Additional scan result of Farbar Recovery Scan Tool (x64) Version:14-08-2015 01 Ran by Admin (2015-08-16 17:52:30) Running from C:\Users\Admin\Desktop Boot Mode: Safe Mode (with Networking) ========================================================== ==================== Accounts: ============================= Admin (S-1-5-21-3933479072-2540534226-446759770-1000 - Administrator - Enabled) => C:\Users\Admin Administrator (S-1-5-21-3933479072-2540534226-446759770-500 - Administrator - Disabled) Gość (S-1-5-21-3933479072-2540534226-446759770-501 - Limited - Disabled) => C:\Users\Gość HomeGroupUser$ (S-1-5-21-3933479072-2540534226-446759770-1003 - Limited - Enabled) Piotr (S-1-5-21-3933479072-2540534226-446759770-1004 - Administrator - Enabled) => C:\Users\Piotr.Admin-Komputer.001 ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) "Pro Evolution Soccer 2014" (HKLM-x32\...\{5F2F346D-43FA-47A4-97E4-1019BCE7AF45}_is1) (Version: 1.0.0.0 - ) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Advanced RAR Repair v1.2 (HKLM-x32\...\Advanced RAR Repair v1.2) (Version: - ) AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.10.1074, 24.08.2012 - AIMP DevTeam) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Archiwizator WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.135 - Atheros) AutoCAD 2011 - Polski (HKLM\...\AutoCAD 2011 - Polski) (Version: 18.1.49.0 - Autodesk) AutoCAD 2011 - Polski (Version: 18.1.49.0 - Autodesk) Hidden AutoCAD 2011 Language Pack - Polski (Version: 18.1.49.0 - Autodesk) Hidden Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk) Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk) Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - ) Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DC++ 0.843 (HKLM-x32\...\DC++) (Version: 0.843 - Jacek Sieka) Deluxe Ski Jump 4 (HKLM-x32\...\Deluxe Ski Jump 4_is1) (Version: 1.5.1 - Mediamond Tmi) Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.8.3 - Bloodshed Software) Dtella@MS 1.2.7.10 (HKLM-x32\...\Dtella@MS) (Version: 1.2.7.10 - Dtella Labs) Dzielenie i łączenie plików v1.2.2 (HKLM-x32\...\Dzielenie i łączenie plików_is1) (Version: - Michał Bąbik) EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.4.0.0 - Electronic Arts) EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts) Easy Video Splitter 1.28 (HKLM-x32\...\Easy Video Splitter_is1) (Version: - DoEasier Tech Inc) Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.3 - Lenovo) Energy Management (x32 Version: 7.0.3.3 - Lenovo) Hidden eSpeak version 1.48.04 (HKLM-x32\...\eSpeak_is1) (Version: - ) Expressivo (HKLM-x32\...\Expressivo) (Version: 1.5.1 - IVO Software Sp. z o.o.) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Farming Simulator 2015 (HKLM-x32\...\Farming Simulator 2015_is1) (Version: 1.1.0.0 - Релиз от R.G. Steamgames) FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production) FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.1.0.0 - Electronic Arts) FIFA 14 Patch by PesCups.Ru 6.1 Update (HKLM-x32\...\FIFA 14 Patch by PesCups.Ru 6.1 Update) (Version: 6.1 Update - PesCups.Ru) File Master Version 14.0 (HKLM-x32\...\File Master_is1) (Version: - FIFA MASTER) Flash Capture v3.3.0.1519 (HKLM-x32\...\Flash Capture) (Version: 3.3 - ) Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com) FP T-Mobile Ekstraklasa Patch (HKU\S-1-5-21-3933479072-2540534226-446759770-1000\...\FP T-Mobile Ekstraklasa Patch) (Version: - ) Free AVI to MP3 1.0 (HKLM-x32\...\{6921CCEB-3924-48C2-995C-44D5F885E98F}_is1) (Version: 1.0 - Jacek Pazera) Free DWG Viewer 7.0 (HKLM-x32\...\{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}) (Version: 7.0.1 - IGC) Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden GG (HKU\S-1-5-21-3933479072-2540534226-446759770-1000\...\GG) (Version: 11 - GG Network S.A.) GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version: - ) Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden ImageGlass (HKLM-x32\...\{68993018-DF16-416F-92EB-3E242AE1156D}_is1) (Version: 1.5.22.2014 - PhapSoftware) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2656 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) IVONA - syntezator mowy, wersja rehabilitacyjna (HKLM-x32\...\IVONA - syntezator mowy, wersja rehabilitacyjna) (Version: 1.0 - IVO Software Sp. z o.o.) IVONA 2 (HKLM-x32\...\IVONA 2) (Version: 1.6.3 - IVO Software Sp. z o.o.) IVONA Reader (HKLM-x32\...\IVONA Reader) (Version: - IVO Software Sp. z o.o.) LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics) Malwarebytes Anti-Malware wersja 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3933479072-2540534226-446759770-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 40.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 pl)) (Version: 40.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla) Need for Speed Carbon wersja 1.4 (HKLM-x32\...\Need for Speed Carbon_is1) (Version: 1.4 - EA Games) Need for Speed Most Wanted 2005 wersja 1.3 (HKLM-x32\...\Need for Speed Most Wanted 2005_is1) (Version: 1.3 - EA Games) Need for Speed™ Undercover (HKLM-x32\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts) Obsługa programów Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) OpenOffice 4.0.1 (HKLM-x32\...\{DA0106A3-216E-48DE-9CF6-655DA8FC1D22}) (Version: 4.01.9714 - Apache Software Foundation) Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA) Opera Stable 31.0.1889.99 (HKLM-x32\...\Opera 31.0.1889.99) (Version: 31.0.1889.99 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.) Pakiet sterowników systemu Windows - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo) PDF Editor 64bit 4 (HKLM\...\PDF Editor 64bit 4) (Version: - ) Pesgalaxy.com Patch 2015 (HKLM-x32\...\Pesgalaxy.com Patch 2015 2.50) (Version: 2.50 - Pesgalaxy) Pesgalaxy.com Patch 2015 DLC Installer (HKLM-x32\...\Pesgalaxy.com Patch 2015 DLC Installer 2.50) (Version: 2.50 - Pesgalaxy) Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Pro Evolution Soccer 2015 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - ) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Record Player (HKLM-x32\...\Record Player) (Version: - ) ROAD TO WORLD CUP 2014 PATCH (HKU\S-1-5-21-3933479072-2540534226-446759770-1000\...\ROAD TO WORLD CUP 2014 PATCH) (Version: - ) SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association) Sizzling Hot by Czciciel (HKLM-x32\...\Sizzling Hot by Czciciel) (Version: - ) Sothink SWF Catcher (HKLM-x32\...\{49273419-5179-4866-9F71-5CF346F302CF}_is1) (Version: 2.6 - SourceTec Software Co., LTD) Sp5 (x32 Version: 5.1.4324.0 - Microsoft) Hidden Sp5Intl (x32 Version: 5.1.4324.0 - Microsoft) Hidden Sp5TTInt (x32 Version: 5.1.4324.0 - Microsoft) Hidden SpCommon (x32 Version: 5.1.4324.0 - Microsoft) Hidden SpPhones (x32 Version: 6.0.3122.0 - Microsoft) Hidden System syntezy mowy (HKLM-x32\...\System syntezy mowy) (Version: - ) target (HKLM-x32\...\{E5EA877B-61DE-4118-B285-5A6963D9C7AC}) (Version: 1.0.2 - jtm) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Youtube Downloader HD v. 2.9.9.21 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3933479072-2540534226-446759770-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3933479072-2540534226-446759770-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3933479072-2540534226-446759770-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3933479072-2540534226-446759770-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3933479072-2540534226-446759770-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3933479072-2540534226-446759770-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3933479072-2540534226-446759770-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2011\acadficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3933479072-2540534226-446759770-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) CustomCLSID: HKU\S-1-5-21-3933479072-2540534226-446759770-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3933479072-2540534226-446759770-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2015-01-11 23:45 - 00000921 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 genuine.microsoft.com 127.0.0.1 mpa.one.microsoft.com 127.0.0.1 sls.microsoft.com ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {5E19ABBF-E219-40C2-AA98-71199C96F863} - System32\Tasks\{695EA30B-24EA-4935-ADED-741D9CE0ED16} => D:\Program Files (x86)\Need for Speed Carbon\NFSC.exe [2007-06-17] () Task: {65624C82-83E6-47C2-B92A-50A94346A5A8} - System32\Tasks\Opera scheduled Autoupdate 1379368914 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-30] (Opera Software) Task: {6AA5DE62-F997-4735-92FF-D0BEB90336D0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3933479072-2540534226-446759770-1000Core => C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-23] (Facebook Inc.) Task: {72FAF214-3ED7-4DA5-9D45-1432C4B69390} - System32\Tasks\{653D3C57-16E7-4B4C-9CF6-9A2F842C37FB} => D:\Program Files (x86)\Need for Speed Most Wanted 2005\speed.exe [2007-02-16] () Task: {88BE9984-E976-4B91-895E-B198D85C98DF} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3933479072-2540534226-446759770-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {8CD45570-DF1F-43D3-9B7F-2900D117FE91} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {9CE00F45-0560-4D88-A067-96B893522184} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe [2015-07-15] (Adobe Systems Incorporated) Task: {AA50EB78-ABD8-4697-A359-20B8D48576E3} - System32\Tasks\{BD6FEB69-4401-4F5B-A968-A3EFF4B6F9B5} => D:\Program Files (x86)\Need for Speed Carbon\NFSC.exe [2007-06-17] () Task: {B5E1CEC7-9748-42C7-8186-6A45A5194BD1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {C7A88731-DAAA-4DD7-B0D6-841A66AE34CC} - System32\Tasks\{E3864EE3-D8EF-47AD-ADC5-DD7AD7735A5E} => pcalua.exe -a D:\programy\daemontools406.exe -d D:\programy Task: {CED3DC81-D0E4-48C4-A5DD-B2B75BD6D10C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {E5A5048D-4C51-4E96-B8B3-EC9E5A94B045} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3933479072-2540534226-446759770-1000UA => C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-23] (Facebook Inc.) Task: {E89CF27B-F29D-4773-A9FB-83C5FD05961D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {F941B106-96D6-45D6-BB6A-D8569A48C509} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3933479072-2540534226-446759770-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3933479072-2540534226-446759770-1000Core.job => C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3933479072-2540534226-446759770-1000UA.job => C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-08-16 13:38 - 2015-08-16 13:38 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3933479072-2540534226-446759770-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{B9414B87-361B-44B0-AFC8-27697B081658}] => (Allow) D:\Games\FIFA 13\Game\fifa13.exe FirewallRules: [{2FD6E828-4543-4265-84A8-0979969F22B1}] => (Allow) D:\Games\FIFA 13\Game\fifa13.exe FirewallRules: [{408FEEBC-C0EA-434A-AC82-E2736A327B8A}] => (Allow) D:\Games\FIFA 13\Game\fifa13.exe FirewallRules: [{A1E848A0-29FA-4C93-B868-D9152A6CE8A1}] => (Allow) D:\Games\FIFA 13\Game\fifa13.exe FirewallRules: [{9B3D1B28-6CD8-46D8-804E-00B7732692E1}] => (Allow) D:\Games\Pro Evolution Soccer 2014\pes2014.exe FirewallRules: [{FA503FA8-D658-4950-B170-01829C5D2F2C}] => (Allow) D:\Games\Pro Evolution Soccer 2014\pes2014.exe FirewallRules: [{928D892C-9808-4367-BCB9-82B56BCFDCEB}] => (Allow) C:\ProgramData\eSafe\eGdpSvc.exe FirewallRules: [{1F3E18AC-217A-4094-835C-AAFE5F138F01}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe FirewallRules: [{54453AA1-72D2-4D2E-A5E2-13889B4BC615}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe FirewallRules: [{C7E04641-1781-49B5-BCE0-215CD835449C}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe FirewallRules: [{A368CF2A-171A-4A9B-AFD9-92061C668F2A}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe FirewallRules: [TCP Query User{17EA2B3A-5003-4C44-84D9-5931DE312C8F}D:\games\pro evolution soccer 2014\pes2014.exe] => (Allow) D:\games\pro evolution soccer 2014\pes2014.exe FirewallRules: [UDP Query User{3E1807E7-1E04-45DE-B5A3-E0D36EF428F1}D:\games\pro evolution soccer 2014\pes2014.exe] => (Allow) D:\games\pro evolution soccer 2014\pes2014.exe FirewallRules: [{AE7B0158-CD23-4107-BFFA-355E8FA783E1}] => (Allow) C:\Users\Admin\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{7798015B-BFDA-40B7-A29C-7EFBB1D15324}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{A3CDF0E9-1539-4D7A-8D0E-8FDED81BC04C}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15 DEMO\fifasetup\fifaconfig.exe FirewallRules: [{C84F9C8B-EA13-4BCC-953A-A66732C8867F}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 15 DEMO\fifasetup\fifaconfig.exe FirewallRules: [TCP Query User{2E6AE0EF-F296-4614-8E31-C3E13DBB9806}C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe] => (Block) C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe FirewallRules: [UDP Query User{87893CFA-4D68-49E1-A600-CC3BEF7CB1EC}C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe] => (Block) C:\program files (x86)\origin games\fifa 15 demo\fifa15_demo.exe FirewallRules: [TCP Query User{55319E93-4213-4944-9AFA-4210F7973D28}C:\program files\dc++\dcplusplus.exe] => (Allow) C:\program files\dc++\dcplusplus.exe FirewallRules: [UDP Query User{320997FC-3BD0-4BE7-95B0-F995DE6CF855}C:\program files\dc++\dcplusplus.exe] => (Allow) C:\program files\dc++\dcplusplus.exe FirewallRules: [TCP Query User{266CB5C5-4376-4C53-AE0F-6D2A7249B4B0}C:\program files (x86)\dtella@ms\dtella.exe] => (Allow) C:\program files (x86)\dtella@ms\dtella.exe FirewallRules: [UDP Query User{5C367FEC-C1A8-4D60-A3FC-4EA9313F9FF0}C:\program files (x86)\dtella@ms\dtella.exe] => (Allow) C:\program files (x86)\dtella@ms\dtella.exe FirewallRules: [TCP Query User{4A3865AB-9891-453D-A8AB-5DEC8AB517F8}C:\program files (x86)\dtella@ms\dtella.exe] => (Allow) C:\program files (x86)\dtella@ms\dtella.exe FirewallRules: [UDP Query User{1F753C83-A7FE-4DEC-AC78-730A60C092D7}C:\program files (x86)\dtella@ms\dtella.exe] => (Allow) C:\program files (x86)\dtella@ms\dtella.exe FirewallRules: [{5F351A10-B768-42D1-AF45-88315E8C508B}] => (Allow) C:\Users\Admin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{87C05625-FD1A-44A3-A1A3-827C4E3F8BA0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{ABCC04BD-7AFA-4E46-A8EE-7D58367C6FFD}] => (Allow) LPort=2869 FirewallRules: [{D71C97DF-A0CF-4D6A-9AA1-4BDE2D97EB7E}] => (Allow) LPort=1900 FirewallRules: [{3CAAD4E1-0131-4B5C-BA35-6117FC23DBCF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{3EEEB4E8-ABD0-49A6-81A6-A338295CF28D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{EF4119D6-B2BF-45B2-9FE5-0C4C15DCEB7C}C:\program files\dc++\dcplusplus.exe] => (Allow) C:\program files\dc++\dcplusplus.exe FirewallRules: [UDP Query User{005DC258-C831-4CD0-9669-E60AD2B4333A}C:\program files\dc++\dcplusplus.exe] => (Allow) C:\program files\dc++\dcplusplus.exe FirewallRules: [TCP Query User{380095CD-37CB-4686-98AF-B02943E85D9A}D:\program files (x86)\pro evolution soccer 2015\pes2015.exe] => (Block) D:\program files (x86)\pro evolution soccer 2015\pes2015.exe FirewallRules: [UDP Query User{C08C858A-D372-4A24-894A-CCEC22370860}D:\program files (x86)\pro evolution soccer 2015\pes2015.exe] => (Block) D:\program files (x86)\pro evolution soccer 2015\pes2015.exe FirewallRules: [TCP Query User{09142FDD-149E-4C88-A3C2-50E2889860CD}D:\program files (x86)\pro evolution soccer 2015\pes2015.exe] => (Block) D:\program files (x86)\pro evolution soccer 2015\pes2015.exe FirewallRules: [UDP Query User{5A55F572-5A27-411A-B619-59798A0D5C78}D:\program files (x86)\pro evolution soccer 2015\pes2015.exe] => (Block) D:\program files (x86)\pro evolution soccer 2015\pes2015.exe FirewallRules: [TCP Query User{688048C7-4573-4BC7-A657-59AA9AB03B7D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{F69768D3-EF54-412E-AFC2-64996952AB99}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{9C1840F3-B106-4D4A-A7C2-89E816BE4D07}] => (Allow) D:\FIFA 15 PL [PC]\fifasetup\fifaconfig.exe FirewallRules: [{6DE82959-CB65-49D7-9295-F9FBAC574817}] => (Allow) D:\FIFA 15 PL [PC]\fifasetup\fifaconfig.exe StandardProfile\AuthorizedApplications: [C:\Users\Admin\P-7-78-8964-9648-3874\windll.exe] => ==================== Faulty Device Manager Devices ============= Name: Security Processor Loader Driver Description: Security Processor Loader Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: spldr Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teredo Tunneling Pseudo-Interface Description: Karta tunelowania Teredo firmy Microsoft Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/16/2015 05:35:12 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/16/2015 05:19:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/16/2015 05:11:36 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/16/2015 03:33:11 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/16/2015 03:25:35 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/16/2015 02:58:37 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Nie można wygenerować kontekstu aktywacji dla "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"1". Nie można odnaleźć zestawu zależnego Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0". Użyj narzędzia sxstrace.exe, aby uzyskać szczegółową diagnozę. Error: (08/16/2015 02:58:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/16/2015 02:29:28 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/16/2015 01:59:53 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/16/2015 01:37:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (08/16/2015 05:50:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (08/16/2015 05:50:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (08/16/2015 05:50:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (08/16/2015 05:49:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (08/16/2015 05:49:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (08/16/2015 05:49:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (08/16/2015 05:49:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (08/16/2015 05:49:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (08/16/2015 05:49:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error: (08/16/2015 05:49:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Microsoft Office: ========================= CodeIntegrity: =================================== Date: 2015-08-16 17:17:59.016 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-16 15:31:43.590 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-16 15:24:18.537 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-16 14:28:04.614 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-16 13:36:36.342 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-16 13:02:20.868 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-16 12:47:20.024 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-16 12:10:22.562 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-15 22:35:57.474 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-15 21:57:42.826 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz Percentage of memory in use: 33% Total physical RAM: 3998.36 MB Available physical RAM: 2651.02 MB Total Virtual: 7994.92 MB Available Virtual: 6712.75 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:195.21 GB) (Free:34.14 GB) NTFS Drive d: () (Fixed) (Total:736.2 GB) (Free:321.73 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C3FFC3FF) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=736.2 GB) - (Type=07 NTFS) ==================== End of log ============================