTENTION Task: {25C3FB87-973A-4198-BA79-67DAF2B4CE28} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Ja => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation) Task: {26284401-4B03-4890-88B0-2BCC4A90691B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-03] (Google Inc.) Task: {28E4A857-1BE3-4A7C-B16A-8B0E991BEB1F} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-70149214-1339082029-3386996294-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {3E737DC4-5013-4AD5-A8AD-6A5932D1B556} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\Ja\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION Task: {537C8414-E145-419C-9672-FFBB1CB681D4} - System32\Tasks\LuckyTab => C:\Program Files\LuckyTab\LuckyTab.exe <==== ATTENTION Task: {67950751-07AF-442E-976C-D13CCC482F12} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {7689C934-A3FB-4125-A5B7-15E7EB27A8DB} - System32\Tasks\{17D1DD41-F79A-47D2-A370-63D3C0350524} => pcalua.exe -a E:\Installer.exe -d E:\ Task: {7897D917-41E9-43F5-8657-A7240F486E03} - System32\Tasks\Inst_Rep => C:\Users\Ja\AppData\Local\Installer\Install_6704\DCytaiesmt_smtyc_setup.exe Task: {78E3ED00-4C80-4735-A869-513EE8B4ACEB} - System32\Tasks\8a4da2f0-6def-4f34-ab69-a1c786022b55-5_user => C:\Program Files\SavePass 1.1\8a4da2f0-6def-4f34-ab69-a1c786022b55-5.exe <==== ATTENTION Task: {7B039CF8-E151-43B3-A71E-6A97ACF9F648} - System32\Tasks\8a4da2f0-6def-4f34-ab69-a1c786022b55-1-7 => C:\Program Files\SavePass 1.1\8a4da2f0-6def-4f34-ab69-a1c786022b55-1-7.exe <==== ATTENTION Task: {7B92C51E-3B4A-4ACA-BDF6-9A08B401B8C5} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: {81A4739F-CB7C-4948-AEDD-2D6A7600A185} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd) Task: {83CA9A64-0FF0-4003-94FC-FC5AE3159419} - System32\Tasks\8a4da2f0-6def-4f34-ab69-a1c786022b55-10_user => C:\Program Files\SavePass 1.1\8a4da2f0-6def-4f34-ab69-a1c786022b55-10.exe <==== ATTENTION Task: {8996799E-919E-4898-9391-F74D87649C5A} - System32\Tasks\{328DDE31-E18D-4CD1-B892-063355CC970D} => pcalua.exe -a "C:\Program Files\Babylon\Babylon-Pro\Utils\uninstbb.exe" Task: {8A864F9A-5299-41A5-811D-4ADF4433EBD8} - System32\Tasks\8a4da2f0-6def-4f34-ab69-a1c786022b55-5 => C:\Program Files\SavePass 1.1\8a4da2f0-6def-4f34-ab69-a1c786022b55-5.exe <==== ATTENTION Task: {93E3ED32-27DD-4138-ABFE-D83659B5B418} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-70149214-1339082029-3386996294-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {964ADD99-A19F-4FCB-8AA4-E5329E5360F1} - System32\Tasks\{671AD4EF-DE96-42FC-82DC-18E4BB7B1D65} => pcalua.exe -a "C:\Users\Public\Sony Online Entertainment\Installed Games\DC Universe Online Live\uninstaller.exe" Task: {B94702EE-3DB2-4CB7-8088-78BB76144D3E} - System32\Tasks\Periodic Synchronize Task => c:\programdata\{1bc1ea52-93bf-5c1a-1bc1-1ea5293ba94a}\hqghumeaylnlf.exe <==== ATTENTION Task: {BA1B609C-ED6A-4B4D-BA3F-9ACC17A43DDB} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: {C15C604E-0715-4F12-849D-75BF378FF399} - System32\Tasks\8a4da2f0-6def-4f34-ab69-a1c786022b55-4 => C:\Program Files\SavePass 1.1\8a4da2f0-6def-4f34-ab69-a1c786022b55-4.exe <==== ATTENTION Task: {CF6C25B9-C7F9-486C-9CE0-788A1D464AD6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated) Task: {D048229C-3ECC-4638-AC92-A84473E3B2F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-03] (Google Inc.) Task: {D08E2DEF-05A0-4C1B-AC6E-6C362BC09330} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {D5BC1A4E-754E-404E-833D-93F9EA5824CD} - System32\Tasks\{736C9CFC-26EE-4665-B700-4C692D01F765} => pcalua.exe -a "C:\Program Files\Real\RealPlayer\Update\r1puninst.exe" -c RealNetworks|RealPlayer|12.0 Task: {E5F14546-6E35-4640-B019-B13A9FBB53D9} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-70149214-1339082029-3386996294-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {FCAAAADD-B204-4B1F-9900-68F1689C5082} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-70149214-1339082029-3386996294-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.) Task: {FE81E0EA-BE4A-4818-842D-CAB241D7C5C0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-70149214-1339082029-3386996294-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\8a4da2f0-6def-4f34-ab69-a1c786022b55-1-6.job => C:\Program Files\SavePass 1.1\8a4da2f0-6def-4f34-ab69-a1c786022b55-1-6.exe <==== ATTENTION Task: C:\Windows\Tasks\8a4da2f0-6def-4f34-ab69-a1c786022b55-1-7.job => C:\Program Files\SavePass 1.1\8a4da2f0-6def-4f34-ab69-a1c786022b55-1-7.exe <==== ATTENTION Task: C:\Windows\Tasks\8a4da2f0-6def-4f34-ab69-a1c786022b55-10_user.job => C:\Program Files\SavePass 1.1\8a4da2f0-6def-4f34-ab69-a1c786022b55-10.exe <==== ATTENTION Task: C:\Windows\Tasks\8a4da2f0-6def-4f34-ab69-a1c786022b55-4.job => C:\Program Files\SavePass 1.1\8a4da2f0-6def-4f34-ab69-a1c786022b55-4.exe <==== ATTENTION Task: C:\Windows\Tasks\8a4da2f0-6def-4f34-ab69-a1c786022b55-5.job => C:\Program Files\SavePass 1.1\8a4da2f0-6def-4f34-ab69-a1c786022b55-5.exe <==== ATTENTION Task: C:\Windows\Tasks\8a4da2f0-6def-4f34-ab69-a1c786022b55-5_user.job => C:\Program Files\SavePass 1.1\8a4da2f0-6def-4f34-ab69-a1c786022b55-5.exe <==== ATTENTION Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Periodic Synchronize Task.job => c:\programdata\{1bc1ea52-93bf-5c1a-1bc1-1ea5293ba94a}\hqghumeaylnlf.exe <==== ATTENTION ==================== Loaded Modules (Whitelisted) ============== 2011-05-25 04:24 - 2011-05-25 04:24 - 00037376 _____ () C:\Windows\system32\atitmpxx.dll 2014-02-25 18:01 - 2011-02-07 09:56 - 00138192 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE 2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe 2010-07-04 23:32 - 2010-07-04 23:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2013-08-30 02:50 - 2013-03-25 10:57 - 00153088 _____ () C:\Windows\System32\WSCM32.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:373E1720 AlternateDataStreams: C:\ProgramData\TEMP:538DC028 ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-70149214-1339082029-3386996294-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ja\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg DNS Servers: 217.172.224.160 - 89.231.1.206 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: PhilipsDM => C:\Program Files\Philips\SA43xx\Philips Device Manager\Bin\LaunchDM.exe OS_STARTUP MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{22F7C638-EB40-4D3B-89E8-EF177CFF92F9}] => (Allow) C:\Users\Ja\Desktop\Programy\Programy\utorrent.exe FirewallRules: [{AA947264-FC94-450D-A50D-C12CF9B0D3CD}] => (Allow) C:\Users\Ja\Desktop\Programy\Programy\utorrent.exe FirewallRules: [{12B0C038-5E11-4ACC-B733-585780EE2547}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2012\pes2012.exe FirewallRules: [{4CEE3C65-37F3-48CB-B8D5-8B610CEDC98C}] => (Allow) C:\Program Files\KONAMI\Pro Evolution Soccer 2012\pes2012.exe FirewallRules: [{66732E93-28F3-4428-8B71-513DC93D4CC2}] => (Allow) C:\Users\Ja\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{52F13D7C-210B-4911-ABDA-04860FFDAD24}] => (Allow) C:\Users\Ja\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{D05F93EC-CBDE-42F8-A2F6-78E1FB59F929}C:\users\ja\desktop\programy\programy\utorrent.exe] => (Allow) C:\users\ja\desktop\programy\programy\utorrent.exe FirewallRules: [UDP Query User{1F68392E-38CB-4AFA-A844-181DA99D157B}C:\users\ja\desktop\programy\programy\utorrent.exe] => (Allow) C:\users\ja\desktop\programy\programy\utorrent.exe FirewallRules: [{B2A1A16D-D8DE-4005-99CA-CDBAC8F8F9A9}] => (Allow) C:\Users\Ja\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F9EA3F8C-D986-4102-A8A2-9D72B4199CAC}] => (Allow) C:\Users\Ja\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{88C2422C-A55D-4111-87A6-69789DEE6D58}C:\program files\skype\phone\skype.exe] => (Block) C:\program files\skype\phone\skype.exe FirewallRules: [UDP Query User{FB923955-E872-4856-9068-9C8CF9F99334}C:\program files\skype\phone\skype.exe] => (Block) C:\program files\skype\phone\skype.exe FirewallRules: [{34BA6F95-C34C-42BA-A3A2-E4FA3E64171D}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{5B83EBFD-5F58-416D-9293-B9D9C3040CA9}C:\program files\konami\pro evolution soccer 2012\t-mobile.exe] => (Allow) C:\program files\konami\pro evolution soccer 2012\t-mobile.exe FirewallRules: [UDP Query User{879F7886-5A7F-40D2-B333-9D0FE5F3E8F8}C:\program files\konami\pro evolution soccer 2012\t-mobile.exe] => (Allow) C:\program files\konami\pro evolution soccer 2012\t-mobile.exe FirewallRules: [{DCD59C3A-5A5C-4CC6-B70B-2E02C9DAB3DC}] => (Allow) C:\Program Files\7-Zip\7zFM.exe FirewallRules: [{8A48A955-61DF-4E8A-8EB8-68DD01387DCA}] => (Allow) C:\Program Files\7-Zip\7zFM.exe FirewallRules: [{C527A3E3-C6D2-4779-96AF-BC5A577E6500}] => (Allow) C:\Users\Ja\Documents\NeroVision\ImportedVideo\Combatarms_eu.exe FirewallRules: [{DD7ECDAB-5A49-4B39-AF85-495473543E6D}] => (Allow) C:\Users\Ja\Documents\NeroVision\ImportedVideo\Combatarms_eu.exe FirewallRules: [{A934377F-2E38-461A-80E4-4DDE63889FAE}] => (Allow) C:\Users\Ja\Documents\NeroVision\ImportedVideo\Combatarms_eu (2).exe FirewallRules: [{EF6A9FB7-37E2-46BA-BEE3-9833FFB8A896}] => (Allow) C:\Users\Ja\Documents\NeroVision\ImportedVideo\Combatarms_eu (2).exe FirewallRules: [{BC6B898D-8704-4122-917F-EBF0E83C01E1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{569A320B-3292-4FEE-99B7-488D5AC6DA37}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{431386D7-F494-4D7F-B004-7D9592CE010F}] => (Allow) LPort=1900 FirewallRules: [{78122D22-1717-455F-BC96-6860D0B8680D}] => (Allow) LPort=2869 DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => :*Enabled:CombatArms.exe DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => :*Enabled:CombatArms.exe StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe StandardProfile\AuthorizedApplications: [C:\Windows\system32\svchost.exe] => Enabled:Microsoft Office ==================== Faulty Device Manager Devices ============= Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (08/12/2015 10:22:30 AM) (Source: SecurityCenter) (EventID: 3) (User: ) Description: Usługa Centrum zabezpieczeń systemu Windows nie może ustanowić kwerend dotyczących zdarzeń z usługi WMI, aby monitorować program antywirusowy, program antyszpiegowski i zaporę innej firmy. Error: (08/12/2015 10:14:50 AM) (Source: .NET Runtime) (EventID: 1022) (User: ) Description: .NET Runtime version 4.0.30319.34209 - Wystąpił błąd podczas inicjacji infrastruktury dołączania interfejsu API profilowania. Ten proces nie zezwoli na dołączenie profilera. HRESULT: 0x80004005. Identyfikator procesu (liczba dziesiętna): 3048. Identyfikator komunikatu: [0x2509]. Error: (08/12/2015 10:08:34 AM) (Source: SecurityCenter) (EventID: 3) (User: ) Description: Usługa Centrum zabezpieczeń systemu Windows nie może ustanowić kwerend dotyczących zdarzeń z usługi WMI, aby monitorować program antywirusowy, program antyszpiegowski i zaporę innej firmy. Error: (08/12/2015 09:36:28 AM) (Source: SecurityCenter) (EventID: 3) (User: ) Description: Usługa Centrum zabezpieczeń systemu Windows nie może ustanowić kwerend dotyczących zdarzeń z usługi WMI, aby monitorować program antywirusowy, program antyszpiegowski i zaporę innej firmy. Error: (08/12/2015 01:29:42 AM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (08/12/2015 01:29:42 AM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (08/12/2015 01:29:42 AM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (08/12/2015 01:29:42 AM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (08/12/2015 01:29:42 AM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) Error: (08/12/2015 01:29:42 AM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Nie można zaktualizować pozycji na mapie mieszania. Kontekst: aplikacja , wykaz SystemIndex Szczegóły: Urządzenie podłączone do komputera nie działa. (0x8007001f) System errors: ============= Error: (08/12/2015 10:21:45 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: F06DEFF2-5B9C-490D-910F-35D3A91196222 i8042prt innfd_1_10_0_13 innfd_1_10_0_14 Error: (08/12/2015 10:21:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: SafetyNut Manager%%2 Error: (08/12/2015 10:20:54 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {A47979D2-C419-11D9-A5B4-001185AD2B89} Error: (08/12/2015 10:20:20 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: WMPNetworkSvc0x80004002 Error: (08/12/2015 10:18:53 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (08/12/2015 10:07:55 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: F06DEFF2-5B9C-490D-910F-35D3A91196222 i8042prt innfd_1_10_0_13 innfd_1_10_0_14 Error: (08/12/2015 10:07:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: SafetyNut Manager%%2 Error: (08/12/2015 10:07:08 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {A47979D2-C419-11D9-A5B4-001185AD2B89} Error: (08/12/2015 10:06:43 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: WMPNetworkSvc0x80004002 Error: (08/12/2015 10:04:57 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Microsoft Office: ========================= Error: (05/14/2014 07:12:23 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1382 seconds with 1020 seconds of active time. This session ended with a crash. CodeIntegrity: =================================== Date: 2014-07-30 17:45:20.467 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-30 17:45:20.268 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-30 17:45:03.344 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-30 17:45:03.149 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-30 17:44:49.744 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-30 17:44:49.555 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-30 17:44:18.173 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-30 17:44:17.978 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-30 17:41:46.300 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll because the set of per-page image hashes could not be found on the system. Date: 2014-07-30 17:41:46.103 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 CPU 4400 @ 2.00GHz Percentage of memory in use: 74% Total physical RAM: 2046.38 MB Available physical RAM: 514.44 MB Total Virtual: 4344 MB Available Virtual: 2632.76 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:232.88 GB) (Free:119.86 GB) NTFS ==>[drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 9430BC52) Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS) ==================== End of log ============================