Additional scan result of Farbar Recovery Scan Tool (x86) Version:29-10-2015 Ran by Krzysztof (2015-10-29 21:14:07) Running from C:\Documents and Settings\Krzysztof\My Documents\Pobrane Microsoft Windows XP Home Edition Service Pack 3 (X86) (2010-08-05 03:04:41) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1960408961-682003330-839522115-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator ASPNET (S-1-5-21-1960408961-682003330-839522115-1006 - Limited - Enabled) Gość (S-1-5-21-1960408961-682003330-839522115-1005 - Limited - Enabled) => %SystemDrive%\Documents and Settings\Gość Guest (S-1-5-21-1960408961-682003330-839522115-501 - Limited - Disabled) HelpAssistant (S-1-5-21-1960408961-682003330-839522115-1000 - Limited - Disabled) Krzysztof (S-1-5-21-1960408961-682003330-839522115-1004 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Krzysztof SUPPORT_388945a0 (S-1-5-21-1960408961-682003330-839522115-1002 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: 电脑管家系统防护 (Enabled - Up to date) {9AAC524A-BF34-49b0-91D2-71838CBB8110} AV: Emsisoft Anti-Malware (Disabled - Up to date) {0F8591BB-342B-4493-91C3-4E948ED21255} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 1500 (Version: 50.0.206.000 - Hewlett-Packard) Hidden 1500_Help (Version: 50.0.206.000 - Hewlett-Packard) Hidden 1500Trb (Version: 50.0.206.000 - Hewlett-Packard) Hidden Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated) Adobe Flash Player 19 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated) Adobe Reader XI (11.0.08) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) AiO_Scan (Version: 50.0.206.000 - Hewlett-Packard) Hidden AiOSoftware (Version: 50.0.206.000 - Hewlett-Packard) Hidden Apple Mobile Device Support (HKLM\...\{8153ED9A-C94A-426E-9880-5E6775C08B62}) (Version: 4.0.0.97 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) BufferChm (Version: 53.0.13.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 3.14 - Piriform) CinemaP-1.9cV26.09 (HKLM\...\CinemaP-1.9cV26.09) (Version: 1.36.01.22 - Cinema PlusV26.09) <==== ATTENTION CinemaPlus-3.2cV26.09 (HKLM\...\CinemaPlus-3.2cV26.09) (Version: 1.36.01.22 - Cinema PlusV26.09) <==== ATTENTION Cisco Systems VPN Client 5.0.05.0290 (HKLM\...\{F3C1DE9E-5E16-4BA9-B854-7B53A45E3579}) (Version: 5.0.5 - Cisco Systems, Inc.) CP_Package_Variety1 (Version: 53.0.13.000 - Hewlett-Packard) Hidden CP_Package_Variety2 (Version: 53.0.13.000 - Hewlett-Packard) Hidden CP_Package_Variety3 (Version: 53.0.13.000 - Hewlett-Packard) Hidden CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden Destinations (Version: 53.0.13.000 - Hewlett-Packard) Hidden DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden DocProc (Version: 5.2.0.0 - Hewlett-Packard) Hidden eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden Facebook Update Helper (Version: 1.2.205.0 - Google Inc.) Hidden Fax (Version: 50.0.206.000 - Hewlett-Packard) Hidden FileZilla Client 3.8.0 (HKLM\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse) FoxArc Screen Capture V1.2 (HKLM\...\FoxArc Screen Capture) (Version: - ) GoHD (HKLM\...\GoHD) (Version: 1.36.01.22 - InstallMoon) <==== ATTENTION Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.) Google Talk Plugin (HKLM\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden HP Extended Capabilities 5.3 (HKLM\...\HPExtendedCapabilities) (Version: 5.3 - HP) HP Image Zone Express (HKLM\...\{FE64AE29-0883-4C70-8388-DC026019C900}) (Version: 1.5.1.29 - Hewlett-Packard) HP Imaging Device Functions 5.3 (HKLM\...\HP Imaging Device Functions) (Version: 5.3 - HP) HP PSC & OfficeJet 5.3.B (HKLM\...\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}) (Version: - HP) HP Solution Center & Imaging Support Tools 5.3 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 5.3 - HP) HP Support Solutions Framework (HKLM\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company) HPProductAssistant (Version: 53.0.13.000 - Hewlett-Packard) Hidden Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle) kED 2.1.4.0 (HKLM\...\kED_is1) (Version: - ) K-Lite Codec Pack 8.4.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 8.4.0 - ) Lame ACM MP3 Codec (HKLM\...\LameACM) (Version: - ) MarketResearch (Version: 53.0.13.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 1.1 Polish Language Pack (HKLM\...\{64CB2553-C109-4132-AA51-1F421B515FD1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version: - ) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Ultimate 2007 (HKLM\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Mozilla Firefox 38.0 (x86 pl) (HKLM\...\Mozilla Firefox 38.0 (x86 pl)) (Version: 38.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 38.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 6 Service Pack 2 (KB973686) (HKLM\...\{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}) (Version: 6.20.2003.0 - Microsoft Corporation) NewCopy (Version: 50.0.206.000 - Hewlett-Packard) Hidden NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9682 - NVIDIA Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation) NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 6.14.10.00 - NVIDIA Corporation) Obsługa programów Apple (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) OpenVPN Connect (HKLM\...\{3D9A5267-3236-4BCC-AA45-2CE16F531187}) (Version: 2.0.8.106 - OpenVPN Technologies) ProductContext (Version: 50.0.206.000 - Hewlett-Packard) Hidden Readme (Version: 50.0.206.000 - Hewlett-Packard) Hidden Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5936 - Realtek Semiconductor Corp.) SavePass 1.1 (HKLM\...\SavePass 1.1) (Version: 1.36.01.22 - OB) <==== ATTENTION Scan (Version: 5.2.0.0 - Hewlett-Packard) Hidden ScannerCopy (Version: 5.2.0.0 - Hewlett-Packard) Hidden Setup (HKLM\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATTENTION Skype™ 7.5 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.) SolutionCenter (Version: 50.0.152.000 - Hewlett-Packard) Hidden Status (Version: 53.0.13.000 - Hewlett-Packard) Hidden swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TrayApp (Version: 53.0.13.000 - Hewlett-Packard) Hidden TuneUp Utilities 2012 (Version: 12.0.2040.9 - TuneUp Software) Hidden TuneUp Utilities Language Pack (en-US) (Version: 12.0.2040.9 - TuneUp Software) Hidden Unload (Version: 5.0.0 - Hewlett-Packard) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Usługi Boot Camp (HKLM\...\{B56ACF7B-D7B5-442B-8E1D-6B41347D88B2}) (Version: 3.2.0 - Apple Inc.) VpnProxy 1.0 (HKLM\...\VpnProxy_is1) (Version: - Initex Software) WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden WebReg (Version: 53.0.13.000 - Hewlett-Packard) Hidden Windows Driver Package - Apple Inc. (applebt) Bluetooth (03/01/2010 3.0.0.5) (HKLM\...\31BC243044B2C02B454ECDA8F5B44427F3754DD0) (Version: 03/01/2010 3.0.0.5 - Apple Inc.) Windows Driver Package - Apple Inc. (AppleUSBEthernet) Net (01/11/2008 3.4.3.18) (HKLM\...\AD3493E108434977125BBF78F47699626F8AF64B) (Version: 01/11/2008 3.4.3.18 - Apple Inc.) Windows Driver Package - Apple Inc. Apple Bluetooth Enabler (06/27/2007 2.0.0.1) (HKLM\...\5F8BE32FAE3D6BC77B512F7B0624D7B6C8A26EFB) (Version: 06/27/2007 2.0.0.1 - Apple Inc.) Windows Driver Package - Apple Inc. Apple Broadcom Bluetooth (03/01/2010 3.1.0.3) (HKLM\...\5D1F13EEF9A42CC17001EAFFC701D57AF8D13E9D) (Version: 03/01/2010 3.1.0.3 - Apple Inc.) Windows Driver Package - Apple Inc. Apple Built-in iSight (10/25/2007 2.0.1.0) (HKLM\...\9324ED54E32F5399037F87E076CA01C6CEB92830) (Version: 10/25/2007 2.0.1.0 - Apple Inc.) Windows Driver Package - Apple Inc. Apple Display (01/23/2009 3.0.0.0) (HKLM\...\C5CE3BA75A23622D2140C5D5D0998C07DDC4CF1C) (Version: 01/23/2009 3.0.0.0 - Apple Inc.) Windows Driver Package - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) (HKLM\...\4D00971668041EDAD7097C5827D1739F03B9E5D7) (Version: 02/21/2008 2.0.4.0 - Apple Inc.) Windows Driver Package - Apple Inc. Apple Keyboard (01/12/2010 3.1.0.2) (HKLM\...\84865EBF11DAD18A6FD975327C8DBD66D7090BAD) (Version: 01/12/2010 3.1.0.2 - Apple Inc.) Windows Driver Package - Apple Inc. Apple Multitouch (02/11/2010 3.1.0.0) (HKLM\...\60B5F87397EB801AB1BAB3E940CE0E077830B153) (Version: 02/11/2010 3.1.0.0 - Apple Inc.) Windows Driver Package - Apple Inc. Apple Multitouch (10/05/2010 3.2.0.1) (HKLM\...\AEB482706002E9220FBFB86D4A1D24257F71A3D4) (Version: 10/05/2010 3.2.0.1 - Apple Inc.) Windows Driver Package - Apple Inc. Apple Multitouch Mouse (02/11/2010 3.1.0.0) (HKLM\...\5A9DF61C17938C73DCC75C9B4B3A4DE3C74D38ED) (Version: 02/11/2010 3.1.0.0 - Apple Inc.) Windows Driver Package - Apple Inc. Apple Multitouch Mouse (10/05/2010 3.2.0.1) (HKLM\...\A7A7D84907D2DCB34930D77C6BA911E3834C1E34) (Version: 10/05/2010 3.2.0.1 - Apple Inc.) Windows Driver Package - Apple Inc. Apple ODD (01/17/2008 2.0.2.2) (HKLM\...\B4AC4F962DDC0DD6B71FCF20B8F2F694214FAE69) (Version: 01/17/2008 2.0.2.2 - Apple Inc.) Windows Driver Package - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\2E2B6DCC02509BB8D2629A009DE8B5C3055B6779) (Version: 05/17/2010 3.1.0.0 - Apple Inc.) Windows Driver Package - Apple Inc. Apple Trackpad (07/13/2009 3.0.0.1) (HKLM\...\A0DAD483951AB3046050D68A2A1D8CEB4A7C61EE) (Version: 07/13/2009 3.0.0.1 - Apple Inc.) Windows Driver Package - Apple Inc. Apple Trackpad Enabler (07/13/2009 3.0.0.1) (HKLM\...\111E266FDD1556398EFC13BE47678F96E8497682) (Version: 07/13/2009 3.0.0.1 - Apple Inc.) Windows Driver Package - Apple Inc. Apple Wireless Mouse (11/30/2009 3.0.0.6) (HKLM\...\DE32692B1421420518B0CA8EEDD6DF2A494F279F) (Version: 11/30/2009 3.0.0.6 - Apple Inc.) Windows Driver Package - Apple Inc. Apple Wireless Trackpad (08/24/2010 3.1.0.7) (HKLM\...\CFC3D985EA69596C8BE0A30313010FCC8CE2C70F) (Version: 08/24/2010 3.1.0.7 - Apple Inc.) Windows Driver Package - Apple Inc. System (08/22/2008 2.1.1.1) (HKLM\...\F24CB85E5983448F6319803791DEACED91E6565B) (Version: 08/22/2008 2.1.1.1 - Apple Inc.) Windows Driver Package - Atheros (AR5416) Net (11/18/2009 7.7.0.429) (HKLM\...\059B155261B840AB89EA7581CAFC636EEB1D4364) (Version: 11/18/2009 7.7.0.429 - Atheros) Windows Driver Package - Broadcom (b57w2k) Net (05/29/2009 12.2.0.2) (HKLM\...\E3DBAC6F911B4848B65E4B1B83BEF7CED25B4928) (Version: 05/29/2009 12.2.0.2 - Broadcom) Windows Driver Package - Broadcom (BCM43XX) Net (08/25/2009 5.60.18.9) (HKLM\...\E90BBBBF2BC7869A101909EA920E455DC7354A38) (Version: 08/25/2009 5.60.18.9 - Broadcom) Windows Driver Package - CirrusLogic (HdAudAddService) MEDIA (03/12/2010 1.0.0.30) (HKLM\...\CC44F1D94CD4A86602CBF93E4023E7A7658636FB) (Version: 03/12/2010 1.0.0.30 - CirrusLogic) Windows Driver Package - CirrusLogic (HdAudAddService) MEDIA (04/28/2010 1.0.0.32) (HKLM\...\F7D4BBE83ED347867851C05163103672591D5E3C) (Version: 04/28/2010 1.0.0.32 - CirrusLogic) Windows Driver Package - Intel (E1000) Net (11/07/2007 8.10.1.0) (HKLM\...\627745F8E8BB901B043047C3E308B4A76C1194FE) (Version: 11/07/2007 8.10.1.0 - Intel) Windows Driver Package - Intel (e1express) Net (02/06/2008 9.12.18.0) (HKLM\...\78C67451B87511098A9A0EC86E75B99B12298F5C) (Version: 02/06/2008 9.12.18.0 - Intel) Windows Driver Package - Intel (e1kexpress) Net (07/22/2008 10.3.45.0) (HKLM\...\675AAC36E980D647C94EAFFB2F929F247E711708) (Version: 07/22/2008 10.3.45.0 - Intel) Windows Driver Package - Intel (e1qexpress) Net (08/05/2008 10.3.49.0) (HKLM\...\7BD968405DE73C7E0F8E489DB5A5853A6CCB8D1D) (Version: 08/05/2008 10.3.49.0 - Intel) Windows Driver Package - Intel (e1yexpress) Net (06/13/2008 9.52.9.0) (HKLM\...\A06888013552B918232820F81FDBA706F5CAAD39) (Version: 06/13/2008 9.52.9.0 - Intel) Windows Driver Package - Intel Net (01/08/2008 8.3.9.0) (HKLM\...\2AC97D2605162B73D046D68013D1030CB7CFB87E) (Version: 01/08/2008 8.3.9.0 - Intel) Windows Driver Package - Intel Net (02/06/2008 9.12.17.0) (HKLM\...\B345101E6CC8B2FD9765620B9C7BCD3D7002BE6D) (Version: 02/06/2008 9.12.17.0 - Intel) Windows Driver Package - Intel Net (07/16/2008 9.52.10.0) (HKLM\...\065B919FD23D12E588F6E2BFB21F7836E2F0E704) (Version: 07/16/2008 9.52.10.0 - Intel) Windows Driver Package - Intel Net (07/22/2008 10.3.45.0) (HKLM\...\9747248FCA6A074E791AABC17F527823A8225756) (Version: 07/22/2008 10.3.45.0 - Intel) Windows Driver Package - Intel Net (08/05/2008 10.3.49.0) (HKLM\...\1E934494E1FDB938ED1D9B958D5D5D465A07F06A) (Version: 08/05/2008 10.3.49.0 - Intel) Windows Driver Package - Intel System (07/20/2007 1.2.76.0) (HKLM\...\82BE89CA9B7493FA05D2D4D32B415CF07EA08B47) (Version: 07/20/2007 1.2.76.0 - Intel) Windows Driver Package - Marvell (yukonwxp) Net (03/23/2007 10.12.7.3) (HKLM\...\6AB59209597E0F6B986EC8E976521FDF0A696C9D) (Version: 03/23/2007 10.12.7.3 - Marvell) Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation) Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation) Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation) Windows PowerShell(TM) 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation) WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) WinSCP 4.2.8 (HKLM\...\winscp3_is1) (Version: 4.2.8 - Martin Prikryl) Xmas (HKU\S-1-5-21-1960408961-682003330-839522115-1004\...\{9563BC59-9556-4805-8CD4-886781779D8D}) (Version: 1.3.0 - Pool Plugin corp) Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1960408961-682003330-839522115-1004_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Documents and Settings\Krzysztof\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-1960408961-682003330-839522115-1004_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Documents and Settings\Krzysztof\Local Settings\Application Data\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-1960408961-682003330-839522115-1004_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Documents and Settings\Krzysztof\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CustomCLSID: HKU\S-1-5-21-1960408961-682003330-839522115-1004_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Documents and Settings\Krzysztof\Application Data\GG\ggdrive\ggdrive-menu.dll (GG Network S.A.) ==================== Restore Points ========================= 07-08-2015 18:45:12 System Checkpoint 13-08-2015 16:59:12 System Checkpoint 18-08-2015 07:37:27 System Checkpoint 26-08-2015 07:50:32 System Checkpoint 01-09-2015 15:28:54 System Checkpoint 04-09-2015 08:13:29 System Checkpoint 07-09-2015 19:09:56 System Checkpoint 11-09-2015 16:16:07 System Checkpoint 16-09-2015 15:29:58 System Checkpoint 18-09-2015 19:09:57 System Checkpoint 23-09-2015 16:08:00 System Checkpoint 23-09-2015 21:20:29 Usunięto HP Update. 24-09-2015 13:44:02 Installed Windows Media Format 9 Series Runtime Setup 26-09-2015 20:34:20 Uniblue SpeedUpMyPC installation 26-09-2015 20:35:24 Removed Microsoft Visual Studio Tools for Applications 2.0 - ENU 27-09-2015 10:37:57 Restore Operation 27-09-2015 14:44:12 Installed Windows Media Format 9 Series Runtime Setup 11-10-2015 20:17:13 System Checkpoint 12-10-2015 20:58:23 System Checkpoint 15-10-2015 09:42:27 System Checkpoint 18-10-2015 12:55:28 System Checkpoint 22-10-2015 07:36:22 System Checkpoint 27-10-2015 22:27:25 System Checkpoint 29-10-2015 21:04:43 Removed J2SE Runtime Environment 5.0 Update 12 29-10-2015 21:06:01 Removed J2SE Development Kit 5.0 Update 12 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-02-28 13:00 - 2015-05-26 08:56 - 00001002 ____C C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 69.74.69.107 emvm10.emedia.cv.net 167.206.4.106 stg-uwc.webmail.optimum.net127.94.0.1 client.openvpn.net 127.94.0.2 openvpn-client.vpn.netstellar.com127.0.0.1 dkj.local ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\469fcbcc-315d-4dd5-9804-212abb2e3cb9-1-6.job => C:\Program Files\GoHD\469fcbcc-315d-4dd5-9804-212abb2e3cb9-1-6.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\50278e6d-151b-4cf5-9e8d-31ed23fbc614-1-6.job => C:\Program Files\CinemaPlus-3.2cV26.09\50278e6d-151b-4cf5-9e8d-31ed23fbc614-1-6.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\50278e6d-151b-4cf5-9e8d-31ed23fbc614-10_user.job => C:\Program Files\CinemaPlus-3.2cV26.09\50278e6d-151b-4cf5-9e8d-31ed23fbc614-10.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\50278e6d-151b-4cf5-9e8d-31ed23fbc614-3.job => C:\Program Files\CinemaPlus-3.2cV26.09\50278e6d-151b-4cf5-9e8d-31ed23fbc614-3.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\50278e6d-151b-4cf5-9e8d-31ed23fbc614-5.job => C:\Program Files\CinemaPlus-3.2cV26.09\50278e6d-151b-4cf5-9e8d-31ed23fbc614-5.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\50278e6d-151b-4cf5-9e8d-31ed23fbc614-6.job => C:\Program Files\CinemaPlus-3.2cV26.09\50278e6d-151b-4cf5-9e8d-31ed23fbc614-6.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\50278e6d-151b-4cf5-9e8d-31ed23fbc614-7.job => C:\Program Files\CinemaPlus-3.2cV26.09\50278e6d-151b-4cf5-9e8d-31ed23fbc614-7.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\6d0ac05c-4429-4e4d-bcea-abd79f29b20e-1-6.job => C:\Program Files\CinemaP-1.9cV26.09\6d0ac05c-4429-4e4d-bcea-abd79f29b20e-1-6.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\7ac4ca75-d021-44c5-ba78-4c00550bafe6-1-6.job => C:\Program Files\Object Browser\7ac4ca75-d021-44c5-ba78-4c00550bafe6-1-6.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\7ac4ca75-d021-44c5-ba78-4c00550bafe6-1-7.job => C:\Program Files\Object Browser\7ac4ca75-d021-44c5-ba78-4c00550bafe6-1-7.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\7ac4ca75-d021-44c5-ba78-4c00550bafe6-4.job => C:\Program Files\Object Browser\7ac4ca75-d021-44c5-ba78-4c00550bafe6-4.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\7ac4ca75-d021-44c5-ba78-4c00550bafe6-5.job => C:\Program Files\Object Browser\7ac4ca75-d021-44c5-ba78-4c00550bafe6-5.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\7ac4ca75-d021-44c5-ba78-4c00550bafe6-6.job => C:\Program Files\Object Browser\7ac4ca75-d021-44c5-ba78-4c00550bafe6-6.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\7ac4ca75-d021-44c5-ba78-4c00550bafe6-7.job => C:\Program Files\Object Browser\7ac4ca75-d021-44c5-ba78-4c00550bafe6-7.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\a4573ab7-8417-4109-8219-08f1d1efe114-1-6.job => C:\Program Files\SavePass 1.1\a4573ab7-8417-4109-8219-08f1d1efe114-1-6.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\a4573ab7-8417-4109-8219-08f1d1efe114-1-7.job => C:\Program Files\SavePass 1.1\a4573ab7-8417-4109-8219-08f1d1efe114-1-7.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\a4573ab7-8417-4109-8219-08f1d1efe114-4.job => C:\Program Files\SavePass 1.1\a4573ab7-8417-4109-8219-08f1d1efe114-4.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\a4573ab7-8417-4109-8219-08f1d1efe114-5.job => C:\Program Files\SavePass 1.1\a4573ab7-8417-4109-8219-08f1d1efe114-5.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\Advanced System~Protector.job => C:\Program Files\ASP\AspManager.exe Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe Task: C:\WINDOWS\Tasks\Cukoqje4zpacXzv1vzrLABj8CQG.job => C:\Documents and Settings\Krzysztof\Application Data\Cukoqje4zpacXzv1vzrLABj8CQG.exe Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\globalupdate.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\IaKVQlxEQ3T35j.job => C:\Documents and Settings\Krzysztof\Application Data\IaKVQlxEQ3T35j.exe Task: C:\WINDOWS\Tasks\PKFkn4RDDh2SIS8ZZ.job => C:\Documents and Settings\Krzysztof\Application Data\PKFkn4RDDh2SIS8ZZ.exe Task: C:\WINDOWS\Tasks\SimpleFiles Update Service.job => C:\Program Files\SimpleFilesUpdater\SimpleFilesUpdater.exehxxp:/simple-files.com Task: C:\WINDOWS\Tasks\temp_50278e6d-151b-4cf5-9e8d-31ed23fbc614-10_user.job => C:\Program Files\CinemaPlus-3.2cV26.09\50278e6d-151b-4cf5-9e8d-31ed23fbc614-10.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Xmas.job => C:\WINDOWS\system32\rundll32.exe C:\Documents and Settings\Krzysztof\Local Settings\Application Data\Xmas\xBin\Xmas.dll ==================== Loaded Modules (Whitelisted) ============== 2015-09-26 19:57 - 2015-09-26 19:57 - 00481632 _____ () C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\sqlite.dll 2015-09-26 19:57 - 2015-09-26 19:57 - 00088416 _____ () C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\zlib.dll 2015-09-26 19:57 - 2015-09-26 19:57 - 00100704 _____ () C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\tinyxml.dll 2015-09-26 19:57 - 2015-09-26 19:57 - 00203104 _____ () C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQFileFlt.dll 2015-09-26 19:57 - 2015-09-26 19:57 - 00063840 _____ () C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll 2015-09-26 19:57 - 2015-09-26 19:57 - 00039776 _____ () C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll 2015-09-26 19:57 - 2000-12-31 23:00 - 00019296 _____ () C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\oDayProtect.dll 2015-09-26 19:57 - 2015-09-26 19:57 - 00117088 _____ () C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\TavPedc.dll 2001-07-31 10:17 - 2001-07-31 10:17 - 00094274 _____ () C:\WINDOWS\system32\HPBHealr.dll 2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2010-11-11 19:00 - 2010-11-11 19:00 - 00193848 _____ () C:\WINDOWS\system32\AppleOSSMgr.exe 2009-01-13 11:29 - 2009-01-13 11:29 - 00197408 _____ () C:\WINDOWS\system32\vpnapi.dll 2014-06-05 10:34 - 2014-06-05 10:34 - 00024064 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\capiws.exe 2011-02-26 10:33 - 2011-02-26 10:33 - 00027648 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\servicemanager.pyd 2011-02-27 09:12 - 2011-02-27 09:12 - 00110080 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\pywintypes26.dll 2011-02-26 10:32 - 2011-02-26 10:32 - 00040960 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\win32service.pyd 2011-02-26 10:33 - 2011-02-26 10:33 - 00096768 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\win32api.pyd 2011-02-26 10:32 - 2011-02-26 10:32 - 00017408 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\win32profile.pyd 2010-08-24 17:48 - 2010-08-24 17:48 - 00153088 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\pyexpat.pyd 2010-08-24 17:47 - 2010-08-24 17:47 - 00040448 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\_socket.pyd 2010-08-24 17:48 - 2010-08-24 17:48 - 00720896 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\_ssl.pyd 2011-02-26 10:32 - 2011-02-26 10:32 - 00110080 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\win32security.pyd 2011-02-26 10:34 - 2011-02-26 10:34 - 00354304 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\pythoncom26.dll 2011-02-26 10:38 - 2011-02-26 10:38 - 00265728 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\win32com.shell.shell.pyd 2014-06-05 07:39 - 2014-06-05 07:39 - 00019968 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\zope.interface._zope_interface_coptimizations.pyd 2010-08-24 17:48 - 2010-08-24 17:48 - 00286208 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\_hashlib.pyd 2010-08-24 17:48 - 2010-08-24 17:48 - 00073728 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\_ctypes.pyd 2010-08-24 17:48 - 2010-08-24 17:48 - 00011776 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\select.pyd 2014-06-05 07:39 - 2014-06-05 07:39 - 00010240 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.rand.pyd 2014-06-05 07:39 - 2014-06-05 07:39 - 00061440 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.crypto.pyd 2014-06-05 07:39 - 2014-06-05 07:39 - 00039424 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\OpenSSL.SSL.pyd 2011-02-26 10:32 - 2011-02-26 10:32 - 00035840 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\win32process.pyd 2014-06-05 07:39 - 2014-06-05 07:39 - 00007680 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\twisted.protocols._c_urlarg.pyd 2014-06-05 07:39 - 2014-06-05 07:39 - 00007168 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\pyovpnc.pyd 2011-02-26 10:31 - 2011-02-26 10:31 - 00112128 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\win32file.pyd 2011-02-26 10:31 - 2011-02-26 10:31 - 00017408 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\win32event.pyd 2011-02-26 10:32 - 2011-02-26 10:32 - 00023552 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\win32pipe.pyd 2010-08-24 17:48 - 2010-08-24 17:48 - 00585728 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\unicodedata.pyd 2011-02-26 10:33 - 2011-02-26 10:33 - 00022528 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\win32ts.pyd 2010-08-25 10:23 - 2005-10-07 14:05 - 00125440 _____ () C:\Program Files\WinRAR\rarext.dll 2014-03-28 10:35 - 2014-03-28 10:35 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2014-06-05 10:34 - 2014-06-05 10:34 - 00055296 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\ovpntray.exe 2011-02-26 10:33 - 2011-02-26 10:33 - 00167424 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\win32gui.pyd 2014-06-05 10:33 - 2014-06-05 10:33 - 00005120 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\ovpntray.dll 2014-06-05 07:39 - 2014-06-05 07:39 - 00431616 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\openvpn.exe 2014-06-05 07:35 - 2014-06-05 07:35 - 00089600 _____ () C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\lzo2.dll 2010-08-20 06:49 - 2012-05-25 03:25 - 00921600 ____C () C:\Program Files\Yahoo!\Messenger\yui.dll 2011-12-21 03:36 - 2011-12-21 03:36 - 00033280 ____C () C:\Program Files\CCleaner\lang\lang-1045.dll 2015-10-29 21:07 - 2015-10-29 21:07 - 00032768 _____ () C:\Documents and Settings\Krzysztof\Local Settings\Application Data\Xmas\xBin\Xmas.dll 2015-10-29 21:07 - 2015-10-29 21:07 - 00012288 _____ () C:\Documents and Settings\Krzysztof\Local Settings\Application Data\Xmas\xBin\nykjfyh.dll 2015-10-29 21:06 - 2015-10-29 21:06 - 00172032 _____ () C:\Program Files\SavePass 1.1\ebf2cd08-ec58-499d-be2a-c13dcc616e42.dll 2015-10-29 21:09 - 2015-10-29 21:09 - 00046592 _____ () C:\Documents and Settings\Krzysztof\Local Settings\Application Data\Planetjob.exe 2015-10-25 17:20 - 2015-10-25 17:20 - 00379904 _____ () C:\Program Files\Concom\Concom.exe ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:2CB9631F AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:7FA0D639 AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:CB959782 ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup => ""="Driver Group" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WdfLoadGroup => ""="Driver Group" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-1960408961-682003330-839522115-1004\...\optimum.net -> hxxps://stg-uwc.webmail.optimum.net ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1960408961-682003330-839522115-1004\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Krzysztof\Local Settings\Application Data\Microsoft\Wallpaper1.bmp DNS Servers: 192.168.0.1 Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\WINDOWS\pss\McAfee Security Scan Plus.lnkCommon Startup MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^VPN Client.lnk => C:\WINDOWS\pss\VPN Client.lnkCommon Startup MSCONFIG\startupfolder: C:^Documents and Settings^Krzysztof^Start Menu^Programs^Startup^IMVU.lnk => C:\WINDOWS\pss\IMVU.lnkStartup MSCONFIG\startupfolder: C:^Documents and Settings^Krzysztof^Start Menu^Programs^Startup^Logitech . Rejestracja produktu.lnk => C:\WINDOWS\pss\Logitech . Rejestracja produktu.lnkStartup MSCONFIG\startupfolder: C:^Documents and Settings^Krzysztof^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup MSCONFIG\startupfolder: C:^Documents and Settings^Krzysztof^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\WINDOWS\pss\OpenOffice.org 3.2.lnkStartup MSCONFIG\startupfolder: C:^Documents and Settings^Krzysztof^Start Menu^Programs^Startup^OptimumLink.lnk => C:\WINDOWS\pss\OptimumLink.lnkStartup MSCONFIG\startupfolder: C:^Documents and Settings^Krzysztof^Start Menu^Programs^Startup^OptimumPCtoTV.lnk => C:\WINDOWS\pss\OptimumPCtoTV.lnkStartup MSCONFIG\startupfolder: C:^Documents and Settings^Krzysztof^Start Menu^Programs^Startup^ybcrlnsnniggidoderh.lnk => C:\WINDOWS\pss\ybcrlnsnniggidoderh.lnkStartup MSCONFIG\startupreg: Apple_KbdMgr => C:\Program Files\Boot Camp\Bootcamp.exe MSCONFIG\startupreg: BluetoothAuthenticationAgent => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent MSCONFIG\startupreg: CTFMON.EXE => C:\WINDOWS\system32\ctfmon.exe MSCONFIG\startupreg: EvtMgr6 => MSCONFIG\startupreg: GG => "C:\Documents and Settings\Krzysztof\Local Settings\Application Data\GG\Application\gghub.exe" MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Krzysztof\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: Jing => C:\Program Files\TechSmith\Jing\Jing.exe MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit MSCONFIG\startupreg: nwiz => nwiz.exe /installquiet MSCONFIG\startupreg: ORAHSSSessionManager => "C:\Program Files\Livebox\SessionManager\SessionManager.exe" MSCONFIG\startupreg: QuickTime Task => MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: TP-Link USB Printer Controller => C:\Program Files\TP-LINK\USB Printer Controller\USB Printer Controller.exe -mini ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCmgrInstallGuide.exe] => Enabled:????-???? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCTray.exe] => Enabled:????-???? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCMgr.exe] => Enabled:????-??? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCRTP.exe] => Enabled:????-?????? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QMDL.exe] => Enabled:????-???? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\bugreport.exe] => Enabled:????-crash?? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCFileOpen.exe] => Enabled:????-?????? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCLeakScan.exe] => Enabled:????-???? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPConfig.exe] => Enabled:????-???? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCSoftMgr.exe] => Enabled:????-???? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\plugins\QMNetMon\QQPCNetFlow.exe] => Enabled:????-?????? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCBTU.exe] => Enabled:????-???? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCClinic.exe] => Enabled:????-???? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCLaunch.exe] => Enabled:????-QQPCLaunch DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QMUpdate\QQPCMgrUpdate.exe] => Enabled:????-????? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCSoftGame.exe] => Enabled:????-QQPCSoftGame DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCSysOptimize.exe] => Enabled:????-???? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCUpdateAVLib.exe] => Enabled:????-????? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQRepair.exe] => Enabled:????-??? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\Uninst.exe] => Enabled:????-???? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCPatch.exe] => Enabled:????-QQPCPatch DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\TpkUpdate.exe] => Enabled:????-????????? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QMRouterMgr.exe] => Enabled:????-????? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QMAccountProtection.exe] => Enabled:????-??? DomainProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QMAdBlock.exe] => Enabled:????-???? DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Tencent\QQDownload\130\bugreport_xf.exe] => Enabled:腾讯产品下载组件Crash上报 DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\Tencent\QQDownload\130\Tencentdl.exe] => Enabled:腾讯产品下载组件 StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCmgrInstallGuide.exe] => Enabled:????-???? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCTray.exe] => Enabled:????-???? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCMgr.exe] => Enabled:????-??? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCRTP.exe] => Enabled:????-?????? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QMDL.exe] => Enabled:????-???? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\bugreport.exe] => Enabled:????-crash?? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCFileOpen.exe] => Enabled:????-?????? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCLeakScan.exe] => Enabled:????-???? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPConfig.exe] => Enabled:????-???? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCSoftMgr.exe] => Enabled:????-???? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\plugins\QMNetMon\QQPCNetFlow.exe] => Enabled:????-?????? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCBTU.exe] => Enabled:????-???? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCClinic.exe] => Enabled:????-???? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCLaunch.exe] => Enabled:????-QQPCLaunch StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QMUpdate\QQPCMgrUpdate.exe] => Enabled:????-????? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCSoftGame.exe] => Enabled:????-QQPCSoftGame StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCSysOptimize.exe] => Enabled:????-???? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCUpdateAVLib.exe] => Enabled:????-????? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQRepair.exe] => Enabled:????-??? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\Uninst.exe] => Enabled:????-???? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QQPCPatch.exe] => Enabled:????-QQPCPatch StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\TpkUpdate.exe] => Enabled:????-????????? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QMRouterMgr.exe] => Enabled:????-????? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QMAccountProtection.exe] => Enabled:????-??? StandardProfile\AuthorizedApplications: [C:\Program Files\Tencent\QQPCMgr\10.10.16434.218\QMAdBlock.exe] => Enabled:????-???? StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Tencent\QQDownload\130\bugreport_xf.exe] => Enabled:腾讯产品下载组件Crash上报 StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Tencent\QQDownload\130\Tencentdl.exe] => Enabled:腾讯产品下载组件 StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Krzysztof\My Documents\38new\firefox.exe] => Enabled:Firefox (C:\Documents and Settings\Krzysztof\My Documents\38new) ==================== Faulty Device Manager Devices ============= Name: Cisco Systems VPN Adapter Description: Cisco Systems VPN Adapter Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318} Manufacturer: Cisco Systems Service: CVirtA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (10/29/2015 08:42:45 PM) (Source: MsiInstaller) (EventID: 11706) (User: NETSTELL-POLAND) Description: Produkt: Adobe Reader XI (11.0.08) - Polish -- Błąd 1706.Nie można znaleźć prawidłowego źródła dla produktu Adobe Reader XI (11.0.08) - Polish. Instalator Windows nie może kontynuować.(NULL)(NULL)(NULL)(NULL) Error: (10/29/2015 08:54:53 AM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Unable to open the Server service. Server performance data will not be returned. Error code returned is in data DWORD 0. Error: (10/29/2015 08:19:03 AM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Unable to open the Server service. Server performance data will not be returned. Error code returned is in data DWORD 0. Error: (10/28/2015 11:58:25 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY) Description: Chrome has encountered a fatal error. ver=46.0.2490.80;lang=;guid=3815780FD65D4C79A3A6C46E78A6FF26;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\ec822190-836f-4e36-aa73-14329533c9c9.dmp Error: (10/23/2015 08:08:21 PM) (Source: Application Hang) (EventID: 1001) (User: ) Description: Fault bucket -1295839447. Error: (10/23/2015 07:49:22 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Hanging application YahooMessenger.exe, version 11.5.0.228, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (10/15/2015 05:24:38 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Hanging application YahooMessenger.exe, version 11.5.0.228, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error: (10/13/2015 03:12:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application plugin-container.exe, version 38.0.0.5606, faulting module mozalloc.dll, version 38.0.0.5606, fault address 0x00001aa1. Processing media-specific event for [plugin-container.exe!ws!] Error: (10/13/2015 09:05:20 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY) Description: Chrome has encountered a fatal error. ver=45.0.2454.101;lang=;guid=3815780FD65D4C79A3A6C46E78A6FF26;is_machine=1;oop=1;upload=1;minidump=C:\Program Files\Google\CrashReports\7f4b2051-1db9-4819-8f6d-976c98906140.dmp Error: (10/11/2015 03:45:34 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Unable to open the Server service. Server performance data will not be returned. Error code returned is in data DWORD 0. System errors: ============= Error: (10/29/2015 09:10:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Application Management service terminated with the following error: %%126 Error: (10/29/2015 09:10:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Application Management service terminated with the following error: %%126 Error: (10/29/2015 09:10:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Application Management service terminated with the following error: %%126 Error: (10/29/2015 09:10:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Application Management service terminated with the following error: %%126 Error: (10/29/2015 09:10:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Application Management service terminated with the following error: %%126 Error: (10/29/2015 09:10:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Application Management service terminated with the following error: %%126 Error: (10/29/2015 09:10:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Application Management service terminated with the following error: %%126 Error: (10/29/2015 09:10:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Application Management service terminated with the following error: %%126 Error: (10/29/2015 09:10:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Application Management service terminated with the following error: %%126 Error: (10/29/2015 09:10:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Application Management service terminated with the following error: %%126 ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz Percentage of memory in use: 46% Total physical RAM: 2806.6 MB Available physical RAM: 1509.16 MB Total Virtual: 4694.34 MB Available Virtual: 2976.13 MB ==================== Drives ================================ Drive c: (BOOTCAMP) (Fixed) (Total:31.56 GB) (Free:6.75 GB) NTFS ==>[drive with boot components (Windows XP)] Drive g: (Macintosh HD) (Fixed) (Total:201 GB) (Free:148.65 GB) HFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 0000444D) Partition: GPT. Partition 2: (Not Active) - (Size=201 GB) - (Type=AF) Partition 3: (Active) - (Size=31.6 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================