Additional scan result of Farbar Recovery Scan Tool (x64) Version:16-08-2015 Ran by Adam (2015-08-16 19:33:59) Running from C:\Users\Adam\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Adam (S-1-5-21-2554018869-3465991184-4273776038-1000 - Administrator - Enabled) => C:\Users\Adam Administrator (S-1-5-21-2554018869-3465991184-4273776038-500 - Administrator - Disabled) Gość (S-1-5-21-2554018869-3465991184-4273776038-501 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Dr.Web Anti-virus (Disabled - Up to date) {A8C161B2-600A-42FD-97E0-4C12952A9FEC} AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AS: Dr.Web Anti-virus (Disabled - Up to date) {13A08056-4630-4D73-AD50-7760EEADD551} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} FW: Zapora osobista ESET (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) 2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) ActivePerl 5.16.3 Build 1604 (64-bit) (HKLM\...\{A7915697-1675-433D-AD07-759E8550582F}) (Version: 5.16.1604 - ActiveState) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Aktualizacja produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{04E205D6-88B1-4652-B162-42DF2C3B1228}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{442ECBCF-94A7-48CC-8CD9-D31FFFD5FA86}) (Version: - Microsoft) Aktualizacja produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{128A36ED-21BE-4547-9FFE-5B85AEC735DD}) (Version: - Microsoft) BioAPI Framework (Version: 1.0.1 - Dell Inc.) Hidden Bullzip PDF Printer 10.1.0.1871 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.1.0.1871 - Bullzip) Cisco WebEx Meetings (HKU\S-1-5-21-2554018869-3465991184-4273776038-1000\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) CrystalDiskInfo 6.1.14 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.14 - Crystal Dew World) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd) Database Workbench Lite 4.4.3 for Firebird (HKLM-x32\...\dbw4freelitefb_is1) (Version: - Upscene Productions) Debugging Tools for Windows (HKLM-x32\...\{5C741A01-05D6-4306-BA6A-DC8401285AE8}) (Version: 6.6.7.5 - Microsoft Corporation) Dell 5530 Wireless Broadband Package (HKLM\...\{C80F0529-D1D1-4AA2-88F8-BF28118BB9F6}) (Version: 1.0.11.13 - Dell) Dell ControlVault Host Components Installer 64Bit (Version: 1.7.459.360 - Broadcom Corporation) Hidden Dell Security Device Driver Pack (HKLM-x32\...\{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}) (Version: 1.4.056 - Dell Inc.) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.108 - ALPS ELECTRIC CO., LTD.) DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.35 - Dell Inc.) e-Deklaracje Desktop (HKLM-x32\...\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1) (Version: 6.0.1 - Ministerstwo Finansow) e-Deklaracje Desktop (x32 Version: 6.0.1 - Ministerstwo Finansow) Hidden e-pity 5.0 za rok 2013 (HKLM-x32\...\{80D8170E-5590-4318-A9ED-E24E4C99A18C}_is1) (Version: - e-file sp. z o.o.) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) ESET Smart Security (HKLM\...\{50444D27-4D15-41F2-BD35-DC95D74021C8}) (Version: 8.0.319.1 - ESET, spol s r. o.) FeedDemon (HKLM-x32\...\FeedDemon_is1) (Version: 4.5.0.0 - NewsGator Technologies, Inc.) Firebird 2.5.3.26780 (x64) (HKLM\...\FBDBServer_2_5_x64_is1) (Version: 2.5.3.26780 - Firebird Project) Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.3.99.311 - Foxit Corporation) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.2.1224 - Foxit Corporation) FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - ) Gadwin PrintScreen (64-Bit) (HKLM\...\{819A52E1-0929-469A-BEB6-1AEBE0873CFC}) (Version: 5.4.2.0 - Gadwin Systems) GG (HKU\S-1-5-21-2554018869-3465991184-4273776038-1000\...\GG) (Version: 12 - GG Network S.A.) GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 1.4.9 - Free Software Foundation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6274.0 - IDT) InfraRecorder 0.53 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 - Christian Kindahl) Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.1 - Intel) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) Kamerzysta (deinstalacja) (HKLM-x32\...\Kamerzysta) (Version: - ) KeePass Password Safe 2.24 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.24 - Dominik Reichl) Look@LAN 2.50 Build 35 (HKLM-x32\...\Look@LAN_1.0) (Version: - ) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Lync Web App Plug-in (HKLM-x32\...\{48107371-865F-413C-B407-05110A3BDF60}) (Version: 15.8.8658.0 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{A007BD05-ECFD-4F64-89F6-7E95F91F0DFB}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM\...\{CC8B009A-98C9-497F-99AF-CEBE35D8C0CF}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{F3BBC56F-2282-4464-952F-A89772181F30}) (Version: 10.3.20116.0 - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}) (Version: 9.00.4035.00 - Microsoft Corporation) Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.4035.00 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Shell (Integrated) - ENU (HKLM-x32\...\{012D26C3-E12A-3BDA-8ECE-DF14E721A507}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft WSE 3.0 (HKLM-x32\...\{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}) (Version: 3.0.5305.0 - Microsoft Corporation) Mozilla Firefox 39.0 (x86 pl) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 pl)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla) Mozilla Thunderbird 31.7.0 (x86 pl) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 pl)) (Version: 31.7.0 - Mozilla) MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project) MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{EBFC96E5-4409-426E-88B7-650ADB342E78}) (Version: 8.0.50727.42 - The Firebird Project) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB927978) (HKLM-x32\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Nmap 6.47 (HKLM-x32\...\Nmap) (Version: - ) Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia) Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia) Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden Opera Stable 30.0.1835.140 (HKLM-x32\...\Opera 30.0.1835.140) (Version: 30.0.1835.140 - Opera Software) Oracle VM VirtualBox 4.3.4 (HKLM\...\{5FB568DF-207C-4B21-AC57-FC0CC2A0B113}) (Version: 4.3.4 - Oracle Corporation) Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - plk) (Version: - Microsoft Corporation) Pakiet sterowników systemu Windows - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.) Pakiet sterowników systemu Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia) PDF-XChange Viewer (HKLM\...\{9ED333F8-3E6C-4A38-BAFA-728454121CDA}) (Version: 2.5.214.2 - Tracker Software Products (Canada) Ltd.) pgAdmin III 1.18 (HKLM-x32\...\{B83C2BA8-F874-45F8-8E4A-07808A38D52C}) (Version: 1.18 - The pgAdmin Development Team) PhotoFiltre 7 (HKU\S-1-5-21-2554018869-3465991184-4273776038-1000\...\PhotoFiltre 7) (Version: - ) Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.11 - ) PITy2013 IPS 1.5.5.0 kompilacja:1.5.5.1 (HKLM-x32\...\PITy2013IPS_is1) (Version: - IPS Przedsiębiorstwo Informatyczne) PITy2014 IPS 1.6 kompilacja:1.6.2.39 (HKLM-x32\...\PITy2014IPS_is1) (Version: - IPS Przedsiębiorstwo Informatyczne) PLAY ONLINE (HKLM-x32\...\PLAY ONLINE) (Version: 21.005.11.17.264 - Huawei Technologies Co.,Ltd) Płatnik 9.01.001A (HKLM-x32\...\{05381030-963D-4779-BECA-0D7D49268EDB}) (Version: 9.01.001A - Asseco Poland S.A.) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile PLK Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation) RICOH R5C83x/84x Media Driver Ver.3.53.02 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.53.02 - ) Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.102 - Skype Technologies S.A.) Sony PC Companion 2.10.236 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.236 - Sony) SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH) TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) UPEK TouchChip Fingerprint Reader (Version: 1.2.0 - Dell Inc.) Hidden Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN) VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.0 - VMware, Inc) VMware Player (Version: 6.0.0 - VMware, Inc.) Hidden Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.) WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.100 - Broadcom Corporation) WinDirStat 1.1.2 (HKU\S-1-5-21-2554018869-3465991184-4273776038-1000\...\WinDirStat) (Version: - ) Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (HKLM\...\7C3B20D7A6E59F324247FCFEDEFA94CB3339BA1C) (Version: 06/15/2009 6.2.0.9000 - Broadcom) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies) WRF 1.02.001 G (HKLM-x32\...\{460BE803-88CF-4FD2-9082-2450A5959959}) (Version: 1.02.001 G - Asseco Poland S.A.) WRFKL 1.02.001 C (HKLM-x32\...\{A98C53C1-D7D5-43FE-82F4-EACD66292004}) (Version: 1.02.001 C - Asseco Poland S.A.) WRFSL (x32 Version: 1.02.001 E - Asseco Poland S.A.) Hidden WRFSL 1.02.001 E (HKLM-x32\...\{98A95680-71E0-4C6B-B3D0-384193FCA4F6}) (Version: 1.02.001 E - Asseco Poland S.A.) yEd Graph Editor 3.12 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.12 - yWorks GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2554018869-3465991184-4273776038-1000_Classes\CLSID\{1CC6F158-C938-424B-A757-8DC337545084}\localserver32 -> C:\Users\Adam\AppData\Local\Microsoft\LWAPlugin\x86\15.8\LWAPlugin.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2554018869-3465991184-4273776038-1000_Classes\CLSID\{53C06A7B-FC1E-40E6-9668-31CD219BAEA7}\localserver32 -> C:\Users\Adam\AppData\Local\Microsoft\LWAPlugin\x86\15.8\LWAVersionPlugin.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2554018869-3465991184-4273776038-1000_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\Adam\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Restore Points ========================= ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {017B40C1-A3AE-40AD-9A24-0D8947C49C3D} - System32\Tasks\Opera scheduled Autoupdate 1438622978 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-16] (Opera Software) Task: {01C0C527-D3CE-42DD-8A2B-DE34B4254581} - System32\Tasks\{BEF4124F-6B55-4B50-A214-0E20B8586B0E} => pcalua.exe -a C:\AGENT.m6\unins000.exe Task: {3E99F0B7-960E-4AD8-B15C-3F8478D632F7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16] (Adobe Systems Incorporated) Task: {4C34560C-541F-47D3-BAF5-99327E668125} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.0.2.17\SymErr.exe Task: {4E74EB05-E704-4E71-98C4-10F2ED2745E0} - System32\Tasks\e-pity2013_kwiecien => C:\Program Files (x86)\e-file\e-pity2013\Assets\signxml.exe [2014-03-20] (e-file sp. z o.o.) Task: {57F0302A-B6BE-4786-903A-E3811053F6CB} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\SymErr.exe Task: {A8C8EF70-98B6-4051-917C-AFF660D19340} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.0.2.17\WSCStub.exe Task: {A94D3C2C-932C-45AC-9804-42147CCB801A} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\SymErr.exe Task: {B6DFD587-9FDB-4E94-9129-F12246C73AD0} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.0.2.17\SymErr.exe Task: {B94667F9-5E0C-4081-A993-27392CFF775A} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe Task: {C80E611E-7683-446D-B44D-037A864A275E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-14] (Google Inc.) Task: {D1B59371-2D1A-486F-93DF-8B5B1B4E10B5} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe Task: {D8DB4D6F-3C5E-4A69-8086-F4742200045C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-14] (Google Inc.) Task: {FF3388E7-35A7-418B-8E94-4A4D566C5D49} - System32\Tasks\e-pity2013_styczen => C:\Program Files (x86)\e-file\e-pity2013\Assets\signxml.exe [2014-03-20] (e-file sp. z o.o.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2013-08-27 13:42 - 2013-08-27 13:42 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll 2015-07-25 15:11 - 2015-07-25 15:11 - 00019040 _____ () C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2native.dll 2015-08-16 14:17 - 2015-08-16 14:17 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DrWebEngine => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DrWebEngine => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2554018869-3465991184-4273776038-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adam\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg DNS Servers: 194.0.171.137 - 194.0.171.138 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: BthServ => 2 MSCONFIG\Services: btwdins => 2 MSCONFIG\Services: DrWebEngine => 3 MSCONFIG\Services: FirebirdGuardianDefaultInstance => 2 MSCONFIG\Services: FirebirdServerDefaultInstance => 3 MSCONFIG\Services: FoxitCloudUpdateService => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: PLAY ONLINE. RunOuc => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: GG => "C:\Users\Adam\AppData\Local\GG\Application\gghub.exe" MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload MSCONFIG\startupreg: Onet.pl AutoUpdate => "C:\Program Files (x86)\Common Files\Onet.pl\NewAutoUpdate.exe" /updateexe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [{9DCEBD4A-6610-4964-96F9-CBFE570E1025}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [{6F8571B3-D205-4E60-9C6B-1A44A8845214}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [{70C60A8A-45A7-490D-924B-410C19978162}] => (Allow) C:\Users\Adam\AppData\Local\Temp\7zSE6E8.tmp\SymNRT.exe FirewallRules: [{E24A52E5-1A5F-4DD8-8BF7-06917DE3084B}] => (Allow) C:\Users\Adam\AppData\Local\Temp\7zSE6E8.tmp\SymNRT.exe FirewallRules: [TCP Query User{0D45F467-0CAF-4A2A-A8C8-416B40CA4DCC}C:\program files (x86)\upscene productions\database workbench 4 lite for firebird\dbw4_srvr.exe] => (Allow) C:\program files (x86)\upscene productions\database workbench 4 lite for firebird\dbw4_srvr.exe FirewallRules: [UDP Query User{9BB56364-0EC2-4C28-B0A8-C441AAECD3CF}C:\program files (x86)\upscene productions\database workbench 4 lite for firebird\dbw4_srvr.exe] => (Allow) C:\program files (x86)\upscene productions\database workbench 4 lite for firebird\dbw4_srvr.exe FirewallRules: [TCP Query User{3AC0312C-3C73-4703-8F0F-A5B979925B9D}C:\users\adam\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\adam\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe FirewallRules: [UDP Query User{659162FB-15A5-4A80-BF4F-939A250CF8D7}C:\users\adam\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\adam\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe FirewallRules: [{18E7A62A-430F-4F2D-8BD6-3C797033C514}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{657DAD59-00B3-47BE-AF25-AF6C3B8E5173}] => (Allow) LPort=80 FirewallRules: [{7E041E88-7CE5-4C89-AA1B-E2AF05EA1EF5}] => (Allow) LPort=80 FirewallRules: [{7508EB72-5882-4F58-931F-A29CF1AB691C}] => (Allow) LPort=80 FirewallRules: [TCP Query User{F7246C6B-15FE-43A0-8E9E-B7CD415326AD}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe FirewallRules: [UDP Query User{984A43A5-6D79-43A6-9123-A042468E6105}C:\windows\system32\ftp.exe] => (Allow) C:\windows\system32\ftp.exe FirewallRules: [{21C72F32-4304-4221-A52F-429FC03E59FF}] => (Allow) C:\Users\Adam\AppData\Local\Temp\7zS888.tmp\SymNRT.exe FirewallRules: [{B2BD8CE3-D135-4CE6-A304-9F7A56DB01CD}] => (Allow) C:\Users\Adam\AppData\Local\Temp\7zS888.tmp\SymNRT.exe FirewallRules: [{F7B71833-5D7B-4E1D-9E36-97DF5F46FF09}] => (Allow) C:\Program Files\Vuze\Azureus.exe FirewallRules: [{EADC5C7B-8078-4D9B-9FB2-2CDC0ADA0347}] => (Allow) C:\Program Files\Vuze\Azureus.exe FirewallRules: [TCP Query User{E75C51BA-F8A3-4874-BBDF-F7E9C869B802}C:\program files (x86)\nmap\nmap.exe] => (Block) C:\program files (x86)\nmap\nmap.exe FirewallRules: [UDP Query User{79184ACF-3BEE-4F7E-ABCE-8DE5B549A867}C:\program files (x86)\nmap\nmap.exe] => (Block) C:\program files (x86)\nmap\nmap.exe FirewallRules: [{CCBD2250-0349-4A30-8283-8C803F602A12}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5C68C304-A744-4869-BD5D-140073AFE4BB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6A36F2C0-85AD-4073-B5C9-8AFE9C70B2F7}] => (Allow) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe FirewallRules: [{8646D575-655F-47AC-AE62-4E4090EB3E58}] => (Allow) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe FirewallRules: [TCP Query User{2909AF1F-D17B-4E4E-8BD6-A795B92B8ADA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{1BE32387-D2C9-4B55-B149-1E5F9DA3ED2E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{40F3D8E6-129F-4988-8A3D-CA09E888B8C4}] => (Allow) LPort=1433 FirewallRules: [TCP Query User{329B4628-C3B4-4D24-ACEF-4768628559BB}C:\program files (x86)\look@lan\lookatlan.exe] => (Allow) C:\program files (x86)\look@lan\lookatlan.exe FirewallRules: [UDP Query User{060E1EFD-B042-49FD-92E8-D759B56B5281}C:\program files (x86)\look@lan\lookatlan.exe] => (Allow) C:\program files (x86)\look@lan\lookatlan.exe FirewallRules: [{C28758E9-6E8C-461F-A828-37657FFD3423}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe FirewallRules: [{102424FD-1296-4373-A833-489E6FADCE93}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe FirewallRules: [TCP Query User{CCAFC132-2925-4007-9D4E-062319F784BE}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe FirewallRules: [UDP Query User{006B5955-24AF-45EA-8FB4-B159B61CF271}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe FirewallRules: [{144FF569-C542-451D-8A04-EC170A008C2D}] => (Allow) C:\Users\Adam\AppData\Local\TNT2\2.0.0.1983\TNT2User.exe FirewallRules: [{3DD568D0-1379-4462-8665-56311D608822}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Microsoft Office: ========================= CodeIntegrity: =================================== Date: 2015-08-09 12:19:19.095 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLDISKX64\600\kldisk.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-09 12:19:18.995 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLDISKX64\600\kldisk.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-09 12:19:18.863 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLDISKX64\600\kldisk.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-09 12:19:18.686 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLDISKX64\600\kldisk.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-09 12:19:17.426 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLKBDFLTX64\klkbdflt.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-09 12:19:17.153 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLKBDFLTX64\klkbdflt.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-09 12:19:17.066 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLKBDFLTX64\klkbdflt.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-09 12:19:16.965 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLKBDFLTX64\klkbdflt.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-09 12:19:16.399 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLMOUFLTX64\600\klmouflt.sys because the set of per-page image hashes could not be found on the system. Date: 2015-08-09 12:19:16.234 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLMOUFLTX64\600\klmouflt.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU P9600 @ 2.53GHz Percentage of memory in use: 66% Total physical RAM: 4046.99 MB Available physical RAM: 1344.01 MB Total Virtual: 8329.26 MB Available Virtual: 5304.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:74.53 GB) (Free:8.15 GB) NTFS ==>[drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 74.5 GB) (Disk ID: 00017D53) Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS) ==================== End of log ============================